3Com DUA1750-2BAA01 manual

3Com Switch 8800 Configuration Guide www.3com.com Part No. DUA1750-2BAA01 Published: Decem ber 2005[...]

Copyright © 2005, 3Com Corporation. All rights reserved. No p art of this documentation may be reproduced in any form or by any means or used to make any d erivative work (such as transl ation, transformation, or adapta tion) without written permission from 3Com Corporation. 3Com Corporation reserves the right to re vise this documen tation and to[...]

3 About This Manual Release Notes This manual applies to 3Com Switch 88 00. Related Manuals The related manuals a re l isted in the following table. Manual Content 3Com Switch 8800 Installation Guide It provides information for the system installation, booting, hardware/software maintenanc e & monitoring. 3Com Switch 8800 Command Reference Guid[...]

Switch 8800 Configuration Guide About T his Manual 4 z PoE This module focuse s on p ower over Ethernet (PoE) configuration. z NAT & VPLS This module presents the config urations on NAT and VPLS. z Appendix This appendix offers the acronyms in this man ual. Intended Audience The manual is intended for the following rea ders: z Network engineers[...]

Switch 8800 Configuration Guide About T his Manual 5 Convention Description selected. [ x | y | ... ] * Optional alternative items are grouped i n squ are brackets and separated by vertical bars. Many or none can be selected. # A line starting with the # sign is comments. III. GUI conventions Convention Description < > Button names are inside[...]

Switch 8800 Configuration Guide About T his Manual 6 V. Mouse operation Action Description Select Press and hold the primary mouse button (left mouse button by default). Click Select and release the primary mouse bu tton without moving the pointer. Double-Click Press the primary mouse button twice continuously a nd quickly without moving the pointe[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-1 T able of Content s Chapter 1 Produc t Over vie w ..................................................................................................... ... 1-1 1.1 Product Overview...........................................................................................................[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-2 6.2.4 Setting the Duplex Attri bute of the Ether net Port .................................................... 6-2 6.2.5 Setting Speed on th e Ethernet Port ........................................................................ 6-2 6.2.6 Setting the Cable Type for the Etherne t Port .[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-3 8.4.1 Creating/Deleting a VLAN Protocol Type ................................................................ 8-4 8.4.2 Associating/Dissociating a Port with/from a Protoc ol-Based VLAN ........................ 8-5 8.5 Displayi ng VLAN ....................................................[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-4 Chapter 13 DHCP Configurat ion ................................................................................................ 13 -1 13.1 Introducti on to DH CP ..................................................................................................... 1 3-1 13.1.1 How DHCP W[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-5 15.2 Displaying and Debugging IP Perf orma nce ................................................................... 15-2 15.3 Troubleshooting IP Performance ................................................................................... 15-3 Chapter 16 IP Routing Protocol Ov erview .[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-6 18.4 Typical RIP Config uration Exam ple ............................................................................. 18-12 18.5 Troubleshooting RIP Faul ts ......................................................................................... 18-14 Chapter 19 OSPF Configurat ion ..[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-7 20.1.1 Terms of IS-IS Routing Prot ocol ......................................................................... 20-1 20.1.2 Two-level Structure of IS-IS Routing Protocol .................................................... 20-2 20.1.3 NSAP Structure of IS -IS Routing Pr otocol .......[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-8 21.2.2 Configuring Basic F eatures for BG P Peer .......................................................... 21-5 21.2.3 Configuring application features of a BGP peer (g roup) ..................................... 21-8 21.2.4 Configurin g Route Filtering of a Peer (gr oup) .............[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-9 23.1.3 Application of Multicast ....................................................................................... 23-7 23.2 Implementation of IP Multicast....................................................................................... 23-7 23.2.1 IP Multicas t Addresses ...[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-10 27.2.3 Configur ing the IGMP Version ............................................................................ 27-3 27.2.4 Configuring the Interval to Send IG MP Query Message ..................................... 27-4 27.2.5 Configuring t he Interval and the Number of Querying IGMP[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-11 29.2.11 Configuri ng RP to Filter the Register Messages Sent by DR ........................... 29-7 29.2.12 Limiting the ra nge of legal BSR......................................................................... 29-7 29.2.13 Limiting the range of legal C-RP ..........................[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-12 31.2.6 Configuring MBGP Timer .................................................................................... 31-5 31.2.7 Configuring MBGP Peer (Group) ........................................................................ 31-5 31.2.8 Configurin g MBGP Route Ag gregation .......[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-13 36.4.2 Displaying and De bugging LD P ........................................................................ 36-10 36.5 Typical MPLS Config uration Exam ple ......................................................................... 36-11 36.6 Troubleshooting MPLS Configurat ion ......[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-14 38.2.7 Configuring the Time Pa rameters of a Switch .................................................. 38-19 38.2.8 Setting the Timeout Factor of a Specific Bridge................................................ 38-21 38.2.9 Configuring t he Max Transmission Speed on a Port ...........[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-15 40.2 AAA Confi guration ......................................................................................................... 40-6 40.2.1 Creating/Deleting an ISP Domain ....................................................................... 40-6 40.2.2 Configuring Relevant Attribu[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-16 Chapter 41 VRRP Configurat ion ................................................................................................ 41 -1 41.1 Introducti on to V RRP ..................................................................................................... 4 1-1 41.2 Configur in[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-17 43.3.2 Enabling/Disabl ing FTP Se rver ......................................................................... 43-12 43.3.3 Configuring the FTP Server Authenticati on and Authorization ......................... 43-12 43.3.4 Configurin g the Running Parameters of FTP Server ..........[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-18 46.1.1 Setting a Name for a Swit ch................................................................................ 46-1 46.1.2 Setting the Sy stem Clock .................................................................................... 46-1 46.1.3 Setting the Time Zone .............[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-19 47.5 SNMP Configurat ion Exampl e ....................................................................................... 47-9 Chapter 48 RMON Configurat ion ............................................................................................... 48- 1 48.1 RMON Ov erview ......[...]

3Com Switch 8800 Configurat i on Guide Table of Contents TOC-20 50.2.3 SFTP Client Configurat ion ................................................................................ 50-18 50.2.4 SFTP Configur ation Example............................................................................ 50-22 Chapter 51 PoE Configuration ...................[...]

3Com Switch 8800 Configurati on Guid e Chapter 1 Product Overview 1-1 Chapter 1 Product Overview 1.1 Product Overview The Switch 8800 is a large-capacity , modular ized L2/L3 switch. It is mainly designed for broadband MAN, backbo ne, switching core and converg ence center of large-sized enterprise network and campus netwo rk. It provides diverse s[...]

3Com Switch 8800 Configurati on Guid e Chapter 1 Product Overview 1-2 Features Implementation IP routing Supports static routing Supports Routing Information Protocol (RIP) v1/v2 Supports Open Shortest Path First (OSPF) Supports Border Gateway Protocol (BGP) Supports Intermediate System-to-Intermediate System intra-domain routing informati on excha[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-1 Chapter 2 Logging into Switch 2.1 Setting Up Configurat ion Environment Through the Console Port S t ep 1: As shown in the figure below , to set up the local configuration enviro nment, connect the serial port of a PC (or a te rminal) to th e Console port of the switch with [...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-2 Figure 2-3 Configure the port for connection Figure 2-4 Set communication parameters S tep 3: The switch is po wered on. Display se lf-test information of the switch and prompt you to press Enter to show the comm an d line prompt su ch as <SW8800>. S tep 4: Input a com[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-3 2.2 Setting Up Configuratio n Environment Through T elnet 2.2.1 Connecting a PC to the Switch Through Telnet After you have co rrectly configured IP add re ss of a VLAN interface for a switch vi a Console port (using ip address comma nd in VLAN interface view), and added the[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-4 Figure 2-6 Run T elnet S tep 4: The terminal displays “Login authent ication!” and prompt s the user to input the logon password. Af ter you input the correct password, it display s the command line prompt (such as <SW8800>). If the prompt “All user interface s a[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-5 Telnet C lient PC Telnet Server Figure 2-7 Provide T elnet Client service S tep 1: Confi gure the T elnet user name and password on the T elnet Server through the console port.  Note: By default, the password is requi red for authent icating the Telnet user to log i n the[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-6  Note: By default, the password is required for authent icating the Modem user to log in the switch. If a user logs in via the Modem without password, he will see the prompt “Login password has not been set !.”. <SW8800> system-view System View: return to User V[...]

3Com Switch 8800 Configurati on Gu id e Chapter 2 Logging into S witch 2-7 Figure 2-9 Set the dialed number Figure 2-10 Dial on the remote PC S tep 4: Enter the preset login password on the rem ote terminal emulator and wait for the prompt such as <S W8800>. Then you can co nfigure and manag e the switch. Enter “?” to get the immediate he[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-1 Chapter 3 Command Line Interface 3.1 Command Line Interface The Switch 8800 provide s a series of configuration comm ands and comm and line interfaces for configuring and ma naging the switch. The command line interface ha s the following characte ristics: z Local configura[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-2 z Management level: They are co mmands that influence basis operatio n of the system and system support module, whi ch plays a suppo rt role on service. Commands of this level involve file system com mands, FTP command s, TFTP commands, XModem d ownloading command s, user m[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-3 z Route policy view z Basic ACL vi ew z Advanced ACL view z Layer-2 ACL view z Conform-level view z WRED index view z RADIUS server group view z ISP domain view z MPLS view z VPNv4 sub-address family view z VPN-insta nce sub-add ress family view z Remote-peer v i ew z VSI-L[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-4 Command view Function Prompt Command to enter Command to exit [SW8800- Ethernet2/ 1/1] 100M Ethernet port view Key in interface ethernet 2/1/1 in system view [SW8800- GigabitEth ernet2/1/1 ] GigabitEthernet port view Key in interface gigabitethernet 2/1/1 in system view Por[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-5 Command view Function Prompt Command to enter Command to exit PIM view Configure PIM parameters [SW8800- PIM] Key in pim in system view quit returns to system view return returns to user view MSDP view Configure MSDP parameters [SW8800- msdp] Key in msdp in system view quit[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-6 Command view Function Prompt Command to enter Command to exit Advanced ACL view Define the rule of advanced ACL [SW8800- acl-adv-30 00] Key in acl number 3000 in system view quit returns to system view return returns to user view Layer-2 ACL view Define the rule of layer-2 [...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-7 Command view Function Prompt Command to enter Command to exit VPN-instan ce subaddres s family view Configure VPN instance subaddress family parameters [SW8800- bgp-af-vp n-instance ] Key in ipv4-family vpn-instance vpna in BGP/RIP view quit returns to system view return re[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-8 z Partial help Y ou can get the help information throu gh these onli ne help commands, whi ch are described as follows. 1) Input “?” in any view to get all the comm ands in it and corresp onding de scriptions. <SW8800> ? User view commands: language-mode Specify t[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-9 3.3.2 Displaying Charact eristics of Command Line Command line interface provides the followin g display characteristics: z For users’ convenience, the instruction and help i nformation can be di splayed in both English and Chinese. z For the information to be displ ayed [...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-10 3.3.4 Common Command Line Error Messages All the input commands by users can be co rre ctly executed, if they have passed the grammar check. Othe rwise, error messages will be reported to users. The common error messages are listed in the following t able. Table 3-4 Common[...]

3Com Switch 8800 Configurati on Guid e Chapter 3 Command Line Interface 3-11 <Tab> Press <Tab> after typing the incomplete key word and the system will execute the parti al help: If the key word matching the typed one is unique, the system will rep lace the typed one with the complete key word and displ ay it in a new line; if there is [...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-1 Chapter 4 User Interface Configuration 4.1 User Interface Overview User interface configu ration is another way p rovided by the switch to configure and manage the port data. The Switch 8800 support s the fo llowing configuration methods: z Local configuration via t[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-2 z VTY is numbered after AUX user interface. The absolute number of the first VTY is incremented by 1 than the AUX user interfa ce num be r. II. Relative number The relative number is in the format of “u ser interface ty pe” + “number”. The “n umber” refe[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-3 When the users log in the switch, if a connection i s activated, the login header will be displayed. Af ter the user succes sfully l ogs in the switch, the shell header will be displayed. Perform the following configuration in sy stem view . Table 4-2 Configure the [...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-4 By default, the flow control on an a synchronous port is none, that is, no flow control will be performed. III. Configuring parity Table 4-5 Configure parity Operation Command Configure parity mode parity { eve n | mark | none | odd | space } Restore the default par[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-5 After the terminal se rvice is disabled on a user interface, you cannot log in to the switch through the user interface. Howeve r , the user logged in through the user interface before disabling the terminal service ca n continue his operatio n. After such u ser log[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-6 IV. Setting the screen length If a command displays more than on e screen of information, you can use the followin g command to set how many lines to be displayed in a screen, so th at the information can be separate d in dif ferent screens and you can view it more [...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-7 By default, terminal authentication is n ot req u ired for local users log in via the Console port. However , password authentication is requi red for local users and remote Mode m users log in via the AUX port, and T elnet users log in through Ethernet port. 1) Per[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-8  Note: By default, password is required to be set for authe nticating local users an d remote Modem users log in via the AUX port, and Telnet user s log in through Ethernet port. If no password has been set, the following prom pt will be displayed “Login passwo[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-9  Note: When a user logs in the switch, the comm and level that it can access depends on two points. One is the command level that the us er itself can access, the other is the set command level of this user interface. If the two levels are different, the former w[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-10 4.2.6 Configuring Modem Attributes When logging in the switch via the Modem, you ca n use the following comm ands to configure these paramete rs. Perform the following configuration in AUX user interface view . Table 4-19 Configure Modem attributes Operation Comman[...]

3Com Switch 8800 Configurati on Guide C hapter 4 User Interface Conf igurati on 4-11 Table 4-21 Configure to automatically run the comm and Operation Command Configure to automatically run th e command auto-execute command text Configure not to automatically run the command undo auto-execute command Note the following points: z After executing this[...]

3Com Switch 8800 Configurati on Guide Chapt er 5 Management Interf ace Configuration 5-1 Chapter 5 Management Interface Configuration 5.1 Management Interface Overview The Switch 8800 provides a 10/100Base-TX management interface on the Fab ric. The management interface can con nect a background PC for sof tware loadin g and system debugging, or a [...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-1 Chapter 6 Ethernet Port Configuration 6.1 Ethernet Port Overview The Switch 8800 provides conventional Ethernet port s, fast Ethern et port s, 1000 Mbp s Ethernet port s and 10 Gb ps Ethernet po rt s. T he configurations of these Ethernet port s are basically the same[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-2 6.2.2 Enabling/Disabli ng an Ethernet Port After configuring the related p arameters and p rotocol of the port, you can use undo shut down command to enable the port. If you do not want a po rt to forward data any more, use shut down command to di sa ble it. Perform t[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-3 Note that, 10/100 Mbps electrical Ethernet port can operate in full-duplex, half-duplex or auto-negotiation mode. The1 0/100/1000 Mbp s electrical Ethernet port can operate in full duplex, half duplex or auto-negotiati on mode. When the po rt operates at 1000 Mbps or [...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-4 Operation Command Restore the default type of the cable connected to the Ethernet port undo mdi Note that, the settings only t ake ef fect on 10/100 Mbps and 10/100/1000 Mbp s electrical port s. By default, the cable type is auto (auto-recognized). That is, t he syste[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-5 Note that, the values can be consecutive, but the ef fective values are discrete. The effective fram e length for the FE port is 1552. The effe ctive frame length for the GE port and 10 GE port is 1552, 9022, 9192 and 10240. Y ou can execute the display interface comm[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-6 6.2.11 Setting the Link Type for the Ethernet Port Ethernet port can operate in three dif ferent link types, access, hybrid, and trunk types. The access port carries on e VLAN only , used for connecting to the user’s computer . The trunk port can belong to more than[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-7 Operation Command Add the current trunk port to specified VLANs port trunk permit v lan { vlan_id_list | all } Remove the curre nt access port from to a specified VLAN undo port access v lan Remove the current hybri d port from to specified VLANs undo port hybrid vlan[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-8 By default, the VLAN of hybrid port and trunk po rt is VLAN 1 and that of the acce ss port is the VLAN to which it belongs 6.2.14 Setting the VLAN VPN Feature VLAN T ag consists of 12 bits (defined by IEEE802.1Q), so Ethern et Switches can support up to 4k VLANs. In n[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-9 Path cost Link attributes(point-to-point or not) Port mCheck Max transmission speed Enable/disable root protecti on Enable/disable loop p rote ction Edge or non-edge port Reset ARP or not Define/apply flow template T raf fic reshaping T raf fic redirection Packet filt[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-10 Table 6-16 Copy port configuration to other ports Operation Command Copy port configuration to other port s copy configuration source { interface - type interface - number | interface - name | aggregation-group agg - id } destin ation { interface_list [ aggregation-g[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-11 6.3 Displaying and Debugging Ethernet Port After the above configurati on, execute display command in any view to displ ay the running of the Ethernet port configuration , and to verify the ef fect of the configuration. Execute reset command in user view to clear the[...]

3Com Switch 8800 Configurati on Guide C hapter 6 Ethernet Port Configurati on 6-12 II. Network diagram Switch A Swi tc h B Figure 6-1 Network diagram for Ether net port configuration III. Configuration procedure The following configuration s are used for Sw itch A. Please configure Switch B in the similar way . Enter the Ethernet port view of Gigab[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-1 Chapter 7 Link Aggregation Configuration 7.1 Overview 7.1.1 Introduction to Link Aggregation Link aggregation means aggregating several ports tog ether to implement the outgoing/incoming p ayload balance among the member port s and enhance the connection reliabilit[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-2 operation key . The mana g ement key of an LACP-enabled dyn ami c aggregation port is 0 by default. The management key of an LACP -enabled st atic aggregation po rt is the same as the aggregation g roup ID. In a dynamic aggregation group, the member port s must hav[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-3 z The system sets to inactive state the active port connecting to the different peer devices, or the port connecting to the same peer device but locating in the different aggregation group. z The system sets to inactive state t he ports which cannot be aggregated w[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-4 protocol types in determining if to use IP or MAC addresses. The packet with 0800 ETYPE Ethernet field is IP p acket. In general, the system onl y provides limited resources. The system will always allocate hardware aggregation re sources to the load balancing aggr[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-5 7.2 Link Aggregat ion Configuration The following sections descri be link aggregation t asks: z Enabling/Disabling LACP at Port z Creating/Deleting an Aggregation Grou p z Adding/Deleting an Ethernet Port into/from an Aggre gation G roup z Setting/Deleting Aggregat[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-6 z You cannot enable LACP at the mirrori ng port, the port with static MAC ad dress configured, and the port with static AR P configured, port with 802.1 x enabled. z You are inhibited to enable LACP at t he port in a manual aggre gati on group. z You can add a port[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-7 Table 7-3 Add/delete an Ethernet port into/from an aggregation grou p Operation Command Add an Ethernet port into the aggregation group (Ethernet port view) port link-aggregation group agg - id Delete an Ethernet port from the aggregation port (Ethernet port view) [...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-8  Note: If you save the current configuration using the sav e command, the static and dynamic LACP agg regation group s and their descripti on stri ngs remains on the system af ter rebooting, but not the dynamic LACP aggregat ion gro up s, or their description st[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-9 7.3 Displaying and Debug ging Link Aggregation After the above configurati on, execute the display command in any view to display the running of the link aggregati on configuration, and to ve rify the ef fect of the configuration. In user view , execute the reset c[...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-10 7.4 Link Aggregation Configuration Example I. Network requirements Switch A connect s switch B with three a ggregation ports, numbered as Ethernet2/ 1/1 to Ethernet2/1/3, so that incoming/outgoin g load can be balanced a mong the member ports. II. Network diagram [...]

3Com Switch 8800 Configurati on Guide Chapt er 7 Link Aggregation C onfiguration 7-11 Enable LACP on Ethernet port s Et hernet2/1/1 to Ethernet2/1/3. [SW8800] interface ethernet2/1/1 [SW8800-Ethernet2/1/1] lacp enable [SW8800-Ethernet1/1/1] interface ethernet2/1/2 [SW8800-Ethernet2/1/2] lacp enable [SW8800-Ethernet2/1/2] interface ethernet2/1/3 [SW[...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-1 Chapter 8 VLAN Configuration 8.1 VLAN Overview Virtual local a rea net work (VLAN) g rou p s t he devices in a LAN logically , not physically , into segments to form virt ual workgrou ps. IEEE issued the IEEE 802.1Q in 1999 to standa rdi ze the VLAN implement ation s. The VLAN [...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-2 Table 8-1 Create/Delete a VLAN Operation Command Create a VLAN and enter the VLAN view vlan vlan _ id Delete a specified VLAN undo vlan { vlan _ id [ to vlan _ id ] | all } Note that the default VLAN, namely VLAN 1, cannot be deleted. 8.2.2 Specif ying a Description Character S[...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-3 8.2.4 Shutting down/B ringing up a VLAN Interface Y ou can use the following commands to shut do wn/bring up a VLAN interfa ce. Perform the following configuration in VLAN interface view . Table 8-4 Shut down/bring up a VLAN interface Operation Command Shut down a VLAN interfac[...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-4 8.4 Configuring Protocol-Based VLAN The following sections descri be the pr otocol-based VLAN configuration t asks: z Creating/Deleting a VLAN Protocol Type z Associating/Dissociating a Port with/from a Protocol-Base d VLAN 8.4.1 Creating/Deleting a VLAN Protocol Type Y ou can [...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-5  Note: z The port to be associated with a protocol -based VLAN must be of Hybrid type and in this VLAN. z The same protocol can be configured in the different VLANs, but can not be configured repeatedly in the same VLAN. z A port cannot be associated with different VLANs wit[...]

3Com Switch 8800 Configurati on Guid e Chapter 8 VLAN Configuration 8-6 8.6 VLAN Configuration Example I. Network requirements z Create VLAN2 and VLAN3. z Add Ethernet3/1/1 and Ethernet4/1/1 to VLAN2. z Add Ethernet3/1/2 and Ethernet4/1/2 to VLAN3. II. Network diagram VLAN 3 Switch E3/1/2 E4 /1 /1 VLAN 2 E4/1/2 E3 /1 /1 Figure 8-1 Network diagram f[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-1 Chapter 9 GARP/GVRP Configuration 9.1 Configuring GARP 9.1.1 GARP Overview Generic attribute regi stration protocol (GARP) of fers a mechanism that is used by the members in the same switching network to distrib ute, propa gate and register such information as VLAN and mul[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-2  Note: z The value of GARP timer will be used in all the GARP application s, including GVRP and GMRP, running in one switched netwo rk. z In one switched network, the GARP timers on all the switching devices should be set to the same value. Otherwise, GARP application c[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-3 Note that, the value of Join timer should be no less than the doubled value of Hold timer , and the value of Leave timer should be greater than the double d value of Join timer and smaller than the Leaveall timer value. Beside s, you must set the value of the Join timer in[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-4 GVRP-supporting switche s can receive VLAN registratio n information from other switches and dynamically update the local VL AN registration inform ation including the active members and through which p ort t hose members can be reached. All the GVRP-supporting switches ca[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-5 Table 9-3 Enable/disable global GV RP Operation Command Enable global GVRP gvrp Disable global GVRP undo gvrp By default, global GVRP is disabled. 9.2.3 Enabling/Di sabling Port GVRP Y ou can use the following command to enable/disa ble the GVRP on a port. Perform the foll[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-6 Table 9-5 Set the GVRP registration type Operation Command Set GVRP registration type gvrp registration { normal | fixed | forbidden } Restore the default GVRP registration type undo gvrp registration By default, GVRP regi strat ion type is normal . 9.2.5 Displaying and De[...]

3Com Switch 8800 Configurati on Guide Chapter 9 GARP/GVRP Con figuration 9-7 III. Configuration procedure Configure Switch A: Enable GVRP globally . [SW8800] gvrp Set Ethernet3/1/1 as a T runk port and allo ws all the VLANs to p a ss through. [SW8800] interface ethernet3/1/1 [SW8800-Ethernet3/1/1] port link-type trunk [SW8800-Ethernet3/1/1] port tr[...]

3Com Switch 8800 Configurati on Guide Chapter 10 Super VLAN Conf iguration 10-1 Chapter 10 Super VLAN Configuration 10.1 Super VLAN Overview Super VLAN is also called VLAN aggregation: A s uper VLAN cont ains multiple sub VLANs . A super VLAN can be configured with an IP address of the virtual port, while a sub VLAN cannot be configured with the IP[...]

3Com Switch 8800 Configurati on Guide Chapter 10 Super VLAN Conf iguration 10-2 Number Item Command Description 2 Enter VLAN view [SW8800] vla n vlan _ id Required 3 Set the VLAN type to super VLAN [SW8800-vlan4093] supervlan Required. The VLAN_ID is the configured VLAN ID in the range 1 to 4,094. 4 Create a sub VLAN and enter sub VLAN view [SW8800[...]

3Com Switch 8800 Configurati on Guide Chapter 10 Super VLAN Conf iguration 10-3 10.2.2 Super VLAN C onfiguration Example I. Network requirements Super VLAN 10 and sub VLANs including VLAN 2, VLAN 3 and VLA N 5 need configuring. VLAN2 cont ains port 1 and 2; VLAN3 cont ains port 3 and 4; VLAN5 contain s port 5 and 6. The se sub VLANs are is olated a[...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-1 Chapter 11 IP Address Configuration 11.1 Introduction to IP Address 11.1.1 IP Address Classi fication and Represent ation An IP address is a 32-bit add ress allocated to a device that accesses the Internet. It consists of two field s: net-id field and host-id field. IP [...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-2 Table 11-1 IP address cl asses and ra nge s Network class Addr ess range IP network range available Note A 0.0.0.0 to 127.255.2 55.255 1.0.0.0 to 126.0.0.0 Host ID with all the digits bei ng 0 indicates that the IP address is the network address, and is used for network[...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-3 Network class Addr ess range IP network range available Note D 224.0.0.0 to 239.255.2 55.255 None Addresses o f class D are mult icast addresses, among whi ch: z IP address 224.0.0.0 is reserve d and will not be allocated. Those from 224.0.0.1 to 224.0.0.255 are reserve[...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-4 138.38.160.0, 138.38.192. 0 and 13 8.38.224.0 (Refer to the foll owing figure). Each subnet can cont ain m ore than 8000 ho st s. 10001010, 00100110, 000 00000, 00000000 ClassB 138.38.0.0 Subnet mas k 255.255.224.0 11111111, 11111111, 111 00000, 00000000 11111111, 11111[...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-5 11.2.2 Configuring the IP Address of the VLAN I nterface Y ou can configure an IP address for every VLAN interface of the swi tch. Generally , it is enough to configure one IP address for an inte rface. Y ou can also configure ten IP addresses for an interface at most, [...]

3Com Switch 8800 Configurati on Guide Chapter 11 IP Address Configurati on 11-6 II. Network diagram Console cable Switch PC Console cable Switch PC Figure 11-3 Network diag ram for IP ad dre ss configuration III. Configuration procedure Enter VLAN interface 1. [SW8800] interface vlan-interface 1 Configure the IP address for VLAN interface 1. [SW880[...]

3Com Switch 8800 Configurati on Gu id e Chapter 12 ARP Configuration 12-1 Chapter 12 ARP Configuration 12.1 Introduction to ARP Address Resolution Protocol (ARP) is used to resolve an IP address into a MAC address. I. Necessity of ARP An IP addre ss cannot be directly use d for communication bet ween network devices because network devi ces can onl[...]

3Com Switch 8800 Configurati on Gu id e Chapter 12 ARP Configuration 12-2 correspondi ng MAC address of Host B and adds them to it s own ARP mapping t able. Then Host A sends Host B all the p ackets st anding in the queue. Normally , dynamic ARP takes ef fect and autom atically searche s for the resolution from the IP addre s s to the Ethernet MAC [...]

3Com Switch 8800 Configurati on Gu id e Chapter 12 ARP Configuration 12-3 12.2.2 Configuring the Dynamic ARP Aging Timer For purpose of flexible conf iguration, the system provi des the following comm ands to assign dynamic ARP aging period. Wh en the system learns a dynamic ARP entry , its aging period is based o n the current value configured. Pe[...]

3Com Switch 8800 Configurati on Gu id e Chapter 12 ARP Configuration 12-4 12.3 Displaying and Debugging ARP After the above configurati on, execute the display command in any view to display the running of the ARP config uration, and to ve rify the ef fect of the configuration. Execute the reset comm and in user view to clear ARP mapping t able. Ex[...]

3Com Switch 8800 Configurati on Gu id e Chapter 12 ARP Configuration 12-5 Table 12-5 Enable/Disab le the scheme of pr eventing attack from packets Operation Command Enable/Disable the schem e of preventing attack from packets anti-attack { arp | dot1x | ip }{ disable | enable } By default, the scheme of preventing attack fr om IP packet s is enable[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-1 Chapter 13 DHCP Configuration 13.1 Introduction to DHCP 13.1.1 How DHCP W orks This is a world where networks are ever-growing in both size and com plexity , and the network configuration is getting more and mo re complex. As is often the case, the number of host s in a netw[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-2 z Automatic IP address assignment. The DHCP server automatically assigns fixed IP addresses to DHCP clients when they c onnect to the network for the first time. After that, the IP addresses are always occupied by the DHCP clients. z Dynamic IP address assignment. The DHCP s[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-3 z Selection. The DHCP client only receives the first arriving DHCP_ Offer packet if there are DHCP_Offer packets from several DHCP servers. Then, it retrieves the IP address carried in the packet, and bro adcast s a DHCP_Request packet to each DHCP server. The packet c ontai[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-4 13.2.1 Enabling/Di sabling DHCP Service For both DHCP serve r and DHCP relay , you must enable the DHCP service first before performing other DHCP configurations. The ot her related DHCP configurations take effect only af ter the DHCP service is enabled. Perform the followin[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-5 Table 13-3 Configure the pro cessing method for multiple VLAN i nterfaces Operation Command Specify to forward DHCP packets to local DHCP server and let the local server assign IP addresse s in global address pool s to DHCP cli ents dhcp select global { interface vlan-interf[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-6 13.3 Configuring DHCP Server The following sections descri be the DHCP server configuration ta sks: z Creating a Global DHCP IP Address Pool z Configuring IP Address Assignment Mo de z Forbidding Specified IP Addresses to Be Automatical ly Assigned z Configuring Lease Time F[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-7 So, you can configure the p arameters (such as d omain name) that are com mon to all levels in the address pool structure or some subnet s only for the network segment or for corresponding subnet s. The display dhcp serv er tree command displ ays the tree-li ke structure of [...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-8 Perform the following configurati on in DHCP address pool view . Table 13-6 Configure sta t ic add ress binding for a gl obal DHCP address pool Operation Command Configure an IP address to be statically bound static-bind ip-address ip - address [ mask netmask ] Free a static[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-9 Caution: A binding in a VLAN interfa ce address pool cann ot be overwritten directly. If an IP-to-MAC address binding entry is configured and you wa nt to modify it, you must remove it and redefine a new one. III. Configuring dynamic IP address assignment If you specify to a[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-10 Y ou can set multiple IP addre ss ranges t hat are not assigned automaticall y by executing the dhcp server forbidden-ip command m ultiple times. 13.3.4 Configuring Lease Ti me For DHCP Address Pool Y ou can configure dif ferent lease times for dif ferent DHCP address pools[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-11 Operation Command Restore the lease time of DHCP add ress pools of multiple VLAN interfaces to the default value undo dhcp server expired { interface vlan-interface vlan _ id [ to vlan-interface vlan _ id ] | all } The default lease times for global addres s pool s and VLAN[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-12 Table 13-15 Configure a DHCP client domai n nam e for multiple VL AN inter faces Operation Command Configure a DHCP client domain name for DHCP address pools of multiple VLAN interfaces dhcp server domain-name domain - name { interface vlan-interface vlan _ id [ to vlan-int[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-13 Table 13-17 Configure DNS server address for current VLAN interface Operation Command Configure one or more DNS serve r addresses for the DHCP address pool o f the current VLAN interface dhcp server dns-list ip - addre ss [ ip - address ] Remove one or all DNS se rver addre[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-14 Table 13-19 Configure NetBIOS server address for a global DHCP address pool Operation Command Configure one or more NetBIOS server addresses for a global DHCP address p ool nbns-list ip - address [ ip - address ] Remove one or all NetBIOS server addresse s configured for a [...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-15 13.3.8 Configuring NetBIOS Node T ype for DHCP Client s For DHCP clients co mmunicating in wi de area network (W AN) by NetBIOS protocol, the mapping between their host nam es an d IP addresses must be est ablished. According to the ways they establish their mappi ngs, NetB[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-16 Table 13-24 Configure a NetBIOS node type for multiple VLAN interfa ce s Operation Command Configure NetBIOS node types for DHCP clients of multiple VLAN interface DHCP address pool s dhcp server netbios-ty p e { b-node | h-node | m-node | p-node } { interface vlan-interfac[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-17 III. Configuring custom DHCP options for multiple VLAN interfaces Perform the following configuration in sy stem view . Table 13-27 Configure custom DHCP options fo r mul tiple VLAN interfaces Operation Command Configure a custom DHCP option for DHCP address pool s of multi[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-18 the DHCP server re ceives no response af te r sending all these packet s, it considers the IP address is not used by other devices i n this network and assigns the IP address to this DHCP cli ent. Otherwise, it does not assign the IP add re ss. Perform the following configu[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-19 Operation Command Display the information about IP address binding in DHCP address pool(s) display dhcp server ip-in-use { ip ip - address | pool [ pool - name ] | interface [ vlan-interface vlan _ id ] | all } Display the statistics about the DHCP server display dhcp serve[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-20 DHCP se rver , is supposed to assign IP addr esse s to the two DHCP clients without the help of any DHCP Relay . II. Network diagram E ther net DHC P cl i e n t DHC P c l i e n t 10.110.0.0 10.110. 1.1 E ther net DHC P cl i e n t DHC P c l i e n t 10.110.0.0 10.110. 1.1 Sw [...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-21 13.4 Configuring DHCP Relay 13.4.1 Introduction to DHCP Relay This is a world where networks are ever-growing in both size and com plexity , and the network configuration is getting more and mo re complex. As is often the case, the number of host s in a netwo rk exceeds tha[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-22 z After receiving the packet, the DHCP serv er generates configuration informatio n accordingly and sends it to the DHCP cli ent through the DHCP Rel ay to complete the dynamic configuration of the DHCP client. Note that the entire configuration p ro ce d ure may goes throu[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-23 Table 13-34 Configure user addre ss entries for DHCP server Operation Command Add a user address entry for DHCP server dhcp relay security ip_address mac_addres s static Remove a user addre ss entry for DHCP server undo dhcp relay security ip_add ress III. Enable/Disable DH[...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-24 Operation Co mmand Disable debugging for DHCP Relay undo debugging dhcp relay { all | packet | error | event } 13.4.4 DHCP Relay C onfiguration Example I. Network requirements As shown in Figure 13-4, two DHCP client s loca ted at the same network segment (10.1 10.0.0) are [...]

3Com Switch 8800 Configurati on Guid e Chapter 13 DHCP Configur ation 13-25 [SW8800-Vlan-interface2]ip relay address 202.38.1.2  Note: Besides the above configurations for DHCP Relay, you need to con figure address pool on the DHCP server and make sure the DHCP server and the switch inter face connecting the two DHCP client s is routing reachabl[...]

3Com Switch 8800 Configurati on Gu id e Chapter 14 DNS Configuration 14-1 Chapter 14 DNS Configuration 14.1 Introduction to DNS Used in the TCP/IP applica tion, Domain Na me System (DNS) is a distri buted databa se which provides the translation between domain na me and the IP addre ss. In this way , the user can use domain name s that are easy to [...]

3Com Switch 8800 Configurati on Gu id e Chapter 14 DNS Configuration 14-2 “3Com”. Then the system con nects the i nput do main name with the suf fix into “3Com.com” automatically to search. When t he domai n name suffix is used, if the input domain name does not include “.”, like “3Co m” , the system regards it as a host name and ad[...]

3Com Switch 8800 Configurati on Gu id e Chapter 14 DNS Configuration 14-3 this function when you do not want to perform dynamic dom ain name resolution sometimes. Perform the following configuration in sy stem view . Table 14-2 Enable/disa bl e dynamic domain name re solution Operation Co mmand Enable dynamic domain n ame re solution dns resolve Di[...]

3Com Switch 8800 Configurati on Gu id e Chapter 14 DNS Configuration 14-4 14.4 Displaying and Debugging Domain Name Resolution After the abov e configurat ion, you can execute the display command in any view to view the running st ates of the domain nam e resol ution, and verify the configuration result s throu gh the displayed informatio n. Execut[...]

3Com Switch 8800 Configurati on Gu id e Chapter 14 DNS Configuration 14-5 III. Configuraiton procedure Enable dynamic domain name re sol ution [SW8800] dns resolve Configure the IP address of the domain name server to 172.16.1.1. [SW8800] dns server 172.16.1.1 Configure the domain name suf fix as com. [SW8800] dns domain com Ping a host with the sp[...]

3Com Switch 8800 Configurati on Guide C hapter 15 IP Performance C onfig uration 15-1 Chapter 15 IP Performance Configuration 15.1 Configuring IP Performance IP performa n ce configuration includes: z Configuring TCP Attributes 15.1.1 Configuri ng TCP Attributes TCP attribute s that can be config ured include: z synwait timer: When sending the syn [...]

3Com Switch 8800 Configurati on Guide C hapter 15 IP Performance C onfig uration 15-2 15.2 Displaying and Debugging IP Performance After the above configurati on, execute the display command in any view to display the running of the IP performance configuration, and to verify the ef fect o f the configuration. Execute the reset command in use r vie[...]

3Com Switch 8800 Configurati on Guide C hapter 15 IP Performance C onfig uration 15-3 Operation Command Enable the debugging of UDP connectio ns debugging udp packet [ task - id socket - id ] Disable the debugging of UDP connectio ns undo debugging udp packet [ task - id socket - id ] Enable the debugging of TCP connectio ns debugging tcp packet [ [...]

3Com Switch 8800 Configurati on Guide C hapter 15 IP Performance C onfig uration 15-4 z Use the debugging tcp packet co mmand to enable the TCP debu gging to trace the TCP packets. Operations include: <SW8800> terminal debugging <SW8800> debugging tcp packet Then the TCP packet s received or sent can be checked in real time. S pecific p[...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-1 Chapter 16 IP Routing Protocol Overview  Note: A router that is referred to in the followin g or its icon represents a gene ralized ro uter or a Switch 8800 running routi ng protocols. To improve r eadability, this will not be described in the other parts of the [...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-2 A Route segment B C A R R Route segment R R R A Figure 16-1 The concept of route segm ent As the networks may have different sizes, the segm ent lengths connected between two different p airs of routers a re also dif fer ent. The number of route segment s multiplies[...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-3 with the mask 255.255.0.0 is located will be 129.102.0.0. It is made up of several consecutive "1"s, which ca n also b e expressed in the dotted decimal format. z Output interface: It indicates an interf ace throug h which an IP packet should be forwarded.[...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-4 The Switch 8800 support s the configuration of a series of dynamic routing prot ocols such as RIP , OSPF , IS-IS and BGP , as well as the static routes. In addition, the running switch will automatically obt ain som e direct routes accordi ng to the port st ate and [...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-5 Routing protocol or route type The preferen ce of th e corresponding route UNKNOWN 255 Apart from direct routing, IBGP and EBGP , the preferences of various dynamic routin g protocols can be man ually configured to meet the us er requirement s. In addition, the pref[...]

3Com Switch 8800 Configurati on Guide C hapter 16 IP Routing Protocol Overview 16-6 16.2.3 Routes Shared Be tween Routing Protocols As the algorithms of various routing protoc ol s are dif ferent, dif ferent protocols may generate dif ferent routes, thus bringing about the pro blem of how to resolve the differen ces when dif ferent routes are gener[...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-1 Chapter 17 Static Route Configuration 17.1 Introduction to Static Route 17.1.1 Static Route A st atic route is a special route configure d manually by an administrator . Y ou can set up an interconnecting netwo rk with the static route configuration. The problem for [...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-2 there is no default route and the destination address of the p acket fails in matching any entry in the routing table, this p acket w ill be discarded, and an internet control message protocol (ICMP) pa cket will be sent to the orig inating host to inform that the de[...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-3 The packet s sent to NULL interfa ce, a kind of virtual interface, will be discarded at once . This can decrease the system load. z Preference Depending on the configuratio n of prefer ence, you can achieve dif ferent route management policies. For example, to implem[...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-4 17.3 Displaying and De bugging Static Route After the above configurati on, execute the display command in any view to display the running of the static route c onfigu ration, and to verify the effect of the config uratio n. Table 17-4 Display and debug the routi ng [...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-5 II. Network diagram Host 1. 1.5. 1 1.1.5. 2/2 4 1.1.2. 2/ 2 4 1.1.2. 1/2 4 1.1.1. 2/ 2 4 Host 1. 1.1. 1 Host 1. 1.4. 2 1.1.3. 1/ 2 4 1.1.3. 2/ 2 4 1.1.4. 1/2 4 Sw i tc h A Sw i tch B Sw i tch C A C B Host 1. 1.5. 1 1.1.5. 2/2 4 1.1.2. 2/ 2 4 1.1.2. 1/2 4 1.1.1. 2/ 2 [...]

3Com Switch 8800 Configurati on Guide C hapter 17 Static Route Configurati on 17-6 17.5 Troubleshooting Static Route Faults Symptom : The switch is not configured with the dynamic routing protocol and both the physical status an d the link layer protocol st atus of the interfac e is UP , but the IP p ackets cannot be forwarded normally . Solution :[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-1 Chapter 18 RIP Configuration 18.1 Introduction to RIP Routing Information Protocol (RIP) is a relative ly simple interior gateway protocol (IGP), which is mainly applied to small scale networks. It is easy to implement RIP . Y ou can configure and maint ain RIP more easily th[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-2 z Period update is triggered peri odically to send all RIP routes to all neighb ors. z If the RIP route is not updated (a router receives t he update packets from the neighbor) when the Timeout timer expires, this route is regarded as unreach able. The cost is set to 16. z If[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-3 If the link, which does not support broadc ast or multicast packet s, runs RIP , you need to configure RIP to send any p acket to the specified destination , establi shing RIP neighbors correctly . In NBMA link networking through a F rame Relay sub-interface and othe rs, to e[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-4 Table 18-2 Enable RIP Interface Operation Command Enable RIP on the specified network network netwo rk - address Disable RIP on the specified network undo network network - address Note that after the RIP task is enabled, y ou should also specify it s operating network segmen[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-5 Table 18-4 Configure Split Hori zon Operation Command Enable split horizon rip split-horizon Disable split horizon undo rip split-horizon By default, split horizon of the interface is enabled. 18.2.5 Setting Additional Routing Metric Additional routing metric is the input or [...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-6 Perform the following configuration in RI P view . Table 18-6 Configure RI P to import routes of other protocols Operation Command Configure RIP to import routes of other protocols import-route protocol [ cost value | route-policy route - policy - name ]* Cancel the imported [...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-7 II. Configuring RIP to filter the routes advertised by RIP Table 18-8 Configure RI P to filter the advertised ro utes Operation Command Configure RIP to filter the advertised routing information filter-policy { acl - number | ip-prefix ip - prefix - name } export [ routing - [...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-8 18.2.9 Enabling RIP-2 R oute Aggregation Function The so-called route aggre gation means that di f ferent subnet routes in the same natural network can be aggregated into o ne natural mask rou te for transmission when they are sent to the outside (i.e. other network). Route a[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-9 broadcast packet s. In additi on, this mode can also make th e host s running RIP-1 avoid incorrectly receiving and p rocessing the rout e s with subnet mask in RIP-2. Wh en an interface is running in RIP-2 bro ad cast mode, the RIP-1 p a ckets can also be received. Perform t[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-10 always become un reachable at the point whe n a new pe riod st arts, the a ctual value of Garbage-collection timer is three to f our times that of Period Updat e timer .  Note: You must consider network pe rformance wh en adju sting RIP timers, and configure all the route[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-11 Operation Command Enable the interface to send RIP update packet rip output Disable the interface to send RIP update packet undo rip output The undo rip work command and the undo network command hav e similar but not all the same functions. Neither of the two commands config[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-12 18.3 Displaying and Debugging RIP After the above configurati on, execute the display command in any view to display the running of the RIP configuration, and to veri fy the ef fect of the configuration. Execute the debuggi ng command in user vie w to debug the RIP module. E[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-13 II. Network diagram Ethernet 110.11.2.2/24 Network address: 117.102.0.0/16 Network address: 196.38.165.0/24 Interface address: 110.11.2.1/24 Interface address: 117.102.0.1/16 Interface address: 155.10.1.1/24 Network address: 155.10.1.0/24 Interface address: 196.38.165.1/24 S[...]

3Com Switch 8800 Configurati on Gu id e Chapter 18 RIP Configuration 18-14 [Switch C-rip] network 110.11.2.0 18.5 Troubleshooting RIP Faults Symptom : The Switch 8800 cannot receive the update p acket s when the physical connection to the peer routing device is norm al. Solution : RIP does n ot operate on the corres ponding interfa ce (for example,[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-1 Chapter 19 OSPF Configuration 19.1 OSPF Overview 19.1.1 Introduction to OSPF Open Shortest Path First (OSPF) is an Interior Gateway Protocol based on the link state develo ped by IETF . At present, OSPF version 2 (RFC2328) is used, which i s available with the following featu[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-2 z A router uses the SPF algorithm to calculate the sh ortest path tree with itself as the root, which shows the route s to the node s in the autonomous system. The external routing information is the leave node. A r outer, whi ch advertises the routes, also tags them and reco[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-3 19.1.4 LSA Type I. Five basic LSA types As mentioned previously , OSPF calculates and maint ains routin g information from LSAs. RFC2328 defines five LSA types as follows: z Router-LSAs: Type-1. Each router gener ates Router-LSA s, which describe the link state and cost of th[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-4 II. DR and BDR z Designated Router (DR) In multi-access network s, if any two routers establi sh adjacencies, the same LSA will be transmitted repeatedly , wasting bandwidt h resour ces. T o solve this problem, the OSPF protocol regulates that a DR must be elect ed in a multi[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-5 Since all the areas sho uld be connected to the backbone area, virtual lin k is adopted so that the physically separated areas can still maint ain the logic connectivity to the backbone area. V. Route summary An AS is divided into different areas th at are interconnected via [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-6 z Authenticator: OSPF provides clear t e xt authenticator and MD5 encryption authenticator to authenticate packet s tran smitted between neighb oring routers in the same area. z Flexible configuration for the router por t parameter: On the router port, you can configure the f[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-7 z Configuring to fill the MTU field when an interfa ce tra nsmit s DD packets z Setting an SPF calculation interval for OSPF 4) Configurations related to OSPF networking z Configuring OSPF authentication z Prohibit OSPF packet receiving/sending z Configuring OSPF virtual link[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-8 By default, OSPF is disabled. When enabling OSPF , pay attention to the following points: z The default OSPF process ID is 1. If no process ID is spe cified in the command, the default one is adopted. z If a router is running mult iple OSPF processes, you are recomm ended to [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-9 19.2.5 Configuring O SPF to Import Routes of Other Protocols The dynamic routing protoc ols on the router ca n sh are the routing information. As far a s OSPF is concerned, the routes discov ered by other routing protocol s are always processed as the external routes of AS. I[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-10 The routes that can be imported incl ude Dire ct, S tatic, RIP , IS-IS, or BGP and in addition, the routes of other OSPF processes.  Note: z It is recommended to configure the impor ted route type, cost and tag for the import-route command si multaneo usly. Othe rwise, th[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-11 III. Configuring the default interval and number for OSPF to import external routes OSPF can import the external routin g information and broadcast it to the entire autonomous system. Importing routes too of t en and importing too many external routes at one time will greatl[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-12 z The broadcasting scope of Type-5 LS A or Type-7 LSA advertising the default route is the same as that of the common Type-5 LSA or Type-7 LSA. Perform the following configuration in OSPF view . Table 19-8 Configure OSPF to import the default rout e Operation Command Import [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-13 By default, OSPF will not filter t he received routi ng information. II. Configuring filtering the routes imp orted to OSPF Use the filter-policy export command to configure the ASBR router to filter the external routes imported to OSPF . This co mmand is only valid for the [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-14 aggregate segment specifi ed by the command will not be transmit ted separatel y . This can reduce the LSDB size in other a reas. Once the aggregated segm ent of a certain netwo rk is added to the area, all the intern al routes of the IP addresses in the range of the aggrega[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-15 19.2.9 Setting OSPF Route Preference Since maybe multiple dynamic ro uting protocols are running on on e router concurrently , the problem of route shari ng and selection betwee n various routing protoco ls occurs. The system sets a preference for each routing prot ocol, whi[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-16 II. Setting a dead timer for the neighboring routers The dead timer of neigh boring routers ref ers to the interval in which a router will regard the neighboring ro uter as dead if no Hello pa ck et is received from it. The user can set a dead timer for the neighboring route[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-17 19.2.11 Configuring the Network Type on the OSPF Interface The route calculation of OSPF is based upon the topology of the adjacent network of the local router . Each router describes the topology of its adjacent network and transmits it to all the other routers. OSPF divide[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-18 Table 19-17 Configure a netwo rk type for an OSPF i nterface Operation Command Configure the network type on the interfa ce ospf net work-type { bro adcast | nbma | p2mp | p2p } Restore the default netwo rk type of the OSPF interface undo ospf net work-type By default, OSPF [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-19 If DR fails due to some fault s, the routers on the ne twork must elect a new DR an d synchronize with the ne w DR. The process will take a relati vely long time, during which, the route calculation is incorrect. In order to speed up t his process, OSPF puts fo rward the con[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-20 19.2.14 Configuring an Interval Required for Sending LSU Packets T rans-delay seco nds should be added t o the agi ng time of the LSA in an LSU packet. Setting the parameter like this mainly consid ers the time duratio n that the interface requires for transmitting a packet.[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-21 Table 19-22 Configure whether the MT U field will be filled in when an interface transmits DD pac ket s Operation Command Enable an interface to fill in the MTU field when transmitting DD packet s ospf mtu-enable Disable the interface to fill the MTU field when transmitting [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-22 By default, all interfaces are allowed to transmit and receive OSPF p acket s. After an OSPF interface is set to be in silent status, the interface can still advertise it s direct route. However , the OSPF hello pa cket s of the interface will be blocked, and no neighboring [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-23 Operation Command Disable the interface to use MD5 authentication undo ospf authentication-mode md5 By default, the interface is not configured wi th either simple authentication or MD5 authentication. 19.2.20 Configuring OSPF Virtual Link According to RFC2328, af ter the ar[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-24 Table 19-27 Configure an OSPF virtual link Operation Command Create and configure a virtual link vlink-peer router - id [ hello seconds | retran smit seconds | trans-delay second s | dead seconds | simple password | md5 keyid key ]* Remove the created virtual link undo vlink[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-25 Table 19-28 Configure stub are a of OSPF Operation Command Configure an area to be the stub area stub [ no-su mmary ] Remove the configured stub area undo stu b Configure the cost of the default route transmitted by OSPF to the stub area default-cost value Remove the cost of[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-26 Perform the following configuration in OSPF area vie w . Table 19-29 Configure NSSA of OSPF Operation Command Configure an area to be the NSSA area nssa [ default-route- advertise | no-import-route | no-summary ]* Cancel the configured NSSA undo nssa Configure the default co[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-27 By default, MIB is bound to the first enabled OSPF process. II. Configuring OSPF TRAP Y ou can configure the switch to send multiple types of SNMP TRAP packet s in case of OSPF anomalies. In addition, you can configure th e switch to send SNMP TRAP packet s when a spe cific [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-28 19.3 Displaying and Debugging OSPF After the above configurati on, execute the display command in any view to display the running of the OSPF configuration, and to veri fy the ef fect of the configuration. Execute the debugging command in use r view to debug the OSPF module.[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-29 Operation Command Disable OSPF event debugging undo debugging ospf event Enable OSPF LSA packet debugging debugging ospf lsa-originate Disable OSPF LSA packet debugging undo debugging ospf lsa-originate Enable SPF debugging of OSPF debugging ospf spf Disable SPF debugging of[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-30 III. Configuration procedure Configure Switch A [Switch A] interface Vlan-interface 1 [Switch A-Vlan-interface1] ip address 196.1.1.1 255.255.255.0 [Switch A-Vlan-interface1] ospf dr-priority 100 [Switch A] router id 1.1.1.1 [Switch A] ospf [Switch A-ospf-1] area 0 [Switch A[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-31 Change the priority of Switch B to 200 [Switch B-Vlan-interface2000] ospf dr-priority 200 On Switch A, execute the display osp f peer command to show its OSPF neighbo rs. Note the priority of Switch B has chan ged to 200, but it is still not the DR. Only when the current DR [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-32 III. Configuration procedure Configure Switch A [Switch A] interface Vlan-interface 1 [Switch A-Vlan-interface1] ip address 196.1.1.1 255.255.255.0 [Switch A] router id 1.1.1.1 [Switch A] ospf [Switch A-ospf-1] area 0 [Switch A-ospf-1-area-0.0.0.0] network 196.1.1.0 0.0.0.25[...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-33 19.5 Troubleshooting OSPF Faults Symptom 1 : OSPF has been configured in ac cordance with the earlie r-mentioned steps, but OS PF on the rou ter cannot run normally . Solution : Check accordin g to the following p rocedure. Local troubleshooting: Check wh ether the protocol [...]

3Com Switch 8800 Configurati on Guid e Chapter 19 OSPF Configuration 19-34 As shown in Figure 19-5: RT A and RTD are configured to belon g to only one area, whereas R TB (area0 and a rea1) and R TC (area1 an d area 2) are configured to belong to two areas. In which, RTB also be longs to area0, which is compliant with the requirement. Howeve r , non[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-1 Chapter 20 Integrated IS-IS Configuration 20.1 Introduction to Integrated IS-IS Intermediate System-to-Intermediate System (IS-IS) intra-domain routing inform ation exchange protocol is desi gned by the intern ational organization for st andardization (ISO) for co[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-2 II. Link types IS-IS routing protocol is applied to IS-IS routing protocol can run on p oint to point Links, such as PPP , HDLC and others. IS-IS routing protocol can also run on broa dcast links, such as Ethernet, T oken-Ring and others. For a Non-Br oadcast Mult[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-3 ES Routing Domain Boundary IS-IS Area End system Subnetwork Path Level 1 IS-IS Routing Level 2 IS-IS Routing Interdomain Routing Intermediate system ES IS Area 1 Area 2 Area 3 Routing Domain 1 Routing Domain 2 ES ES IS IS IS IS IS IS IS ES ES ES ES ES IS IS Figure[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-4 20.1.3 NSAP Structure of IS-IS Routing Protocol I. Address structure AFI IDI High Order DSP SyStem ID SEL (1 octet) DSP IDP Area Address Figure 20-2 NSAP structure OSI adopts the addre ss structure as shown in Figure 20-2. NSAP includes initial domain part (IDP) a[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-5 z SEL NSAP sele ctor (SEL or N-SEL) functions as the protocol identifier of an IP address. Differe nt transmission protocol s correspond to dif ferent identifiers. All the SELs of IP are 00. Because the address stru cture defines clea rly an area, a Level-1 router[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-6 III. SNP Sequence Number Packet (SNP ) can confirm the LSPs last received from neighbors. SNPs function as acknowledge p acket s, but SNPs function m ore validly . SNP in cludes complete SNP (CSNP) and partial SNP ( PSNP). SNP can be further divided into Level-1 C[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-7 Enabling IS-IS on the Specified Interface z Setting Priority for DIS Election z Setting Router Type z Setting Interface Circuit Level 2) Configuration related to IS-IS route z Configuring IS-IS to Import Routes of Other Protocol s z Configuring IS-IS Route Filteri[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-8 Configuring IS-IS Route Metric Type z Setting IS-IS Link State Routing Cost z Configuring IS-IS Timers z Setting to Discard the LSPs with Checksum Errors z Setting LSP Refreshment Interval z Setting Lifetime of LSP z Setting Parameters Related to SPF 4) Configurat[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-9 Delete a NET undo network-entity network - entity - title The format of the network - entity - title argument is X…X.XXXXXXXXXXXX.XX, a mong which the first “X…X” is the area address, the twelve Xs in the middle is the System ID of the router . The last XX[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-10 20.2.3 Enabling IS-IS on the Specified Interface After enablin g IS-IS, you need to specif y on which Interfaces the IS-IS will be run. Perform the following configuration in int erfa ce view . Table 20-3 Enable IS-IS on the specifi ed interfa ce Operation Comman[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-11 Table 20-5 Set the router type Operation Command Set the router type is-level { level-1 | level-1-2 | level-2 } Restore the default router type undo is-level By default, the router type is level-1-2 . 20.2.6 Setting Interface Circuit Level Perform the following c[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-12 Table 20-7 Import routes of other prot ocols Operation Command Import routes of other protocols import-route protocol [ cost value | type { external | internal } | [ lev el-1 | level- 1-2 | level-2 ] | route-policy route - policy - name ]* Cancel importing routes[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-13 protocol specifies the routing prot ocol sources for advertisin g routes, which can be direct, static, rip, bgp, o spf, osp f-ase, an d so on.  Note: z The filter-policy import command only filters the ISIS routes received from the neighbors, and routes tha t [...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-14 By default, the system disables route summari zation. 20.2.11 Setting to Generate Default Route In the IS-IS route domain, the Level-1 router only has the LSDB of the local area, so it can only generate the routes in the local areas. But the Lev el-2 router h as [...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-15 20.2.13 Configuring IS-I S Route Metric Type IS-IS routing protocol has two styles of route metric: z Narrow: The value of route metric rang e s from 1 to 63. z Wide: The value of route metric ranges from 1 to 16,777,215. A router can choose either or both of the[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-16 Perform the following configuration in int erfa ce view . Table 20-16 Set the Hello packet broadcast interval Operation Command Set Hello packet interval, measu red in seconds. isis timer hello seconds [ lev el-1 | level-2 ] Restore the default Hello packet inter[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-17 Table 20-18 Set the LSP packet transmission interval Operation Command Set LSP packet interval on the interface, measured in milliseconds. isis timer lsp time Restore the default LSP packet interval on the interface undo isis timer lsp By default, the LSP packet [...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-18 By default, the number of the invalid Hello packet s is set to 3. If this command does not specify Level-1 or Lev el-2, the system reg ard the invalid Hello packet s are set for both Level-1 an d Level-2 routers. 20.2.16 Setting IS-I S Authentication I. Setting i[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-19 Table 20-22 Set IS-IS authentication password Operation Command Set authentication-mode password area-authentication-mo de { simple | md5 } password [ ip | osi ] Delete authentica tion-mode p assword undo area-authentication-mode { simple | md5 } [ ip | osi ] Set[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-20 Table 20-24 Set the mesh group of the interfa ce Operation Command Add an interface to a mesh group isis mesh-group { mesh - group - number | mesh-blocked } Remove the interface from the mesh group undo isis mesh-group By default, the LSP is flooded norm ally fro[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-21 Table 20-26 Set to discard the LSPs with checksum errors Operation Command Set to discard the LSP with checksum error ignore-lsp-checksum-error Set to ignore the LSP checksum error undo ignore-lsp-check sum-error By default, the LSP checksum error is ignored. 20.[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-22 Perform the following configuration in IS-IS view . Table 20-29 Set Lifetime of LSP Operation Command Set lifetime of LSP timer lsp-max-age second s Restore the default LSP lifetime undo timer lsp-max-age By default, LSP can live for 120 0 se conds (20 minutes). [...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-23 By default, SPF calculation is not divid ed into slices but runs to the end once, which can also be implemented by setting the seconds argument to 0. After slice cal culation is set, the routes that are not processed once will be calculated in one second. Normall[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-24 The silent-interface com mand is only used to restrain the IS-IS p ackets not to be sent on the interface, but the inte rface routes can still be sent from other interfaces. On a switch, this command ca n disable/enab le t he specified VLAN interface to send IS-I[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-25 Display IS-IS SPF calculation log display isis spf-log Display IS-IS routing information display isis route Display IS-IS neighbor information display isis peer [ verbose ] Display mesh group information display isis mesh-group Enable IS-IS debugging debugging is[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-26 II. Network diagram Switch A Switch B Switch C 100.20.0. 2/24 Vlan-i nterf ace 100 Switc h D Vlan-i nterf ace 102 Vlan-i nterf ace 102 Vlan-in terf ace 100 Vlan-int erface 101 Vlan-i nterf ace 102 Vlan-i nterf ace 101 Vlan-i nterf ace 101 Vlan-i nter face 10 0 Vl[...]

3Com Switch 8800 Configurati on Guide Chapt er 20 Integrated IS-IS Configuration 20-27 Configure Switch C [Switch C] isis [Switch C-isis] network-entity 86.0001.0000.0000.0007.00 [Switch C] interface vlan-interface 101 [Switch C-Vlan-interface101] ip address 200.10.0.2 255.255.255.0 [Switch C-Vlan-interface101] isis enable [Switch C] interface vlan[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-1 Chapter 21 BGP Configuration 21.1 BGP/MBGP Overview 21.1.1 Introduction to BGP Border gateway protocol (BGP) is an inte r-autonomous sy stem (inter-AS) dynamic route discovery protocol. Three early vers ions of BGP are BGP- 1 (RFC 1 105), BGP-2 (RFC1 163) and BGP-3 (RFC1267).[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-2 BGP run s on a route r in any of the following modes: z Internal BGP (IBGP) z External BGP (EBGP) The BGP i s called IBGP when it runs in an AS and EBGP when it runs among di f ferent ASs. 21.1.2 BGP Message Types BGP is driven by message s, which include the following types:[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-3 z A BGP speaker does not advertise the r outes obta ined from IBGP to its IBGP peers. z A BGP speaker advertises the routes obtai ned from IBGP to it s IBGP peers (In th e Switch 8800, BGP and IGP are asynchronous.) z Once the connection is set up, a BGP speaker will advertis[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-4 z MP_REACH_NLRI: Multiprotocol Reach able NLRI, used to advert ise reachable routes and the next hop information. z MP_UNREACH_NLRI: Multiprotocol Unrea chable NLRI, used to delete unreachable routes. These two attributes are optional non-transit ive. There fore, the BGP spea[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-5 z Configuring application feature s of a BGP peer (group) z Configuring Route Filtering of a Peer (g ro up) 3) BGP route configuration z Configuring Network Route s for BGP Di stribution z Configuring the Interaction Between BG P and IGP z Configuring BGP Route Summarizatio n[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-6 Perform the following configurations in BGP view . I. Creating a peer group A BGP peer must bel ong to a peer group. Before con figuring a BGP peer , a peer group to which the peer belongs must be created first. Table 21-2 Create a peer group Operation Command Create a peer g[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-7 Delete a pe er undo peer peer - address If you want to add a peer to an IBGP peer group, this comma nd cannot specify AS numbers. When a peer i s added to an EBGP peer g roup and the peer group is defined with an AS number , all its membe r peers inherit s the c onfiguration [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-8 higher than the timer command that is used to configure timers for the whole BGP peers. Perform the following configuration in BGP view . Table 21-7 Configure timer of a pee r (gro up) Operation Command Configure keep-alive message interval and hold timer of a peer (group ) p[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-9 Table 21-9 Configure to permit conne ctions with EBGP peer groups o n indi rectly connected networks Operation Command Configure to permit connections wit h EBGP peer groups on indire ctly connected networks peer group - name ebgp-max-hop [ ttl ] Configure to permit connectio[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-10 After you use the peer default-r oute-advertise com mand, the local router will send a default route with the next hop as itself to the peer unconditionally , even if there is no default route in BGP routin g table. IV. Configuring it self as the next hop when adverti sing r[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-11 Table 21-14 Configure to send the co m munity attributes to a peer group Operation Command Configure to send the communit y attributes to a peer group peer group - name advertise-community Configure not to send the community attributes to a peer group undo peer group - name [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-12 IX. Configuring BGP MD5 authentification p assw ord BGP use s TCP as it s transport layer . For the sake of high security , you can configure MD5 authentication p assword when setting up a TCP con nection. In other words, BGP MD5 authentication just se ts p assword for TCP c[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-13 Operation Command Configure the egress route policy for a peer group peer group - name route-policy route - policy - name export Remove the egress route policy of a peer group undo peer group - nam e route-policy route - policy - name export II. Configuring route filtering p[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-14 IV. Configuring route filtering policy based on address prefix list for a peer (group) Table 21-21 Configure rout e filtering pol icy based on address p refix list for a peer (group) Operation Command Configure the ingress route filtering policy based on address prefix list [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-15 Table 21-23 Import IGP routing information Operation Command Configure BGP to import routes of IGP protocol import-route protocol [ pr ocess - id ] [ med med ] [ route-policy route - policy - name ] Configure BGP not to import routes of IGP protocol undo import-route protoco[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-16 Table 21-25 Configure BGP route sum marization Operation Command Configure the summary automatic function of the subnet routes summary Cancel the summary automatic function of the subnet routes undo summary Configure local route aggregation function aggregate address mask [ [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-17 II. Configuring to filter the routes advertised by the BGP Perform the following configuration in the BGP view . Table 21-27 Configure to filter the r outes advertised by the BGP Operation Command Configure to filter the routes advertised by the BGP filter-policy { acl - num[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-18 suppressed. With time going, the penalty value will decrease according to power function, and when it decreases to certain specifi c threshol d, the route suppression will be eliminated and the route will be re-advertised. Perform the following configuration in BGP view . Ta[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-19 The ebgp - val ue , ibgp - val ue and local - value argume nt s are in the range of 1 to 256. By default, the first two is 256 and the last one is 130. 21.2.11 Configur ing BGP Timer After you est ablished BGP connections betwe en ro uters, a router sends Keep alive packet s[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-20 By default, the local preference is 100. 21.2.13 Configuring MED for AS Multi-Exit Discriminators (MED) attribute is t he external metric for a route. AS uses the local preference to select t he route to t he out side, and use s the MED to determine the optimum route for ent[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-21 21.2.15 Configuring BGP Route Reflector T o ensure the interconnection between I BGP peers, it is necessary to est ablish a fully connected network. If there are man y IBGP peers, larg e overhead is needed to establish a fully connected network. Route reflecting can solve th[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-22 By default, the route reflection between client s is allowed. If the clients are fully connected, for the purpose of overhead re ductio n, it is re commended to use the undo reflect bet ween-clients co mmand to di sable the route reflection betwee n clie nts. II. Configuring[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-23 Table 21-37 Configure confede ration_ID Operation Command Configure confederation_ID confederation id as - number Cancel confederation_ID undo confederation id By default, the confederation_ID is not configured. The configured confederati on_ID and the existing AS number of [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-24 By default, the configured confederatio n is consistent with RFC1 96 5. 21.2.17 Clearing BGP Connection After the user ch anges BGP policy or protoc ol configuration, they must cut off the current connection so as to enable the n ew configu ration. Perform the following conf[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-25 Table 21-42 Display and debug BGP Operation Command Display the routing information in BGP routing table display bgp routing-table [ ip - address [ mask ] ] Display filtered AS path information in the BGP display ip as-path-acl acl - num ber Display CIDR routes display bgp r[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-26 Operation Command Enable/Disable BGP Keepalive debugging [ undo ] debugging bgp keepalive [ receive | send ] [ verbose ] Enable/Disable BGP Open debugging [ undo ] debugging bgp open [ receive | send ] [ verbose ] Enable /Disable BGP packet debugging [ undo ] debugging bgp p[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-27 II. Network diagram AS200 AS100 AS1002 AS1001 AS1003 Ethernet 172.68.10.1 172.68.10.2 172.68.10.3 172.68.1.2 172.68.1.1 156.10.1.1 156.10.1.2 Switch A Switch B Switch C Switc h D Switch E Figure 21-2 Network diagram for AS co nfede ration configuration III. Configuration pro[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-28 Configure Switch C: [Switch C] bgp 1003 [Switch C-bgp] confederation id 100 [Switch C-bgp] confederation peer-as 1001 1002 [Switch C-bgp] group confed1001 external [Switch C-bgp] peer confed1001 as-number 1001 [Switch C-bgp] group confed1002 external [Switch C-bgp] peer conf[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-29 [Switch A-Vlan-interface100] quit [Switch A] bgp 100 [Switch A-bgp] network 1.0.0.0 255.0.0.0 [Switch A-bgp] group ex external [Switch A-bgp] peer 192.1.1.2 group ex as-number 200 2) Configure Switch B: Configure VLAN 2: [Switch B] interface Vlan-interface 2 [Switch B-Vlan-i[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-30 Using the display bgp routing-t able command, you can view BGP routing t able on Switch B. Note: Switch B has known the existence of network 1.0.0.0. Using the display bgp routing-t able command ,you can view the BGP routing t able on Switch D. Note: Switch D also kno w s th[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-31 [Switch A-bgp] group ex193 external [Switch A-bgp] peer 193.1.1.2 group ex193 as-number 200 [Switch A-bgp] quit Configure the MED attribute of Switch A z Add ACL on Switch A, enable network 1.0.0.0. [Switch A] acl number 2000 [Switch A-acl-basic-2000] rule permit source 1.0.[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-32 [Switch C-Vlan-interface3] ip address 193.1.1.2 255.255.255.0 [Switch C] interface vlan-interface 5 [Switch C-Vlan-interface5] ip address 195.1.1.2 255.255.255.0 [Switch C] ospf [Switch C-ospf-1] area 0 [Switch C-ospf-1-area-0.0.0.0] network 193.1.1.0 0.0.0.255 [Switch C-osp[...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-33 z Define the route policy with the name of lo calpref, of those, the local preferen ce matching ACL 2000 is set as 200, and that of not matching is set as 100. [Switch C] route-policy localpref permit node 10 [Switch C-route-policy] if-match acl 2000 [Switch C-route-policy] [...]

3Com Switch 8800 Configurati on Gu id e Chapter 21 BGP Configuration 21-34 covering large network segment ca nnot be im ported. For example, route 10.1.1.0/24 can be imported, while 10.0.0.0/8 may cause error .[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-1 Chapter 22 IP Routing Policy Configuration 22.1 Introduction to IP Routing Policy When a router adverti ses or receives ro uting inf ormation, it possibly needs to implement some policies to filter the routing information, so as to receive or ad vertise the rout[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-2 II. ip-prefix The function of the ip-prefix is simila r to that of the acl, but it is more flexible and easy for the users to understan d. When the ip-prefix is applied to th e routing information filtering, its matching obj ects are the des tination a ddress in[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-3 Configuring ip-p refix z Configuring the AS Path List z Configuring a Community Attribute List  Note: For the configuration of ACL, refer to the QoS/ACL operation part o f this manual. 2) Applications of routing policies include: z Importing Routing Informati[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-4 satisfies all th e if-match clauses of the node, it will be denied by the nod e and will not take the test of the next node. If not, howeve r , the route will take the test of the next node. The nodes have the “OR” relationship. In ot her words, the router w[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-5 Operation Command Cancel the matched next-hop of the routing information set by ACL undo if-match ip next-hop Cancel the matched next-hop of the routing information set by address prefix list undo if-match ip next-hop ip-prefix Match the routing cost of the rout[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-6 Operation Command Set the next-hop address of the routing information apply ip next-hop ip - addre ss Cancel the next-hop ad dress of the routing information undo apply ip next-hop Import the route to IS-IS level-1, level-2 or level-1-2 apply isis [ level-1 | le[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-7 22.2.2 Configuring ip-prefix z A prefix-list is identified by an ip - prefix - name . Each IP prefix-list may include multiple entries each specifying an IP prefix matching range. IP prefix entries are identified by index - number s. The order in which IP prefix[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-8 22.2.4 Configuring a Co mmunity Attribute List In BGP , community attribute is optional and transitive. Some community attributes known globally are call ed standa rd community attributes. Some co mmunity attributes are for special purpose. Y ou can also de f in[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-9 Operation Co mmand Cancel the setting for importing routes of other protocols undo import-route protocol By default, the routes discovered by ot her protocols will not be advertised.  Note: In different routing protocol views, the parameter o ptions are diffe[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-10 Table 22-9 Configure to filter the advertised routes Operation Command Configure to filter the routes advertised by the protocol filter-policy { acl - number | ip-prefix ip - prefix - name } export [ protocol ] Cancel the filtering of the routes advertised by t[...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-11 22.4 Typical IP Routing Po licy Configuration Example 22.4.1 Configuring to Filter the Received Routing Information I. Network requirements z Switch A communicates with Switch B , r unning OSPF protocol. The router ID of Switch A is 1.1.1.1, and that of Switch [...]

3Com Switch 8800 Configurati on Guide Chapt er 22 IP Routing Polic y Configuration 22-12 2) Configure Switch B: Configure the IP address of VLAN interface. [Switch B] interface vlan-interface 100 [Switch B-Vlan-interface100] ip address 10.0.0.2 255.0.0.0 Configure the access control list. [Switch B] acl number 2000 [Switch B-acl-basic-2000] rule de[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-1 Chapter 23 IP Multicast Overview  Note: An Ethernet switch functions as a router whe n it runs IP multicast pr otocol. A router that is referred to in the following represents a generalized router or a layer 3 Ethernet switch running IP multicast proto col. 23.1 IP Mul[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-2 over the network if there is a large num ber of users in need of thi s infomration. As the bandwidt h wo uld turn short, the unicast mode i s inca pable of massive tran smi ssion. II. Data transmission in broadcast mode In broadcast mode, every user o n the network receiv[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-3 Se r v e r Mu lt i cas t Us e r A Us e r B Us e r D Us e r E User C Se r v e r Mu lt i cas t Us e r A Us e r B Us e r D Us e r E User C Figure 23-3 Data transmissi on in multicast mode Suppose the Users B, D, and E need the inform ation, they need to be organized into a r[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-4 z Occasional communication for trainin g and coop eration z Data storage and finance (stock) ope ration z Point-to-multipoint data distribution With the increasing popularity of multimedia servic es over IP network, multi cast is gaining its marketplace. In addition, the [...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-5 Table 23-1 Range s and meani ngs of Class D add resses Class D address range Description 224.0.0.0 ∼ 224.0.0.255 Reserved multicast addresses (addresses of permanent group s). All but 224.0.0.0 can be allocated by routing protocols. 224.0.1.0 ∼ 238.255.255.255 Multica[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-6 Class D address range Description …… …… II. Ethernet Multicast MAC Addresses When a unicast IP p acket i s transmitted on the Ethernet, the destination MAC ad dre ss is the MAC address of the receiver . However , for a multicast packet, the destination is no longe[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-7 Server Multicast User D User E Us e r C IGMP IGM P User A User B IGMP MBGP/MSDP PIM PIM AS1 AS2 Figure 23-5 Application positions of m ulticast-related protocols I. Multicast group management protocol Multicast groups use Internet gro up manage ment protocol (IGMP) as the[...]

3Com Switch 8800 Configurati on Guid e Chapter 23 IP Multicast Overvie w 23-8 uses the source addre ss of a received mult icast p acket to query the unicast routing table or the independe nt multicast routing tabl e to determin e that the receiving interface is on the shortest path from the receiving st at ion to the source. If a source tree is use[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-1 Chapter 24 IGMP Snooping Configuration 24.1 IGMP Snooping Overview 24.1.1 IGMP Snooping Principle IGMP Snoopi ng (Internet Group Management Pr otocol Snooping) is a multica st control mechanism running on th e Layer 2 Ethernet switch and it i s used for multicast gr[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-2 Internet / Intranet Vide o stre am VOD Serv er Layer 2 Ethernet Switch Video stream Multicast group member Non-multicast group member Multic a st ro uter Vide o s tre am Video s t re am Video stream Non- mult icas t group member Figure 24-2 Multicast packet tran smi[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-3 II. Implement Layer 2 multicast with IGMP Snooping The Ethernet switch runs IGMP Snooping to listen to the IGMP messages and map the host and its p orts to the co rresponding multicast group address. T o implement IGMP Snooping, the Layer 2 Ethernet switch proces se[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-4 forwarding ta ble, and meanwhile creates an IP multicast group and adds the port received the report message to it. If the corresponding MAC multicast group exis t s but does not cont ains the port received the report message, the switch adds the port into the multi[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-5 Table 24-1 Enabling/Di sabling IGMP Snooping Operation Command Enable/disable IGMP Snooping igmp-snooping { enable | disable } By default, IGMP Snooping is disa bled. Caution: z Although layer 2 and layer 3 multicast protocols can be config ured in pair, they cannot[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-6 Table 24-3 Configuri ng the maximum response time Operation Command Configure the maximum response time igmp-snooping max-response-tim e seconds Restore the default setting undo IGMP-snooping max-response-time By default, the maximum response time is 1 seconds. 24.2[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-7 Caution: If IGMP snooping is not enabled o n the VLAN (nor Layer 3 multicast), unkn own multicast packets are broadcasted within t he VLAN no matter whether this function is enabled or not. That is, to make unknown multicast packet s not be broadcaste d with a VLAN,[...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-8 T o implement IGMP Snooping on the switch, you need to ena ble IGMP Snooping on the switch first. The switch is connected with the router via the router port , and connected with user PC through the n on-router port s. II. Networking diagram Internet Mu l t i c a s [...]

3Com Switch 8800 Configurati on Guide Chapt er 24 IGMP Snooping Configurati on 24-9 z If IGMP Snooping is not enabled, input the igmp-snooping enable command in system view to enable IGMP Snooping. Then, use the same command in VLAN view to enable IGMP Snooping in the corresp ondi ng VLAN. 2) Multicast forwarding table set up by IGMP Snooping is wr[...]

3Com Switch 8800 Configurati on Guide C hapter 25 Multicast VLAN Config urati on 25-1 Chapter 25 Multicast VLAN Configuration 25.1 Multicast VLAN Overview Based on the current multicast on demand, whe n users in dif ferent VLANs request the service, multicast flow is duplicated in e ach VLAN and a great deal of band wid th is wasted. T o solve this[...]

3Com Switch 8800 Configurati on Guide C hapter 25 Multicast VLAN Config urati on 25-2 Item C ommand Description Add ports to correspondi ng VLANs port hybrid vlan vlan_id_list untagged Required T o cancel the configurations, use the corresponding undo comman ds.  Note: z A port can only belong to one multicast VLAN. z The type of the ports conne[...]

3Com Switch 8800 Configurati on Guide C hapter 25 Multicast VLAN Config urati on 25-3 II. Network diagram PC 2 PC 2 PC 2 PC 2 PC 1 PC 1 PC 1 PC 1 Sw i t c h A PC 2 PC 2 PC 2 PC 1 PC 1 PC 1 PC 1 Sw i t c h A Wor ks t a tio n Wor ks t a tio n Sw i t c h B PC 2 PC 2 PC 2 PC 2 PC 1 PC 1 PC 1 PC 1 Sw i t c h A PC 2 PC 2 PC 2 PC 1 PC 1 PC 1 PC 1 Sw i t c[...]

3Com Switch 8800 Configurati on Guide C hapter 25 Multicast VLAN Config urati on 25-4 2) Configure Switch B Enable IGMP Snoopin g. <Switch B> system-view [Switch B] igmp-snooping enable Enable IGMP-Snooping on VLAN 2 and VLAN 3. [Switch B] vlan 2 [Switch B-vlan 2] igmp-snooping enable [Switch B-vlan 2]quit [Switch B] vlan 3 [Switch B-vlan 3] [...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-1 Chapter 26 Common Multicast Configuration 26.1 Introduction to Common Multicast Configuration The multicast common configuration is fo r both the multicast group management protocol and the multicast routing protoc ol. The configuration includes enabling multica[...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-2 26.2.2 Configuring multi cast route number limit Because too many multicast routes may ex haust the router memory , you need to limit the number of multicast routes. Perform the following configuration in sy stem view . Table 26-2 Configuri ng multicast route li[...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-3 26.3 Controlled Multicast Configuration 26.3.1 Controlled Mu lticast Overview The controlled multicast feature co ntrols user’s authority to join mu lticast grou ps. This feature is based on po rts: use rs must first p ass the 802.1x authent ication set for th[...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-4 Caution: In local user view, before executing thi s command, you must configure use r service type to LAN-ACCESS, which is the only one supported by controlled multicast at present. 26.3.3 Controlled Multicast Configuration Example I. Network reuirements As show[...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-5 [SW8800-GigabitEthernet2/1/1] dot1x [SW8800-GigabitEthernet2/1/2] dot1x Configure the authentication mode on the cont rolle d port s to port-based mode. [SW8800-GigabitEthernet2/1/1] dot1x –method portbased [SW8800-GigabitEthernet2/1/2] dot1x –method portbas[...]

3Com Switch 8800 Configurati on Guide C hapter 26 Common Multicas t Configur ation 26-6 Operation Command Enable multicast kernel routin g debugging debugging multicast kernel-routing Disable multicast kernel routing debugging undo debugging multicast kernel-routing The multicast routing ta ble s can be layered as follows: z Each multicast routing [...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-1 Chapter 27 IGMP Configuration 27.1 IGMP Overview 27.1.1 Introduction to IGMP Internet Group Management Protocol (IGM P) is a protocol in the TCP/IP suite responsible f or management of IP multicast members. It is used to establi sh and maintain mu lticast membership amon g IP[...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-2 address is ele cted as the querier when there are multiple multicast routers on the same network segment. II. Leaving group mechanism In IGMP V ersion 1, hosts leave the mult icast group quietly wi thout informing the multicast router . In this case, the multicast router can [...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-3 27.2.1 Enabling Multicast Only if the multicast function is enabled can the multicast-related configuration s take effect. Refer to Chapter 26 Common Multicast Configu ratio n. 27.2.2 Enabling IGMP on an Interface This configuration t ask is to enable IGM P on the inter face [...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-4 27.2.4 Configuring the Inter val to Send IGMP Query Message Multicast routers send IGMP query messages to discover which multicast groups are present on att ached networks. Multica st r outers send query me ssages periodi cally to refresh their knowledge of memb e r s present[...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-5 I. Configuring interval for querying IGMP packets Table 27-4 Configuri ng i nterval for querying IGMP pa ckets Operation Command Configure interval for querying IGMP packets igmp lastmember-query interv al seconds Restore te default query interval undo igmp lastmember-queryin[...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-6 maximum response time. When any timer becomes 0, the host will send the membership report message of the multicast gro up. Setting the maximum response time reasonably can enable the host to respond to query messages quickly . In this case, the rout er can fast master the exi[...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-7 Configuring one interfa ce of the router as multicast member can avoid such problem. When the interface receives IGMP que ry p acket, the router will respond, thus en suring that the network segment where the interfa c e located can normal ly receive multicast pack et s. For [...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-8 Table 27-10 Limiting multicast group s an interface can access Operation Command Limit the range of allowed multicast groups on current interface (in VLAN interface view) igmp group-policy acl-num ber [ 1 | 2 | port { interface_type interface_ num | interface_nam e } [ to { i[...]

3Com Switch 8800 Configurati on Guid e Chapter 27 IGMP Configuration 27-9 27.3 Displaying and Debugging IGMP After the above configurati on, execute display command in any view to displ ay the running of IGMP configuration, and to verify the effect of the configuration. Execute debugging command in corre sponding views for the debuggi ng of IGMP . [...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-1 Chapter 28 PIM-DM Configuration 28.1 PIM-DM Overview 28.1.1 Introduction to PIM-DM PIM-DM (Protocol Indepe ndent Multicast, Dense Mode) bel ongs to dense mode multicast routing protocols. PIM-DM is suit able for small networks. Members of multicast groups are relati vely de[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-2 During this process, PIM-DM uses the RPF check and the existing unica st routing table to build a multicast forwarding tree rooted at the dat a source. When a packet arrives, the router will first judge the correctne ss of the pat h. If the interface that the packet arrives[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-3 IV. Graft When the pruned downstre am node needs to be restored to the fo rwarding st ate, the node will send a graf t packet to inform the up stream node. 28.2 PIM-DM Configuration 1) PIM-DM basic configuration include s: z Enabling multicast z Enabling PIM-DM 2) PIM-DM ad[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-4 28.2.3 Configuring the Time Inter vals for Ports to Send Hello Packets When protocol indepe ndent multicast (PIM) protocol is enabled f or a port, the port sends Hello packet s peri odically . The time intervals to send Hello packet s vary with the bandwidt h an d type of t[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-5 28.2.5 Configuring the Filtering of Multicast Source/Group You can set to filter the source (and group) address of multicast d ata p ackets v ia this command. When this feature is configured, the router filters not o nly multicast data, but the multicast data enca p sulated[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-6 Table 28-6 Configuri ng the maximum number of PIM neighbor on an interface Operation Command Configure the maximum number of PIM neighbor on an interface pim neighbor-limit limit Restore the limit of PIN neighbor to the default value pim neighbor-limit By default, the PIM n[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-7 Table 28-9 Displaying and debu gging PIM-DM Operation Command Display the PIM multicast routing table display pim routing-table [ { { *g [ group-address [ mask { mask-length | mask } ] ] | **rp [ rp-address [ mask { mas k-length | mask } ] ] } | { group-addre ss [ mask { ma[...]

3Com Switch 8800 Configurati on Guid e Chapter 28 PIM-DM Configuration 28-8 Lan s w it ch3 Lan s w it c h1 RECE IVER 1 Lan s w it c h2 VL AN 1 0 VL AN 1 1 VL AN 1 2 M ult ic as t Sou rce RE CE I V ER 2 VL AN 2 0 VL AN 3 0 RE CE I V ER 1 Mu l t i c a s t Sour ce Lan s w it ch3 Lan s w it c h1 RECE IVER 1 Lan s w it c h2 VL AN 1 0 VL AN 1 1 VL AN 1 2[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-1 Chapter 29 PIM-SM Configuration 29.1 PIM-SM Overview 29.1.1 Introduction to PIM-SM PIM-SM (Protocol Independent Multic ast, S parse Mode) belongs to sp arse mode multicast routing protocols. PIM-SM is main ly ap plicable to large-scale netwo rks with broad scope in whi ch g[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-2 I. Build the RP shared tree (RPT) When host s join a multicast group G , the leaf routers that directly connect with the hosts send IGMP message s to learn the receivers of multicast group G . In this way , the leaf routers calculate the corresponding rendezvo us point (RP)[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-3 It should be noted that one RP can serve mult iple multica st groups or all multicast groups. Each multicast group can only be uniqu ely correspond ent to one RP at a time rather than multiple RPs. II. Configuring BSRs The BSR is the management core in a PIM-SM network. Can[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-4 It should be noted that at least one router in an entire PIM-SM domain should be configured with Candidate- RPs and Candidate-BSRs. 29.2.1 Enabling Multicast Refer to Chapter 26 Common Multicast Configu ratio n. 29.2.2 Enabling PIM-SM This configuration can be ef fectiv e o[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-5 At first, each candidate BSR conside rs itself a s the BSR of the PIM-SM domain, and sends Boot strap message by t aking the IP address of the interface as the BSR address. When receiving Boot strap messages from other routers, t he candidate BSR will compare the BSR addres[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-6 Operation Command Remove the candidate-R P configur ed undo c-rp { interface-type interface-number | all } When configuring RP , if the range of the se rved multicast group is not specified, the RP will serve all multicast group s. Otherwise, t he range of the served multic[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-7 By default, no domain border is set. After th is configuration is performed, a bo otstrap message can not cross the border but other PIM p ackets can. This config uration can effectively divide a network into domain s using dif ferent BSRs. 29.2.9 Configuring the filter ing[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-8 Perform the following configuration in PIM view . Table 29-7 Limiting the range of legal BSR Operation Command Set the limit legal BSR range bsr-policy acl-number Restore to the default setting undo bsr-policy For detailed i nformation of bsr-policy , please refer to the co[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-9 Table 29-9 Displaying and debu gging PIM-SM Operation Command Display the BSR information display pim bsr-info Display the RP information display pim rp-info [ group-address ] Enable the PIM-SM debugging debugging pim sm { all | mrt | ms dp | verbose | war ni ng | mbr { ale[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-10 II. Networking diagram LSD LS_B LS_C LS_A Host A Host B VLAN11 VLAN12 VLAN10 VLAN10 VLAN11 VLAN12 VLAN12 VLAN10 VLAN11 LSD LS_B LS_C LS_A Host A Host B VLAN11 VLAN12 VLAN10 VLAN10 VLAN11 VLAN12 VLAN12 VLAN10 VLAN11 Figure 29-2 PIM-SM configuration net working III. Configur[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-11 [SW8800-vlan-interface12] quit 2) Configure LS_B Enable PIM-SM. [SW8800] multicast routing-enable [SW8800] vlan 10 [SW8800-vlan10] port ethernet 2/1/2 to ethernet 2/1/3 [SW8800-vlan10] quit [SW8800] interface vlan-interface 10 [SW8800-vlan-interface10] igmp enable [SW8800-[...]

3Com Switch 8800 Configurati on Guid e Chapter 29 PIM-SM Configuration 29-12 Enable PIM-SM. [SW8800] multicast routing-enable [SW8800] vlan 10 [SW8800-vlan10] port ethernet 2/1/2 to ethernet 2/1/3 [SW8800-vlan10] quit [SW8800] interface vlan-interface 10 [SW8800-vlan-interface10] igmp enable [SW8800-vlan-interface10] pim sm [SW8800-vlan-interface10[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-1 Chapter 30 MSDP Configuration 30.1 MSDP Overview 30.1.1 Introduction Multicast source discovery protocol (MSDP) is used to discover multicast sou rce information in other PIM-SM domains. No ISP would like to forward multicast traf fic depending on the RP of competit ors, thou[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-2 30.1.2 Working Principle I. Indentifying multicast sour ce and receiving multicast data As shown in Figure 30-1, the RPs of PIM-SM dom ains 1, 2 and 3 establi sh peer relationship between them. Domai n 3 contains a grou p membe r . So ur ce Gr oup Me mbe r 3 DR RP &M SD P[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-3 this case, the last hop router connected with the gro up member in domai n 3 can choose whether to switch to SPT. II. Message forwarding and RPF check between MSDP peers As shown in Figure 30-2 MSDP wo rking principles (II), Sw itch A, Switch B, Switch C, Switch D, Switch E a[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-4 case when the messa ge is from Switch E to Switch F, i t is received and forwa rded to other peers. 6) If the SA message is sent from a MS DP peer in a different domai n which is the next autonomous domain al ong the optimal path to the RP in the domain of source, as from Swi[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-5 30.2.2 Configur ing MSDP Peers T o run MSDP , you need to configure MSDP peers locally . Please perform the following configurations in MSDP view . Table 30-2 Configuri ng MSDP peers Operation Command Configure MSDP peers peer peer-address connect-interface interface-type int[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-6 rp-policy parameter are configured, any peer that receives an SA message will forward it to the other peers. z Not using the rp-policy parameter universally: According to the config uration sequence, only the first static RPF peer wh ose connection state is UP is activated. A[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-7 30.2.6 Configuring the Maxi mum Number of SA caching T o prevent DoS (Deny of Service) attacks, you can set the m aximum number of SAs cached on the router . Perform the following configuration in M S DP view . Table 30-6 Configuri ng the maximum number of SA caching Operatio[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-8 qualified (S, G) entries in the multicast rout ing table when creating SA message s, that is, to control the (S,G) entries imported from the multica st routin g t able to the domain. Please perform the following configurations in MSDP view . Table 30-8 Filtering the multicast[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-9 I. Using MSDP outbound filter MSDP outbo und filter of are function al in: z Filtering off all the (S, G) entries z Forwarding only the SA messages permitted by the advanced A CL Please perform the following configurations in MSDP view . Table 30-10 Using MSDP outbound filter[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-10 Table 30-12 Controlling the received source informati on Operation Command Filter off the SA messages from a specified MSDP peer peer peer-ad dress sa-policy import Receive the SA messages permitted by the advanced ACL from a sp ecified MSDP p eer peer peer-address sa-policy[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-11 Table 30-14 Configuring the MSDP connection retry period Operation Command Configuring the MSDP connection retry perio d timer retry seconds Restore the default value of MS DP connection retry interval undo timer retry By default, MSDP con ne ction is retried a t the interva[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-12 30.3 Displaying and Debugging MSDP I. Displaying and Debugging MSDP After the above configurati on, execute display commands in any view to display the running information of MSDP and to veri fy the effect of the configuration. Execute the debugging command in user view for [...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-13 30.4 MSDP Configuration Examples 30.4.1 Configuring Static RPF Peers I. Networking requirements In the following networking environment, four Switch 88 00s all are in the PIM-SM domains with no BGP or MBGP run n ing among them (Note that MB GP is not supported in the basic c[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-14 [SwitchD-msdp] static-rpf-peer 10.10.1.1 rp-policy list-a Configure Switch B to be a stat ic RPF pe er of Switch D. [SwitchD] ip ip-prefix list-b permit 10.21.0.0 16 [SwitchD] msdp [SwitchD-msdp] peer 10.21.1.1 connect-interface Vlan-interface 20 [SwitchD-msdp] static-rpf-pe[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-15 II. Networking diagram SRC A Swit ch E Loop bac k0 10.10. 1.1 Loop back1 0 10.1. 1.1 Vl an- inter face20 10.10.3 .1/24 Loo pback10 : Any cast RP addr ess 10. 1. 1. 1 Loo p bac k0 : M SDP pe er addres s & Origina ting-RP SwitchB Swit ch D Swit c h A SRC B Swit c hC Vlan -[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-16 [SwitchB-LoopBack10] igmp enable [SwitchB-LoopBack10] pim sm [SwitchB-LoopBack10] quit Configure the IP address of Vlan-interface10 and ena ble IGMP and PIM-SM. [SwitchB] interface Vlan-interface10 [SwitchB-Vlan-interface10] ip address 10.10.2.1 255.255.255.0 [SwitchB-Vlan-i[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-17 [SwitchA] vlan 10 [SwitchA-vlan10] port ethernet1/1/2 [SwitchA-vlan10] quit [SwitchA] vlan 20 [SwitchA-vlan20] port ethernet1/1/3 [SwitchA-vlan20] quit Enable multicast. [SwitchA] multicast routing-enable Configure the IP address of interface loopba ck0. [SwitchA] interface [...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-18 [SwitchA-ospf-1] quit Configure Switch B as its MSDP peer . [SwitchA] msdp [SwitchA-msdp] peer 10.10.1.1 connect-interface loopback 0 Configure Originating RP . [SwitchA-msdp] originating-rp loopback0 [SwitchA-msdp] quit Configure C-RP and BSR. [SwitchA] pim [SwitchA-pim] c-[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-19 II. Networking diagram SRC A Vlan-i nterfa ce30 Vlan -interfa ce20 Vl an-int erface10 PIM-SM domain 4 Loopba ck10 10.1 .1.1 Lo opback0 10.2 5.1.1 Loopba ck0 10.2 5.1.2 Ether net: 10.25. 2.0 Loopba ck0 10.2 6.1.1 Loopba ck0 10.2 8.1.1 Loopba ck0 10.2 9.1.1 Vlan-i nterfa ce20 [...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-20 Enable multicast. [SwitchA] multicast routing-enable Configure the IP address of interface loopba ck0 and e nable PIM-SM. [SwitchA] interface loopback0 [SwitchA-LoopBack0] ip address 10.25.1.1 255.255.255.255 [SwitchA-LoopBack0] pim sm [SwitchA-LoopBack0] quit Configure the [...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-21 [SwitchA-bgp] peer 10.27.1.2 group in [SwitchA-bgp] peer in connect-interface loopback0 [SwitchA-bgp] ipv4-family multicast [SwitchA-bgp-af-mul] peer in enable [SwitchA-bgp-af-mul] peer 10.26.1.2 group in [SwitchA-bgp-af-mul] peer 10.27.1.2 group in [SwitchA-bgp-af-mul] peer[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-22 [SwitchE] multicast routing-enable Configure the IP address of interface loopba ck0 and e nable PIM-SM. [SwitchE] interface loopback0 [SwitchE-LoopBack0] ip address 10.26.1.2 255.255.255.255 [SwitchE-LoopBack0] pim sm [SwitchE-LoopBack0] quit Configure the IP address of inte[...]

3Com Switch 8800 Configurati on Guid e Chapter 30 MSDP Configuration 30-23 [SwitchE-bgp] ipv4-family multicast [SwitchE-bgp-af-mul] peer in enable [SwitchE-bgp-af-mul] peer 10.25.1.1 group in [SwitchE-bgp-af-mul] peer 10.27.1.2 group in [SwitchE-bgp-af-mul] peer in next-hop-local [SwitchE-bgp-af-mul] quit [SwitchE-bgp] group ex external [SwitchE-bg[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-1 Chapter 31 MBGP Multicast Extension Configuration 31.1 MBGP Multicast Extension Overview 31.1.1 Introduction At present, the most widely used inter-dom ain uni cast routing protocol is B GP-4. Because the multicast topology may be dif fer ent from the uni[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-2 I. MP_REACH_NLRI attribute MP_REACH_NLRI is an optional non-tra nsitive attribu te, and can be used to: z Send the routing information of a new reach able p rotocol. z Send the next hop information about the new protocol with the same coding mode as that [...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-3 31.2 MBGP Multicast Extension Configuration Basic configu ration ta sks of MBGP multicast extension include: z Enable MBGP multicast extension prot ocol z Specify the network routes notified by the MBGP multicast extension Advanced configuration tasks of [...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-4 Table 31-1 Enabling MBGP multicast extension protocol Operation Command Enter the MBGP multicast address family view ipv4-family multicast Remove the MBGP multicast address family view undo ipv4-family multicast By default, the system does not run t he MB[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-5 31.2.5 Configuri ng Local Preference Differe nt local preference can be con figured as a reference o f the MBGP route selection. When an MBGP router gets routes with the sam e destination but dif ferent next hops through dif ferent neighbors, it will choo[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-6 II. Enabling a peer (group) Please perform the following configurations in IPV4 multicast sub-address family view . Table 31-3 Enabling a pe er (g roup) Operation Command Enable the specified peer (gro up) peer group-name enable Disable the specified peer[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-7 By default, there is no route reflector in an AS. It is generally unnecessary to configure th is command for a peer group. This command is reserved for the occasional comp atibilit y with the network equipment s of other vendors. VI. Configuring the local[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-8 Table 31-9 Configuri ng IP-ACL -based route filtering policy for a p eer (group) Operation Command Configure filteriing policy for incoming packets peer { group-name | peer-address } filter-policy acl-number import Remove incoming policy cnfiguration undo[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-9 Operation Command Remove outgoing policy cnfiguration undo peer group -name ip-prefix prefixn ame export By default, a peer (group) does not pe rform r oute filtering based on the prefix list. 31.2.8 Configuring MB GP Route Aggregation MBGP supp orts the [...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-10 31.2.10 Configure MBGP Community Attributes Within the MBGP , a community is a set of destinations with some characterie stics in common. A community is not limited to a network or an AS has no physical boundary . For details, re fer to “BGP Configurat[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-11 31.2.14 Resetting BGP Connections After changin g the MBGP policy or p rotocol configuration, users must disconn ect the present BGP con nection to make the new configu rati on ef fective. For details, re fer to “BGP Configuration” of the Routing Pro[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-12 31.4 MBGP Multicast Extension Configuration Example I. Networking requirement This example describe s how the administrat or uses t he MBGP attribute s to manage route selection. All switches are co nfigur ed with MBGP . The IGP in AS200 u ses O SPF . Sw[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-13 [SwitchA-bgp-af-mul] network 1.0.0.0 [SwitchA-bgp-af-mul] network 2.0.0.0 [SwitchA-bgp-af-mul] quit Configure peers relationship. [SwitchA-bgp] bgp 100 [SwitchA-bgp] group a1 external [SwitchA-bgp] peer 192.1.1.2 group a1 as-number 200 [SwitchA-bgp] grou[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-14 [SwitchB-vlan40] quit [SwitchB] interface vlan-interface 40 [SwitchB-Vlan-interface40] ip address 194.1.1.2 255.255.255.0 [SwitchB-Vlan-interface40] quit [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 194.1.1.0 0.0.0.255 [Sw[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-15 [SwitchC-bgp] group c2 internal [SwitchC-bgp] peer 194.1.1.2 group c2 [SwitchC-bgp] peer 195.1.1.1 group c2 [SwitchC-bgp] ipv4-family multicast [SwitchC-bgp-af-mul] peer c1 enable [SwitchC-bgp-af-mul] peer c2 enable Configure the local preference attribu[...]

3Com Switch 8800 Configurati on Guide Chapter 31 MBGP Multicast Extensio n Conf iguration 31-16 [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit [SwitchD] bgp 200 [SwitchD-bgp] undo synchronization [SwitchD-bgp] group d1 internal [SwitchD-bgp] peer 194.1.1.2 group d1 [SwitchD-bgp] peer 195.1.1.2 group d1 [SwitchD-bgp] ipv4-family multicast [...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-1 Chapter 32 ACL Configuration 32.1 ACL Overview 32.1.1 Introduction to ACL A series match rules must be configur ed to recognize the p acket s before they are filtered. Only when packet s are identified, can the network t ake corresponding actions, allowing or prohibiting th [...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-2  Note: Depth first principl e means putting the st atement with smaller p acket range in the front. Y ou can know the packet range by comp ar ing IP address wildcards: The smaller the wildcard is, the smaller host range is. Fo r example, the addres s 129.102.1.1 0.0.0.0 s[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-3 Table 32-1 Requirement s for defining ACLs Item Number range Maximum number Number-based basic ACL 2000 to 2999 1000 Number-based advan ced A CL 3000 to 3999 1000 Number-based L2 ACL 4000 to 4999 1000 Number-based use r ACL 5000 to 5999 1000 Name-based basic ACL -- -- Name-b[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-4 Table 32-3 ACL configuration tasks No. Item Command Description 1 Enter the system view <SW8800> system-v iew — 2 Configure the time range [SW8800] time-range Optional 3 Define a flow template [SW8800] flow-template user-defined slot slot id template - info Optional [...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-5 sta rt - time and end - time days - of - the - week define period time ra nge together . start - time sta rt - date and end - time end - date define absolute time range together . If a time range only defines the period time range, th e time range is only active within the p[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-6 Table 32-6 Length of template elem ent s Name Description Length in template cos 802.1p p riority 1 byte dip De stination IP field in IP packet header 4 bytes dmac Destination MAC field in Ethernet packet header 6 bytes dport Destination port field 2 bytes dscp DSCP field in[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-7 The fragment-flags field i s 0 in length in flow template, so it can be ignored in calculating the total length of template element s. Y ou can either use the defa ult template or define a flow template base d on your needs.  Note: Default flow template: ip-protocol tcp-f[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-8  Note: z If the time-range keyword is not sel ected, the ACL will be effective at any time af ter being activated. z You can define multiple rules for the A CL by using the rule command seve ral times. z If the ACL is sent directly to hardware for packet filteri ng and tr[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-9 Table 32-9 Define advan ced A CL Operation Co mmand Enter advanced ACL view (system view) acl { number acl - n umber | name acl - name adv anced } [ match-order { config | auto } ] Define an ACL rule (advanced ACL view) rule [ rule - id ] { permit | deny } protocol [ source [...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-10 32.2.4 Activating ACL After defining an ACL, you must activate it. This configuration activates those ACL s to filter or classify the packet s forwarded by hardware. For interface cards, perform the following c onfigurations in Ethernet port view or port group view . Table [...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-11 Display ACL configuration displa y acl config { all | acl - nu mber | acl - name } Display ACL application information display acl running-packet-filter { all | interface { interface - name | interface - type interface - num } | vlan vlan - id } Display configuration inform[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-12 III. Configuration procedure  Note: Only the commands concerning AC L co nfiguration are listed here. 1) Define the time range. Define the time range from 8:00 to 18:00. [SW8800] time-range 3Com 8:00 to 18:00 working-day 2) Define inbound traffic to the wage server. Crea[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-13  Note: Only the commands concerning AC L co nfiguration are listed here. 1) Define the time range. Define the time range from 8:00 to 18:00. [SW8800] time-range 3Com 8:00 to 18:00 daily 2) Define the traffic with source IP 10.1.1.1. Create a name-based basi c ACL “t ra[...]

3Com Switch 8800 Configurati on Gu id e Chapter 32 ACL Configurati on 32-14 1) Define the time range. Define the time range from 8:00 to 18:00. [SW8800] time-range 3Com 8:00 to 18:00 daily 2) Define a user-defined flow template [SW8800] flow-template user-defined slot 3 ethernet-protocol smac 0-0-0 dmac 0-0-0 3) Define the traffic with source MAC 0[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-1 Chapter 33 QoS Configuration 33.1 QoS Overview Conventional packet net work treats all packet s equally . Each switch/router processes all packet s in First-in-First-out (FIFO) mode and then transfers them to the destination in the best effort, but it provides no comm itment [...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-2 There are two key steps in p acket filtering: S tep 1: Classify the traffic at the port according to a sp ecific rule. S tep 2: Run filtering operation (deny or permit ) to the i dentified traf fic. By default, deny operation is selected. IV. Traffic policing QoS can police t[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-3 Figure 33-2 Ethernet frame with 802.1 Q tag head er In the above figure, each host sup porting 80 2.1Q protocol adds a 4-byte 802.1Q t ag header afte r the so urce address in Ethernet heade r . The 802.1Q t ag header cont ains a 2-byte TPID (T ag protocol Identifier , with th[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-4 Packets sent vi a this interface high priori ty Low pr iority Classif y Packets sent Sendin g queue Dequeue queue 7 queue 6 queue 5 queue 4 queue 3 queue 2 queue 1 queue 0 Figure 33-4 Priority queues SP algorithm is de signed for key services. One of the cha ra cteri st ics o[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-5 Another merit for WRR algorithm: Thou gh t he queues are sched uled by turn, they are not configured with fixed time quantum . If a queu e has no p ackets, the system immediately schedules the next queu e. Then b andwid th resources can be fully utilized. VIII. Traffic mirror[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-6 Item Command Description Apply flow template flow-template user-defined Optional. Refer to section 32.2.2 “ Defining and Applying Flow Template”. Activate ACL packet-filter inbound Optional. Refer to section 32.2.4 “ Activating ACL”. Configure local precedence for por[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-7 Item Command Description Display QoS configuration display You can execute the display command in any view to check the QoS configuration. Refer to section 33.3.11 “ Displaying and Debugging QoS Configuration”. For the common interface boards exce pt XP4, note that: z The[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-8 II. Network diagram GE 7/1/ 8 GE7 /1/1 GE7 /1 /2 VL A N 2 , 1. 0. 0. 1/ 8 PC1 GE 7/1/ 8 GE7 /1/1 GE7 /1 /2 VL A N 2 , 1. 0. 0. 1/ 8 PC1 VL A N 3 , 2.0. 0. 1/ 8 PC2 VL A N 3 , 2.0. 0. 1/ 8 PC2 3.0. 0. 1/ 8 PC3 GE 7/1/ 8 GE7 /1/1 GE7 /1 /2 VL A N 2 , 1. 0. 0. 1/ 8 PC1 GE 7/1/ 8[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-9 z Configuring Traffic Shaping z Configuring Traffic Priority z Configuring Traffic Redirection z Configuring Queue Sched uling z Configuring Traffic Mirrorin g z Configuring Port Mirroring z Configuring Traffic Statistics Before initiating any of these QoS configuration t ask[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-10 After receiving a p acket, the switch allocates a set of service param eters to it according to a specific rule. The switch fi rst get s its l ocal precedence and drop preceden ce according to the p acket 802.1p prio rity value, by searching in the CoS — > Local-precede[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-11 Table 33-4 Configure def ault local precedence for p ort Operation Co mmand Configure default local preceden ce for a port priorit y priority - level Restore the default local prece dence for a port undo priority 33.3.2 Configuri ng Traffic Policing T raf fic policing refers[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-12 Restore the default values of the Local-precedence + Confo rm-Level — > mapping table (conform level view) undo local-precedence The system provides defaul t mapping t ables. II. Configuring traffic policing The purpose of this configuration t ask is to implement traffi[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-13  Note: z The parameters of traffic policy must be the same if you configure th e same tc-index for different traffic; otherwise the system prompts you for the wrong configuration. z For traffic policing configuration ove r the por t group, all ports in the group shares th[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-14 rates, while traf fic policing drops excessiv e p ackets. Therefore, traf fic shaping may increase transmissi on delay , but not for traffic poli cing. Perform the following configurations in Ethern et port view o r port group view . Table 33-7 Configure traffic sha ping Ope[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-15 Remove traffic priority setting which applies IP group ACL and link gro up ACL at same time undo traffic-priority inbound ip-group { acl - number | acl - name } { rule rule link-group { acl - number | acl - name } [ rule rule ] | link-group { acl - numbe r | acl - name } rul[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-16 Table 33-9 Configure traffic redi re ction Operation Command Configure traffic redirection which only applies IP group ACL traffic-redirect inbound ip-group { acl - number | acl - name } [ rule rule [ syste m-ind ex in dex ] ] { cpu | interface { interface - name | interface[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-17 33.3.6 Configuring Queue Scheduling Each port support s eight outbound queues exc ept that port of XP4 board only sup ports four queues. The switch puts the packet s into the queues according to the local precedence of p acket s. Queue scheduling is used to resolve problems [...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-18 1) Tail drop mode: Different queues (red, yellow and red) are allocated with differe nt drop thresholds. Wh en these thresholds are exceeded respe ctively, excessive packets will be dropped. 2) WRED drop mode: Drop precedence is taken into account in drop action. Wh en only [...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-19 II. Configuring drop algorithm Please perform the following configurations in Ethernet port view . Table 33-12 Configure drop algo rithm Operation Command Configure drop algorithm drop-mode { tail-drop | wr ed } [ wred - index ] Restore the default algorithm undo drop-mode B[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-20 a system index for it when delivering an ACL rule with this command. Howev er , you are not recommended to a ssi gn a system index if not urgently necessary . See the corresponding Co mmand M anual for det ail s of the commands. 33.3.9 Configuri ng Port Mirroring Port mirror[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-21 port. You can only choose port B on board 2 as its monitoring port when configuring a se con d mirroring group in the same direction on b oard 1. z One mirroring group can co ntain as many as 24 monit ore d ports at most. z You can configure as many as 24 monitored ports for[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-22 Configure traffic statistics which only applies link group ACL traffic-statisti c inbound link-group { acl - number | acl - name } [ rule rule [ s ystem-index index ] ] [ tc-index index ] Remove traffic statistics setting which only applies link group ACL undo traffic-statis[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-23 Operation Command Display traffic limit configuration of a port display qos-interface [ interface - na me | interface - type interface - num ] traffic-limit Display queue scheduling configuration of a port display qos-interface [ interface - na me | interface - type interfac[...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-24 33.4 Configuration Example 33.4.1 Traffic Shaping Configuration Example I. Network requirements Set traffic shaping for the outbound queue 2 at the port GE7/1/8: maximum rate 500kbps, burst size 12 k bytes. II. Network diagram GE7/1/8 GE7/1/1 GE7/1/2 VLAN2, 1.0.0.1/8 VLAN3, [...]

3Com Switch 8800 Configurati on Gu id e Chapter 33 QoS Configuration 33-25 II. Network diagram Se r v e r E3/0/8 E3/0/2 E3/0/1 Se r v e r GE3/1/ 8 GE3/1/2 GE3/1/1 Se r v e r E3/0/8 E3/0/2 E3/0/1 Server GE3/1/ 8 GE3/1/2 GE3/1/1 Se r v e r E3/0/8 E3/0/2 E3/0/1 Se r v e r GE3/1/ 8 GE3/1/2 GE3/1/1 Se r v e r E3/0/8 E3/0/2 E3/0/1 Se r v e r GE3/1/ 8 GE3[...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-26 Create a number-based basic ACL 2 000 and enter it. [SW8800] acl number 2000 Define ACL rule for the traf fic from PC1. [SW8800-acl-basic-2000] rule 0 permit source 1.0.0.1 0 time-range 3Com 3) Define the CoS — > Conform-Level map ping table. Define the CoS — > Con[...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-27 Re-allocate service parameters for the pa cket s from PC1. [SW8800-GigabitEthernet7/1/1] traffic-priority inbound ip-group 2000 remark-policed-service dscp 63 33.4.4 Traffic Redirecti on Configuration Example I. Network requirements Forward the pa ckets se nt from PC1 (IP 1.[...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-28 33.4.5 Queue Scheduling Configuration Example I. Network requirements Modify the corresponden ce between 802.1p pri ori ty levels and local priority levels to change the mapping bet ween 802.1p priority levels and queue s. That is, put pa ckets into outbound queues ac cordin[...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-29 2) Use WRR algorithm for the queues 0 to 5. Set the queues 0, 1 and 2 into WRR queue 1, with weight respectively as 20, 20 and 30; set the queues 3, 4 and 5 into WRR queue 2, with weight re spectively as 20, 20 and 40. Use SP algorithm for the queues 6 and 7. [SW8800-Gigabit[...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-30 III. Configuration procedure 1) Configure WRED parameters Configure parameters for WRE D 0. [SW8800] wred 0 [SW8800-wred-0] queue 7 150 500 5 100 150 10 50 100 15 10 2) Set drop algorithm and thresholds. Define the port GE7/1/1 in WRED drop mode, set the p arameters of WRED [...]

3Com Switch 8800 Conf ig uration Guide Chapter 33 QoS Configurati on 33-31 3) Count the packets to PC1 and display the result using the display command. [SW8800-GigabitEthernet7/1/1] traffic-statistic inbound ip-group 2000 rule 0 [SW8800] display qos-interface GigabitEthernet7/1/1 traffic-statistic GigabitEthernet7/1/1: traffic-statistic Inbound: M[...]

3Com Switch 8800 Conf iguration Guide Chapter 34 Logon User ACL Control Config uration 34-1 Chapter 34 Logon User ACL Control Configuration 34.1 Overview As the Ethernet switches are used m ore and more widely over the networks, the security issue becomes ev en more import ant. The switches provide several logon an d device accessing measur es, mai[...]

3Com Switch 8800 Conf iguration Guide Chapter 34 Logon User ACL Control Config uration 34-2 Operation Command Delete a sub-rule (ba sic ACL view) undo rule rule - id [ source ] [ fragment ] [ time-range ] Delete an ACL or all ACLs (system view) undo acl { number acl - number | name acl - name | all } Enter advanced ACL view from system view acl { n[...]

3Com Switch 8800 Conf iguration Guide Chapter 34 Logon User ACL Control Config uration 34-3 34.2.3 Configur ation Example I. Network requirements Only the T elnet users from 10.1 10.100.52 and 10.1 10.100.46 can access the switch. II. Network diagram Internet Switch Figure 34-1 ACL configuration for Teln et users III. Configuration procedure Define[...]

3Com Switch 8800 Conf iguration Guide Chapter 34 Logon User ACL Control Config uration 34-4 34.3.2 Importing ACL Import the defined ACL into the commands with SNMP comm unity , username and group name configured, to achieve ACL control over SNMP users. Perform the following configurations in system view . Table 34-3 Import ACL Operation Command Imp[...]

3Com Switch 8800 Conf iguration Guide Chapter 34 Logon User ACL Control Config uration 34-5 34.3.3 Configur ation Example I. Network requirements Only SNMP u sers fro m 10.1 10.100.52 and 10.1 10.100.46 can access the switch. II. Network diagram Internet Switch Figure 34-2 ACL configuration for SNM P users III. Configuration procedure Define a basi[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-1 Chapter 35 MPLS Architecture  Note: A Switch 8800 running MP LS can serve as a router . Routers mentioned in this manual can be either a router in common sense, or a layer 3 Ethernet switch running MP LS. T o enable MPLS function on the Switch 8800, yo u must select the i [...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-2 35.2.2 Label I. Label definition A label is a lo cally significant short identifier with fixed length, which is used to ide ntify a FEC. When reaching at MPLS network ingress, p ackets are divided into diff erent FECs, based on their FECs, dif ferent labels ar e encapsulated [...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-3 Et hernet S O N E T /S DH pac k et Et hernet header / PPP heade r F lag La y er 3 data F r am e m o de AT M pa c k et C ell m od e AT M pa c k et AT M he ader F lag La y er 3 data VPI / VC I La y er 3 data Et hernet S O N E T /S DH pac k et Et hernet header / PPP heade r F la[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-4 In independent control mode, each LS R can send label mapping message s to the LSRs it connect s to at anytime. In ordered control mode, a LSR ca n send label mapping me ssages to up stream only when it receives a specific label mappi ng messages of the next hop of a FEC or t[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-5 with labels, distributes label binding message s, establishes a nd maintain s label forwarding ta ble. The network consisting of LSRs is called MP LS domain. The LSR that is located at the edge of the domain is call ed edge LSR (LER, Lab eled Edge Router). It co nnects an MPL[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-6 35.3.3 Establishing LSP Actually , the establishment of LSP refers to the process of binding FEC with the label, and then advertising this binding to the adjacent LSR on LSP . This process is implemented through LDP , which regulates the me ssage in interacti ve processing an[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-7 received the returned label map message fr om it s downstream LSR. Usually , the upstream LS R select s the downstream LSR acco rding to the information in it s routing table. In Figure 35 -4, LSRs on the way along LSP1 use the sequential label control mode, and the LSR F on [...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-8 As shown in Figure 35-5, LSP <R2 R21 R22 R3> is a tunnel betwe en R2 and R3. II. Multi-layer label stack In MPLS, a packet may carry multiple labels wh ich are in the form of st ack. Operations to the stack f ollow the “last in first out” princi ple and it is al way[...]

3Com Switch 8800 Configurati on Gu id e Chapter 35 MPLS Architecture 35-9 there are obvious advanta ges to implement VPN by MPLS. MPLS VPN connect s the geographicall y different branche s of private network by using LSP , forming a united network. MPLS VPN also support s the interconnection betwee n dif ferent VPNs. P ri v ate ne tw ork br anc h 2[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-1 Chapter 36 MPLS Basic Capability Configuration 36.1 MPLS Basic Capability Overview Basic MPLS forwarding fu nctions includ es LDP session e stablishment an d LSP path maintenance . The typical configuration procedure for enabling basic MPLS function s on a ro[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-2 Table 36-1 Define MPLS LSR ID Operation Command Define LSR ID mpls lsr-id ip-ad dress Delete LSR ID undo mpls lsr-id By default, LSR ID is not defined. 36.2.2 Enabling MPLS and Entering MPLS View In system view , you can first enable MPLS globally and enter M[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-3 be the ingress node, an in termediate node (also called transit no de), or the egress node. Note that an LSP operates normally only af ter all the LSRs along the LSP have been properly configure d. The undo st atic-lsp command is used to delete a specified LS[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-4 Table 36-5 Enable/disa bl e LDP view Operation Command Enable LDP proto col mpls ld p Disable LDP undo mpls ld p By default, LDP is di sabl ed. 36.3.2 Enabling LDP on VLAN interface T o make the VLAN interface support LDP , you must enabl e LDP function on vi[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-5 There is no default remote-peer . II. Configuring an address for the remote-peer Y ou can spec ify the address of any LDP-enable d interface on the remote-peer o r the address of the loopback i nterface on the LSR that has advertised the route as the address [...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-6 Table 36-9 Configure ba sic session hold-time Operation Command Configure session hol d-ti me mpls ld p timer { session-hold session - hold time | hello hello - holdtime } Return to the default value undo mpls ld p timer { session-hold | hello } By default, t[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-7 36.3.5 Configuring LDP Loop Detection Control I. Enabling loop detection It is used to enable or di sable the loop detection function during LDP signaling p rocess. The loop detection includes maximum hop cou nt mode and path vector mode. The maximum hop coun[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-8 III. Setting the maximum hop count in path vector mode When path vector mode i s adopted for loop detection, it is also necessary to specif y the maximum value of LSP path. In this way , when one of the followi ng conditions is met, it is considered that a lo[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-9 Table 36-16 Display the static LSP information Operation Co mmand Display the static LSP information display mpls st atic-lsp [ include text | verbose ] II. Displaying MPLS-enabled interfaces After accomplishin g the configuration t asks mentioned previously [...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-10 V. Trapping MPLS This command is use d to enable the trap function of MPLS duri ng an LSP/LDP setup process . Perform the following configuration in sy stem view . Table 36-20 Enable the trap function of MPLS Operation Command Enable the LDP trap fun ction o[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-11 II. LDP debugging commands Execute debugging command in us er view for the debugging of various messages related to LDP Table 36-22 Enable/disabl e debugging for MPLS LDP Operation Co mmand Enable debugging for MPLS LDP debugging mpls ldp { all | main | adve[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-12 II. Network diagram Switch A SwitchB SwitchC SwitchD VLAN 20 1 168.1.1. 1 VLAN2 01 168. 1.1.2 VL AN2 03 172. 17. 1.1 VLAN2 03 172. 17. 1.2 VLAN2 02 100. 10. 1.2 VLAN2 02 100. 10. 1.1 Switch A SwitchB SwitchC SwitchD VLAN 20 1 168.1.1. 1 VLAN2 01 168. 1.1.2 V[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-13 [SW8800] mpls [SW8800-mpls] quit [SW8800] mpls ldp Configure IP addre ss and enable MPLS and LDP for VLAN interface 201. [SW8800] vlan 201 [SW8800-vlan201] port gigabitethernet 2/1/1 [SW8800-vlan201] quit [SW8800] interface Vlan-Interface 201 [SW8800-Vlan-in[...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-14 Configure LSR ID and enable MPLS and LDP . [SW8800] mpls lsr-id 100.10.1.1 [SW8800] mpls [SW8800-mpls] quit [SW8800] mpls ldp Configure IP addre ss and enable LDP and MPLS for VLAN interface 202. [SW8800] vlan 202 [SW8800-vlan202] port gigabitethernet 2/1/1 [...]

3Com Switch 8800 Configurati on Guide Chapter 36 MPLS Basic Capability Configur ation 36-15 36.6 Troubleshooting MPLS Configuration Symptom: Session cannot be setup with the pee r after LDP is enabled on the interface. T roubleshooti ng: Cause 1: Loop detection configuration i s dif ferent at the two ends. Solution: Check loop detection configur at[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-1 Chapter 37 BGP/MPLS VPN Configuration 37.1 BGP/MPLS VPN Overview T raditional VPN, for which layer 2 tunneling protocol s (L2TP , L2F and PPTP , and so on.) or layer 3 tunnel technology (IPSec, GRE and so on. ) is adopted, is a great succe ss and is therefore widely u[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-2 37.1.1 BGP/MPLS VPN Model I. BGP/MPLS VPN model site 1 CE site 2 CE VPN1 site 3 CE VPN2 site 1 VPN1 site 2 VPN 2 CE PE P PE P P PE PE site 1 VPN1 site 2 VPN 2 CE PE P PE P P PE PE site 1 CE site 2 CE VPN1 site 3 CE VPN2 site 1 VPN1 CE site 2 VPN 2 CE PE P PE P P PE PE[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-3 VPNs. These disadvant ages not only increa se the network operating cost, but also bring relevant management and se curity issues. The nested VPN is a better solutio n. Its main idea is t o transfer VPNv4 ro ute between PE and CE of common BGP MPLS/VPN such t hat user[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-4 compatibility: It not only suppo rts traditional IPv4 address family , but also supports other address families, for example, VPN- IPv4 address family . MP -BGP ensures that VPN private routes are only advertised wi thin VPNs, as well as implementing communication bet[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-5 RD IPv4 addr es s ... ERT1 ERT2 ... ERTn ERT: Ex por t Rout e Target s Impor t Route Tar gets : ( IRT1, IRT 2, ... ,IRTm ) MPLS VPN Route Figure 37-3 Route filterin g throu gh matching VPN Target attribute  Note: The routes for other VPNs will not appear in the VPN[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-6 LSPs must be set up between PEs for VPN dat a traf fic forwarding with MPLS LSP . The PE router which receives p acket s from CE and create label protocol st ack is calle d ingress LSR, while the BGP next hop (egress PE router) is egre ss LSR. Using LDP to create full[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-7 3) Each P router on LSP forwards MPLS pac kets using exterior-l ayer label to the penultimate-hop router, namely the P router b efore PE2. The penultimate-hop router extracts the exterior-layer and sends MPLS packet to PE2. 4) PE2 looks up in the MPLS forwarding table[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-8 As shown in Figure 37-5, the PEs directly conne cted with user device s are call e d UPE (underlayer PE or user-end PE); the devices in the core network connected with the UPEs are called SPE (superstratum PE or service-provider-end PE). Hierarchical PEs have the same[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-9 interface, routing t able, and sends VPN r outing information over MPLS network using BGP/OSPF interaction. If supporting OSPF multi-insta nce, one rout er can run multiple OSPF procedures, which can be boun d to diffe rent VPN inst ances. In practice, you can create [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-10 compromised method b rings additional config uration burden and ha s limitation in actual use. T o resolve this problem, the idea of multi-role host is generated. S pecifically to say , this idea is to diff erentiate the accesses to di ff erent VPNs through configuri[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-11 I. Creating static route If you select static route mode for CE-P E r oute switching, you should then configure a private static route p ointing to PE on CE. Perform the following configur ation in th e system view . Table 37-1 Create/delete a static ro ute in VPN in[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-12 37.2.2 Configur ing PE Router I. Configuring basic MPLS capability It includes configuring MPLS LSR ID, enabl e MPLS globally and enable MPLS in the correspondi n g VLAN interface view . See MPLS Basic Capa city Configure for details. II. Defining BGP/MPLS VPN site 1[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-13 3) Configure vpn-instance description Perform the following configuration in vpn-in stance view Table 37-5 Configure vpn-instan ce description Operation Command Configure vpn-insta nce description description vpn - inst ance - description Delete vpn-instance descript[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-14 By default, the value is both . In general all sites in a VPN can be interconnecte d, and the import-extcommunity and export-ext communi ty attributes are the same, so you can execute the command only with the both option. Up to 16 vpn-t arget s can be configured wit[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-15 Table 37-8 Configure ba sic A CL Operation Command Configure basic ACL acl { number acl - number | name acl - name basic } [ match-order { config | auto } ] Delete basic ACL undo acl { number acl - number | name acl - name | all } z Defines subrules for the b asic AC[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-16 z Both VLAN ID and IP address-based packet re dire ction. Perform the following configurati on in th e Ethernet po rt view . Table 37-12 Configure packet redi rection at the Ethernet port on the B card Operation Command Configure pa cket redirection to the specific p[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-17 Y ou can configure a st atic route pointing to CE on PE for it to learn VPN routing information from CE. Perform the following configur ation in th e system view . Table 37-14 Configure static route in vp n-instance routing table Operation Command Create a specific v[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-18 routes should also be im ported into OSPF . Here only introduces OSPF multi-in stance configuration in detail. First step: Configure OSPF procedure. Perform the following configur ation in th e system view . Table 37-16 Configure OSPF procedure Operation Command Conf[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-19 Caution: The configured value will not t ake ef fect unit the command reset osp f is executed. S tep 3: Configure tag for imported VPN route (o ptional) If a VPN site links to multiple PEs, routing ring may prese nt when the routes learned by MPLS/BGP are received by[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-20 Table 37-19 Configure sham link Operation Command Configure sham link sham-link sour ce - addr destination - addr [ cost co st - valu e ] [ simple password | md5 keyid key ] [ dead seconds ] [ hello seconds ] [ retransimit seconds ] [ trans -delay seconds ] Delete a [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-21 By default, BGP neighbor is active while MBGP neighbor is inactive. Y ou should activate MBGP neighb or in VPNv4 sub-addre ss famil y view . Perform the following configuration in VPNv4 sub-address family view . Table 37-22 Activate/deactivate peer (grou p) Operation[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-22 In the case of standard BGP , BGP tests routing loop via AS number to avoid generating routing loop. In the case of Hub&S poke networking, however , PE carries the AS number of the local autonomous system when advertising the routing information to CE, if EBGP is[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-23 Table 37-26 Permit BGP session over any operable TCP interfa ce Operation Command Permit BGP se ssion over any operable TCP interfa ce peer { peer - address | group - name } connect-interface { interface - type interface_num } Use the best local address for TCP conne[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-24 Table 37-29 Enable/disabl e IBGP peer group Operation Command Enable a peer group peer group - name enable Disable a specific peer gro up undo peer group - name enable S tep 4: Configure the local address as the next hop in route advertisement (opti onal ) Since the [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-25 Operation Command Remove to advertise default route to the peer (group) undo peer { peer - address | group - name } default-route-adv ertise [ vpn-inst ance vpn - inst ancename ] S tep 7: Configure BGP neighbo r a s the UPE of BGP/MPLS VPN This command is only used f[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-26 II. Displaying IP routing ta ble associated with vpn-instance After the above configurat ion, you ca n execute display command in any view to display the corresponding information i n the IP routing t ables related to vpn-instance, and to verify the effect of the con[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-27 V. Displaying MPLS l3vpn-lsp information Table 37-38 Display MPLS l3vpn-lsp information Operation Command Display MPLS l3vpn LSP information display mpls l3vpn-lsp [ verbose ] include text Display MPLS l3vpn LSP vpn-instance information display mpls l3vpn-lsp [ vpn-i[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-28 II. Network diagram AS 65430 AS 65410 AS 65430 AS 65440 VPN - B CE4 PE1 RD(1 00: 1) P VPN - A CE3 VLAN2 01 168. 3.1.1/ 16 168. 3.1.2/1 6 AS 65420 VPN - B CE2 VPN - A CE1 VLAN 20 1 168. 1.1.1/ 16 VLAN2 02 168. 1. 1.2/1 6 VLAN3 01 VLAN2 01 172. 1.1.1/ 16 VLAN2 01 172. [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-29  Note: The configuration on the other three CE switches (CE2 to CE4) is si milar to that on CE1, the details are omitted here. 2) Configure PE1 Configure vpn-inst ance for VPN-A on PE1, as well as other associated attrib utes to control advertisement of VPN routin[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-30 [PE1] mpls lsr-id 202.100.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1] vlan 201 [PE1-vlan201] port gigabitethernet 2/1/1 [PE1-vlan201] quit [PE1] interface Vlan-interface 201 [PE1-Vlan-interface201] ip address 172.1.1.1 255.255.0.0 [PE1-Vlan-interface201] mpls[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-31 [P-LoopBack 0] quit [P] vlan 301 [P-vlan301] port gigabitethernet 3/1/1 [P-vlan301] quit [P] interface Vlan-interface 301 [P-Vlan-interface301] ip address 172.1.1.2 255.255.0.0 [P-Vlan-interface301] mpls [P-Vlan-interface301] mpls ldp enable [P-Vlan-interface301] qui[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-32 [P-ospf-1] import-route direct 4) Configure PE3  Note: The configuration on PE3 is si milar to that on PE1, you should p a y more attention to VPN routing attribute setting on PE3 to get information about how to cont rol advertisement of a same VPN routin g inform[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-33 [PE3] mpls lsr-id 202.100.1.3 [PE3] mpls [PE3-mpls] quit [PE3] mpls ldp [PE3] vlan 201 [PE3-vlan201] interface gigabitethernet 2/1/1 [PE3-vlan201] quit [PE3] interface Vlan-interface 201 [PE3-Vlan-interface201] ip address 172.3.1.1 255.255.0.0 [PE3-Vlan-interface201][...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-34 z Two Switch 8800s se rve as PE devices, wh ich supp ort MPLS feature. CE-1 and CE-2 are two mid-range switche s; a Layer 2 switch serves as both CE-3 and CE-4, which is accessed dire ctly with users. z Two PEs are configured with the same interface ca rds: Slot 2 ho[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-35  Note: The configuration on VPN-B is simil ar to t hat on VPN-A and only VPN-A configuration is detailed he re. [PE1] ip vpn-instance vpna [PE1-vpn-vpna] route-distinguisher 100:1 [PE1-vpn-vpna] vpn-target 100:1 both [PE1-vpn-vpna] quit Bind the VLAN interface con[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-36 Globally enable MPLS. [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1] mpls ldp Configure the public network interface a nd ena ble MPLS on it. [PE1] interface loopback0 [PE1-LoopBack0] ip address 1.1.1.9 255.255.255.255 [PE1-LoopBack0] quit [PE1] vlan 100 [PE1-vlan100] po[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-37  Note: The configuration on VPN-B is simil ar to t hat on VPN-A and only VPN-A configuration is detailed he re. [PE2] ip vpn-instance vpna [PE2-vpn-vpna] route-distinguisher 100:1 [PE2-vpn-vpna] vpn-target 100:1 both [PE2-vpn-vpna] quit Configure the VLAN interfac[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-38 [PE2-bgp-af-vpn] peer 2 enable [PE2-bgp-af-vpn] peer 1.1.1.9 group 2 Globally enable MPLS. [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls [PE2] mpls ldp Configure the public network interface a nd ena ble MPLS on it. [PE2] interface loopback0 [PE2-LoopBack0] ip address 2.2.2.9[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-39  Note: Cautions and configuration limit ations in hybrid networking: z For a trunk port on th e common interfa ce ca rd, you can configure to redi rect MPLS VPN of multiple VLANs to the same destination port. z In a VLAN you can configure only one source port to r[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-40 37.4.3 Extranet C onfiguration Example I. Network requirements Company A and Company B are located at City A and City B respectively . Their headquarters is located at City C. T hey respectively own VPN1 and VPN2. In this case, VPN function is provided by MPLS. There[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-41 III. Configuration procedure  Note: This configuration procedure ha s omit ted configurations bet ween PE and P , and configurations on CEs. For these det a ils refer to the former example. 1) Configure PE-A: Configure VPN-inst ance 1 for VPN1 on PE-A, so that it [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-42 [PE-A-mpls] quit [PE-A] mpls ldp Set up MP-IBGP adjace ncy between PEs to exchange i nter-PE VPN routing information and activate MP-IBGP peer in VPNv4 sub-address family view . [PE-A] bgp 100 [PE-A-bgp] group 20 internal [PE-A-bgp] peer 20.1.1.1 group 20 [PE-A-bgp] [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-43 [PE-C-LoopBack0] ip address 20.1.1.1 255.255.255.255 [PE-C-LoopBack0] quit Configure MPLS basic capacity . [PE-C] mpls lsr-id 20.1.1.1 [PE-C] mpls [PE-C-mpls] quit [PE-C] mpls ldp Set up MP-IBGP adjace ncy between PEs to exchange i nter-PE VPN routing information and[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-44 [PE-B] vlan 301 [PE-B-vlan301] port gigabitethernet 3/1/1 [PE-B-vlan301] quit [PE-B] interface Vlan-interface 301 [PE-B-Vlan-interface301] ip binding vpn-instance vpn-instance3 [PE-B-Vlan-interface301] ip address 172.17.0.1 255.255.0.0 [PE-B-Vlan-interface301] quit C[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-45 z Set up IBGP adjacency between PE1 and PE2 o r PE1 and PE3, but not between PE2 and PE3, that is, VPN routing inform ation cannot be exchanged between PE2 and PE3. z Create two VPN-instances on PE1, import VPN routes of VPN-target 100:11 and 100:12, set VPN-target f[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-46 II. Network diagram Interne t CE1 PE1 CE2 PE2 PE3 20.1.1 .2 CE3 Hub Site Spoke Site Spoke Site VLAN 20 1 172. 18.0.1/1 6 VLAN2 01 172. 16. 0.1/1 6 VLAN2 02 172. 17. 0.1/1 6 VLAN2 01 172. 15. 0.1/1 6 Loopback0 22.1.1 .1/32 Loopba ck0 33.1.1 .1/32 Loopback0 11.1.1 .1/3[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-47 [PE1] bgp 100 [PE1-bgp] ipv4-family vpn-instance vpn-instance2 [PE1-bgp-af-vpn-instance] import-route static [PE1-bgp-af-vpn-instance] import-route direct [PE1-bgp-af-vpn-instance] group 17216 external [PE1-bgp-af-vpn-instance] peer 172.16.1.1 group 17216 as-number 6[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-48 [PE1-bgp] peer 22.1.1.1 group 22 as-number 100 [PE1-bgp] peer 22.1.1.1 connect-interface loopback 0 [PE1-bgp] group 33 [PE1-bgp] peer 33.1.1.1 group 33 as-number 100 [PE1-bgp] peer 33.1.1.1 connect-interface loopback 0 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpn] pee[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-49 [PE2-LoopBack0] quit Set up MP-IBGP adja cency between PE2 and PE1 to exchange inter-PE VPN routin g information and activate MP-IBGP peer in VPNv4 sub-address family view . [PE2] bgp 100 [PE2] group 11 [PE2-bgp] peer 11.1.1.1 group 11 as-number 100 [PE2-bgp] peer 11[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-50 [PE3] interface loopback 0 [PE3-LoopBack0] ip address 33.1.1.1 255.255.255.255 [PE3-LoopBack0] quit Set up MP-IBGP adja cency between PE3 and PE1 to exchange inter-PE VPN routin g information and activate MP-IBGP peer in VPNv4 sub-address family view . [PE3] bgp 100 [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-51 II. Network diagram AS:100 CE1 PE1 CE2 PE2 PE3 Loopback0 1.1.1. 1/32 Loopback0 2.2.2. 2/32 Loopback0 3.3.3. 3/32 VLAN2 11 172. 11. 11.2/ 24 VLAN2 11 172. 11. 11.1/ 24 VLAN2 12 172. 21. 21.2/ 24 VLAN2 12 172. 21. 21.1/ 24 AS: 65002 AS: 65001 172. 12. 12.1/ 24 VLAN2 12[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-52 [PE1-vpn-vpn-instance1.2] quit Set up MP-EBGP adjacency between PE1 and CE1, import intra-CE1 VPN routes learned into VPN-insta nce 1.1. [PE1] bgp 100 [PE1-bgp] ipv4-family vpn-instance vpn-instance1.1 [PE1-bgp-af-vpn-instance] import-route direct [PE1-bgp-af-vpn-ins[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-53 Configure MPLS basic cap acity , enable LD P on the in terface conne cting PE1 and PE2 and the interface connecting PE1 and PE3. [PE1] mpls lsr-id 1.1.1.1 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1] vlan 213 [PE1-vlan213] port gigabitethernet 2/1/3 [PE1-vlan213] [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-54 [PE1-bgp] peer 3.3.3.3 group 3 [PE1-bgp] peer 3.3.3.3 connect-interface loopback 0 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpn] peer 2 enable [PE1-bgp-af-vpn] peer 2.2.2.2 group 2 [PE1-bgp-af-vpn] peer 3 enable [PE1-bgp-af-vpn] peer 3.3.3.3 group 3 [PE1-bgp-af-vpn] q[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-55 [PE2-bgp-af-vpn-instance] peer 172.22.22.2 group 17222 as-number 65002 [PE2-bgp-af-vpn] quit [PE2-bgp] quit Bind the interface connecting PE2 and CE 1 to VPN-instance 2.1 and the inte rface connecting PE2 and CE2 t o VPN-in st ance 2.2. [PE2] vlan 212 [PE2-vlan212] p[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-56 [PE3-bgp-af-vpn-instance] import-route direct [PE3-bgp-af-vpn-instance] import-route static [PE3-bgp-af-vpn-instance] group 192 external [PE3-bgp-af-vpn-instance] peer 192.168.13.2 group 192 as-number 65003 [PE3-bgp-af-vpn-instance] quit [PE3-bgp] quit Set up MP-EBGP[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-57 II. Network diagram P1 VLAN205 10.1.1.2/24 20.1.1.1/24 CE1 CE2 172.12.12.2/24 PC1 PC2 CE4 PC4 CE3 172.21.21.2/24 PC3 192.168.11.10 192.168.21.10 192.168.12.1 0 192.168.22.10 172.21.21.1/24 172.11.11.1/24 10.1.1.1/24 20.1.1.2/24 172.12.12.1/24 172.22.22.1/24 98.98.98.[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-58 [PE1] vlan 205 [PE1-vlan205] port gigabitethernet 2/2/1 [PE1-vlan205] quit [PE1] interface Vlan-interface 205 [PE1-Vlan-interface205] mpls [PE1-Vlan-interface205] mpls ldp enable [PE1-Vlan-interface205] ip address 10.1.1.2 255.255.255.0 Bind the VLAN interface with t[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-59 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp Configure the VLAN interface connecting CE. [PE2] vlan 203 [PE2-vlan203] port gigabitethernet 2/1/1 [PE2-vlan203] quit [PE2] vlan 204 [PE2-vlan204] port gigabitethernet 2/1/2 [PE2-vlan204] quit Configure loopback interfa ce. [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-60 [PE2-bgp-af-vpn-instance] import-route direct [PE2-bgp-af-vpn-instance] group 172-12 external [PE2-bgp-af-vpn-instance] peer 172.12.12.2 group 172-12 as-number 65012 [PE2-bgp] ipv4-family vpn-instance vpnb [PE2-bgp-af-vpn-instance] import-route direct [PE2-bgp-af-vpn[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-61 [P1-Vlan-interface206] mpls ldp enable [P1-Vlan-interface206] ip address 98.98.98.1 255.255.255.0 [P1-Vlan-interface206] quit Configure IBGP neigh bors and EBGP neighb ors. [P1] bgp 100 [P1-bgp] group 1 internal [P1-bgp] peer 1.1.1.1 group 1 [P1-bgp] peer 1.1.1.1 con[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-62 III. Configuration procedure z Configuring OSPF on the MPLS backb one net work z Configuring basic MPLS ca pability on the MPLS backbone network z Configuring a VPN instance on PEs. z Configuring MP-BGP 1) Configure OSPF as the IGP protocol on the MPLS backbone n etw[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-63 [PE2] interface pos1/1/0 [PE2-Pos1/1/0] ip address 162.1.1.2 255.255.0.0 [PE2-Pos1/1/0] quit [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 162.1.0.0 0.0.255.255 [PE2-ospf-1-area-0.0.0.0] network 202.200.1.2 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] quit [P[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-64 [PE1-Pos1/1/0] mpls ldp [PE1-Pos1/1/0] quit Configure basic MPLS capa bility on ASBR-PE1, enable LDP on the interface connected to PE1, and enable MPLS on t he interface connected to ASBR-PE2. [ASBR-PE1] mpls lsr-id 172.1.1.1 [ASBR-PE1-mpls] lsp-trigger all [ASBR-PE1[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-65 3) Create a VPN instance on each PE, and bind the instance to the interface connected to the corresp onding CE. Configure CE1 [CE1] interface ethernet 1 [CE1-Ethernet1] ip address 168.1.1.2 255.255.0.0 [CE1-Ethernet1] quit Create a VPN instan ce on PE1 and bind it to[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-66  Note: z Enable the exchanging of label-carrie d IPv4 route between the following routers: PE1 and ASBR-PE1, PE2 and ASBR-P E2, ASBR-PE1 and ASBR-PE2. z Make each ASBR-PE change the next hop to it s own when it advertises routes to the PE in the same AS. z Configu[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-67 [ASBR-PE1-acl-basic-2001] quit [ASBR-PE1] route-policy rtp-ebgp permit node 1 [ASBR-PE1-route-policy] if-match acl 2001 [ASBR-PE1-route-policy] apply mpls-label [ASBR-PE1-route-policy] quit [ASBR-PE1] route-policy rtp-ibgp permit node 10 [ASBR-PE1-route-policy] if-ma[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-68 [PE2-bgp] group 30 external [PE2-bgp] peer 30 ebgp-max-hop [PE2-bgp] peer 202.100.1.2 group 30 as-number 100 [PE2-bgp] peer 202.100.1.2 connect-interface loopback0 [PE2-bgp] ipv4-family vpnv4 [PE2-bgp-af-vpn] peer 30 enable [PE2-bgp-af-vpn] peer 202.100.1.2 group 30 [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-69 networks at the city level into a single MPLS VPN will impose a high requirement in performance on the equipment on the entire ne twork, in the event that the network topology size is large. Howeve r , the requirement in equipme nt performance can become lower if thi[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-70 [SPE] mpls ldp Configure VPN-inst ance [SPE] ip vpn-instance vpn1 [SPE-vpn-vpn1] route-distinguisher 100:1 [SPE-vpn-vpn1] vpn-target 100:1 both Configure interfaces (So far as a PE router concerned, its LOOPBACK 0 interface must be assigned with a host address of 32-[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-71 Configure the basic MPLS capability . [UPE] mpls lsr-id 1.0.0.1 [UPE] mpls [UPE-mpls] quit [UPE] mpls ldp Configure VPN-inst ance [UPE] ip vpn-instance vpn1 [UPE-vpn-vpn1] route-distinguisher 100:1 [UPE-vpn-vpn1] vpn-target 100:1 both Configure interfaces [UPE] vlan [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-72 37.4.9 OSPF Multi-instance sh am link Configuration Example I. Network requirements As shown in the following picture, a comp any connect s to a W AN through OSPF multi-instance function of a router . OSPF is bind to VPN1.MPLS VPN backbone runs between PEs and OSPF r[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-73 [PE1] vlan 203 [PE1-vlan203] port gigabitethernet 2/1/3 [PE1-vlan203] quit [PE1] interface Vlan-interface 203 [PE1-Vlan-interface203] ip address 168.1.12.1 255.255.255.0 [PE1-Vlan-interface203] mpls [PE1-Vlan-interface203] mpls ldp enable [PE1-Vlan-interface203] quit[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-74 [PE1-bgp-af-vpn-instance] import-route ospf-ase 100 [PE1-bgp-af-vpn-instance] import-route ospf-nssa 100 [PE1-bgp-af-vpn-instance] import-route direct [PE1-bgp-af-vpn-instance] undo synchronization Create and activate peer in MBGP . [PE1-bgp-af-vpn] ipv4-family vpnv4[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-75 [PE2-Vlan-interface203] mpls ldp enable [PE2-Vlan-interface203] quit [PE2] vlan 201 [PE2-vlan201] port gigabitethernet 2/1/1 [PE2-vlan201] quit [PE2] interface Vlan-interface 201 [PE2-Vlan-interface201] ip binding vpn-instance vpn1 [PE2-Vlan-interface201] ip address [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-76 [PE2-bgp-af-vpn] peer fc enable [PE2-bgp-af-vpn] peer fc advertise-community [PE2-bgp-af-vpn] peer 50.1.1.1 group fc Configure OSPF and import BGP and direct-connect route. [PE2] ospf 100 router-id 2.2.2.2 vpn-instance vpn1 [PE2-ospf-100] import-route bgp [PE2-ospf-1[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-77 [CE1-ospf-100-area-0.0.0.0] network 12.1.1.0 0.0.0.255 4) Configure CE2 Configure interface. [CE2] vlan 202 [CE2-vlan202] port gigabitethernet 2/1/2 [CE2-vlan202] quit [CE2] interface Vlan-interface 202 [CE2-Vlan-interface202] ip address 12.1.1.2 255.255.255.0 [CE2-V[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-78 II. Network diagram VP N 3 VP N 2 VP N 1 A S 50002 VP N 1 A S 50001 prov _pe1 5. 5. 5. 5 cus t _ pe1 6. 6. 6. 6 CE1 CE 2 CE3 CE 4 VP N 2 VP N 1 A S 50003 CE 5 VP N 3 CE 6 CE7 cu s t _ p e 2 7. 7. 7. 7 prov _pe2 4. 4. 4. 4 Pos1 /1/0: 1 0 .1 .1 .1 /8 P o s 1 /1 /0 : 1 [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-79 [prov_pe1-ospf-area-0.0.0.0] network 10.0.0.0 0.255.255.255 Configure prov_pe2 <SW8800> system-view [SW8800] sysname prov_pe2 [prov_pe2] interface LoopBack0 [prov_pe2-LoopBack0] ip address 4.4.4.4 255.255.255.255 [prov_pe2-LoopBack0] quit [prov_pe2] interface p[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-80 [prov_pe1-bgp] quit Configure prov_pe2 [prov_pe2] bgp 100 [prov_pe2-bgp] group ibgp internal [prov_pe2-bgp] peer 5.5.5.5 group ibgp [prov_pe2-bgp] peer 5.5.5.5 connect-interface LoopBack0 [prov_pe2-bgp] ipv4-family vpnv4 [prov_pe2-bgp-af-vpn] peer ibgp enable [prov_p[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-81 [prov_pe2-Pos3/1/0] ip binding vpn-instance customer_vpn [prov_pe2-Pos3/1/0] link-protocol ppp [prov_pe2-Pos3/1/0] ip address 2.1.1.2 255.0.0.0 [prov_pe2-Pos3/1/0] mpls [prov_pe2-Pos3/1/0] quit Configure cust_pe1 <SW8800> system-view [SW8800] sysname cust_pe1 [[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-82 [prov_pe1-bgp-af-vpn] peer ebgp vpn-instance customer_vpn enable [prov_pe1-bgp-af-vpn] peer 1.1.1.1 vpn-instance customer_vpn group ebgp [prov_pe1-bgp-af-vpn] peer 1.1.1.1 vpn-instance customer_vpn route-policy comm import [prov_pe1-bgp-af-vpn] quit Configure prov_pe[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-83 4) On each Customer PE, conf igure the su b-VPN that accesses the netwo rk through the Customer PE. Configure cust_pe1 [cust_pe1] ip vpn-instance vpn1 [cust_pe1-vpn-instance] route-distinguisher 1:1 [cust_pe1-vpn-instance] vpn-target 1:1 [cust_pe1-vpn-instance] quit [...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-84 II. Network diagram M P LS N et w or k PE v pn2 v pn1 Multi -VP N-I nsta nc e C E ospf 100 vpn1 ospf 300 vpn2 VLAN 201 10.1.1.2/24 VLAN 204 20.2.1.2/24 VLAN202 10.2.1.2/24 VLAN203 20.1.1.2/24 M P LS N et w or k PE v pn2 v pn1 Multi -VP N-I nsta nc e C E ospf 100 vpn1[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-85 [CE] vlan 203 [CE-vlan203] port gigabitethernet 2/1/3 [CE-vlan203] quit [CE] interface Vlan-interface 203 [CE-Vlan-interface203] ip binding vpn-instance vpn2 [CE-Vlan-interface203] ip address 20.1.1.2 255.255.255.0 Configure VLAN204 [CE] vlan 204 [CE-vlan204] port gi[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-86 II. Network diagram PC 2 172.16.0.1/16 192.168.1.1/24 192 .168 .1.2 /24 E ther net2/1/0 20.1.1.2/24 E the r net 2/1/ 0 172.16.0.2/16 E ther net1/1/0 20.1 .1.1 /24 CE 2 PE 1 PE 2 PC 3 172.19.0.1/16 E the r net 2/1/ 0 172.19.0.2/ E ther net1/1/0 20.3 .1.1 /24 CE 3 E th[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-87 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] interface Ethernet1/1/0 [PE2-Ethernet1/1/0] ip address 192.168.1.2 24 [PE2-Ethernet1/1/0] quit [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 192.168.1.0 0.0.0.255 [PE2-ospf-1-area-0.0[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-88 [PE2] mpls lsr-id 2.2.2.9 [PE2-mpls] lsp-trigger all [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface Ethernet1/1/0 [PE2-Ethernet1/1/0] mpls [PE2-Ethernet1/1/0] mpls ldp [PE2-Ethernet1/1/0] quit Create a VPN instan ce fo r VPN1 on PE 2, and bind Eth[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-89 [CE3-Ethernet1/1/0] quit [CE3] bgp 65430 [CE3-bgp] import-route direct [CE3-bgp] group 10 external [CE3-bgp] peer 20.3.1.2 group 10 as-number 100 [CE3-bgp] quit Configure PE1: set up IBGP peer relation wi th PE2 in BGP-VPNv4 sub-a ddress family view; set up EBGP peer[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-90 [PE2-bgp] quit Configure multi-role host feature. Configure a default route pointing to PE1 on CE2. [CE2] ip route-static 0.0.0.0 0.0.0.0 20.1.1.2 If routing protocol is used between CE2 and PE1, to avoid routing loop, disable PE1 from advertising any route to CE2. I[...]

3Com Switch 8800 Configurati on Guide C hapter 37 BGP/MPLS VPN Configuration 37-91 III. Symptom 3 In Hub&S poke networking mode, spoke PE cann ot lea rn the private networking route of Hub PE. Solution: z Check whether the LSP tunnel i s established using the displ ay mpls lsp command. z Check whether the BGP a djacent is established correctly.[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-1 Chapter 38 MSTP Region-configuration 38.1 Introduction to MSTP MSTP st ands for Multiple S panning T ree Protocol, which is comp atible with S p anning T ree Protocol (STP) and Rapid S panning T ree Protocol (RSTP). STP is not fast in st ate transition. Even on a point[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-2 C A B BPDU BPDU BPDU CIST : com mon a nd internal s panning tree MSTI: m ulti pl e s panning tree insta nce CST : common spanning tree Area A0 VLAN 1 m a pped to Ins t ance 1 VLAN 2 m a pped to Ins t ance 2 Other VLA Ns mapped t o CIST D Area B0 VLAN 1 m apped to I ns [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-3 IV. CST Common S panning T ree (CST): a LAN has only one CST . CST connect s the spanning trees of all MST region s. Regard ever y MST region as a “switch”, and the CST is generated by the computing of “switches” th rough STP/RSTP . For example, the red line in[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-4 z Master port is the port connecting t he entire region to the Com mon Root Bridge and located on the shortest path betwee n them. z An alternate port is a backup of the mat e r port, and al so a backup port of a root port in the region. As a backup of the mater port, [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-5 Figure 38-3 BPDU packet format Figure 38-4 MSTI information format of the last pa rt in BPDU pa ckets Besides field root bridge pri ority , root p ath cost, local bridge priority and port priority , the field flags which takes o ne byte in an instance is al so used for[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-6 7 6 5 4 3 2 1 0 Tc P roposal Lear ning For war di ng Ag r e em e nt Tc A c k 7 6 5 4 3 2 1 0 Tc P roposal Lear ning For war di ng Ag r e em e nt Tc A c k Figure 38-5 Meaning of 1-byte Flags in BPDU pa ckets The second and third bit s together indi cate MSTP port role. [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-7 Switch A Switch C Switch B CP2 BP2 CP1 BP1 AP2 AP1 LAN Figure 38-6 Design ated b ridge and designated port For a switch, the desi gnated bridge i s a swit ch in charge of forwarding BPDU to the local switch via a port called the designated port accordingly . For a LAN,[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-8 priorities of Switch A, B and C are 0, 1 a nd 2 and the path cost s of their links are 5, 10 and 4 respectively . 1) Initial state When initialized, each po rt of the switch es g enerates the configuration BPDU t aking itself as the root with a root p ath cost as 0, de[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-9 BPDU for every port: substituting the root ID with the root ID in the configuration BPDU of the root port, the cost of path to root wi th the value made by the root path cost plus the path cost corresponding to the root por t, the design ated bridge ID with the local s[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-10 CP2 receives from the BP2 of Switch B the configu ration BPDU { 1, 0, 1, BP2} that has not been updated and then the updating process is lau nched. The configuration BPDU is updated as {1, 0, 1, BP2}. CP1 receives the configuration BPDU {0, 0, 0, AP2} from Switch A an[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-11 configuration BPDUs besides t he first four items will make modifications according to certain rule s. The basic calculat ion process is descri b ed below: In addition, with identical priority , the path cost of an aggregation port is smaller than that of a non-aggreg[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-12 38.2 Configuring MSTP MSTP config uratio n includes: z Configuring the MST Regi on for a Switch z Specifying the Switch as a Primary or a Seconda ry Root bridge z Configuring the MSTP Running M ode z Configuring the Bridge Priority for a Swi tch z Configuring the Max [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-13 Setting the Timeout Factor of a Specific Bridge z Configuring the Max Transmission Spee d on a Port z Configuring a Port as an E dge Port o r Non-edge Port z Configuring the Path Cost of a Port z STP Path Cost Calculation Standards on STP port z Configuring the Priori[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-14 Table 38-1 Enter MST region view Operation Command Enter MST region view (from system view) stp region-configura tion Restore the default settings of MST region undo stp region-configuration II. Configuring parameters for the MST region Perform the following configura[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-15 III. Activating the MST region configuration,and exit the MST re gion view Perform the following configuration in M S T region view . Table 38-3 Activate the MST region configuration and exit the MST regio n view Operation Command Show the configuration information of[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-16 If the primary root is down or powered of f, the seco ndary root will t a ke it s place, unless you configure a new primary root. Of two or more configured secondary root bridge s, MSTP sele cts the one with the smallest MA C address to t ake the place of the failed p[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-17 Restore the default MSTP running mode undo stp mode Generally , if there is a STP switch on the sw itching net work, the port connected to it will automatically transit from MSTP mode to STP-compatible mode. But the port cannot automatically transit back to MSTP mode [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-18 discards the configuration BPDU with 0 hop s lef t. This makes it impossible f or the switch beyond the max hop s to take part in the spanning tree calculation, thereby limiting the scale of the MST region. Y ou can use the following command to configure the max hop s[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-19  Note: The stp bridge-diameter command configures the swit ching network diameter and determines the three MSTP time parameters (Hello T ime, Forward Delay , and Max Age) accordingly . 38.2.7 Configuring the Time Parameters of a Switch The switch has three time par[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-20 Caution: The Forward Delay configured on a switch depends on the switching network diameter . Generally , the Forward Delay is supposed to be longer wh en the network diameter i s longer . Note that too short a Forward Delay may redistribute some redundant routes temp[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-21 38.2.8 Setting the Timeout Fact or of a Specific Bridge A switch transmits hello p acket regularly to the adjacen t bridges to check if there is link failure. Generally , if the switch does not receive the STP packet s from the upstream switch for 3 times of hello tim[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-22 II. Configuration in Ethernet port vie w Perform the following configurat ion in Ethernet port view . Table 38-12 Configure the max transmi ssion speed on a port Operation Command Configure the max transmissi on spee d on a port stp transmit-limit pac ke tnu m Restore[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-23 Table 38-14 Configure a port as a n edge port or a non-e dge p ort Operation Command Configure a port as an edge port. stp edged- port enable Configure a port as a non-edge port. stp edg ed-p ort disable Restore the default setting of the port as a non-edge port. undo[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-24 I. Configuration in system vie w Perform the following configuration in sy stem view . Table 38-15 Configure the path co st of a port Operation Command Configure the path co st of a port. stp interface interface - list [ instanc e instance - id ] cost cost Restore the[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-25 The actual rate count s. 2) Calculating the path cost z Full-duplex and non-aggre gation po rt at a rate less than 1 GE Path cost = [200,000,000 / (rate × 10)] – 1 z Other ports Path cost = 200,000,000 / (rate × 10) II. DOT1D-1998 calculation standard 1) Calculati[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-26 The rate of the primary port in an aggregat ion group is determined by the sum of the port rates in this group. No calculation i s performed fo r secondary port. z Non-aggregation po rt The actual rate count s, but the rate is 0 if the port is down. 2) Calculating the[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-27 Table 38-20 Configure the port prio rity Operation Command Configure the port priority . stp int erface interface - list instance inst ance - id port priority priority Restore the default port priority . undo stp interface interface - list inst ance in sta nce - id po[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-28 Operation Command Configure MSTP to automatically detect if the port is directly connected with the point-to-p oint link. stp interface interface - list point-to-point auto Configure MSTP to automatically detect if the port is directly connected with the point-to-poin[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-29 By default, the parameter is configu red as auto . 38.2.15 Configuring the mC heck Variable of a Port The port of an MSTP switch ope rates in either STP-compatibl e or MSTP mode. Suppose a port of an MSTP switch on a switching network is connected to an STP switch, th[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-30 Y ou can configure mChe ck variable on a port with either of the earlie r-mentioned measures. Note that the command can be us ed only if the switch runs MSTP . The command does not make any sen se when the switch runs in STP-comp atible mode. 38.2.16 Configuring the S[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-31  Note: For the loop protection-en abled port, if the po rt p articip ates in STP calculation, all the instances of the port will be always set to be i n discarding st ate regardless of the port role. IV. TC-protection As a general rule, the switch deletes the corre[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-32 Operation Command Configure TC protection of the swit ch (from system view) stp tc-protection enable Disable TC protection (from system view) stp tc-protection disable By default, only the protection from TC-BPDU p a cket attack is ena bled on the switch. BPDU protect[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-33 Table 38-27 Enable/Disabl e MSTP on a device Operation Command Enable MSTP on a device . stp enable Disable MSTP on a device . stp disable Restore the disable st at e of MSTP , as defaulted. undo stp Only if MSTP has been enabled on the devic e will other MSTP config [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-34 disabled, upon receiving TC/TCN p acket s, the port broadcast s TC packets to delete the MAC address entries of the port in the STP active stat e on the bridge. Perform the following configuration in sy stem view . Table 38-29 Enable/disabl e ARP address update Operat[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-35 Table 38-31 Enable/Disabl e MSTP on a port Operation Command Enable MSTP on a port. stp en able Disable MSTP on a port. stp disable Y ou can enable/disa ble MSTP on a port with either of the earlier-m entioned measure s. Note that redundant route may be gen erated af [...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-36 Operation Command Enable STP global error or event debugging debugging stp { global-error | global-event } Disable STP global error or event debugging undo debugging stp { global-error | global-event } 38.4 Typical MSTP C onfiguration Example I. Network requirements M[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-37 III. Configuration procedure 1) Configurations on Switch A MST region [SW8800] stp region-configuration [SW8800-mst-region] region-name example [SW8800-mst-region] instance 1 vlan 10 [SW8800-mst-region] instance 3 vlan 30 [SW8800-mst-region] instance 4 vlan 40 [SW8800[...]

3Com Switch 8800 Configurati on Guide Chapter 38 MSTP Region-co nfiguration 38-38 MST region [SW8800] stp region-configuration [SW8800-mst-region] region-name example [SW8800-mst-region] instance 1 vlan 10 [SW8800-mst-region] instance 3 vlan 30 [SW8800-mst-region] instance 4 vlan 40 [SW8800-mst-region] revision-level 0 Manually activate MST region [...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-1 Chapter 39 802.1x Configuration 39.1 802.1x Overview 39.1.1 802.1x Sta ndard Overview IEEE 802.1x (hereinafter si mplified as 802.1x ) is a port-based net work access control protocol that is used as the st and ard for LAN user access authentication. In the LANs complying [...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-2 is to be encapsulated in th e packet s of other AAA upper layer protocols (e.g. RADI US) so as to go through the complicated netwo rk to reach the Authentication Server . Such procedure is called EAP Relay . There are two types of ports for the Authent icator . One is the [...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-3 802.1x provides an implement ation solution of user ID authentication. However , 802.1x itself is not enoug h to implement the schem e. The a dministrator of the access device should configure th e AAA scheme by selecti ng RADIUS or local authentication so as to assist 802[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-4 Checking the Users that Log on the Swit ch via Proxy z Setting Supplicant Number on a Port z Setting the Authentication in DHCP Environment z Configuring Authentication Method for 802.1x User z Enabling/Disabling Guest VLAN z Setting the Maximum times of authentication req[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-5 Configuring 802.1x Timers z Enabling/Disabling quiet-perio d Timer Among the above tasks, the first one is compul so ry , otherwise 802.1x will not take any effect. The other t asks are optional. Y ou can perform the configurations at requiremen ts. 39.2.1 Enabli ng/Disabl[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-6 auto (automatic identification mod e, which is al so called protocol control mode). That is, the initial state of the port is unau thorized. It only permits EAPoL packet s receiving/transmitting and does not permit the us er to acce ss the network reso urces. If the authen[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-7 39.2.4 Checking the Users that Log on the Switch via Proxy The following commands are used for che cking the users that log on the switch via proxy . Perform the following configuration in sy stem view or Ethernet port view . Table 39-4 Check the users that log o n the swi[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-8 Perform the following configuration in sy stem view . Table 39-6 Set the Authentication in DHCP Environment Operation Command Disabl e the switch to trigger the user ID authentication over the users who configure static IP addresses in DHCP environment dot1x dhcp-launch En[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-9 Perform the following configuration in sy stem view or Ethernet interface view . Table 39-8 Enable/Disab le Gue st VLAN Operation Co mmand Enable Guest VLAN dot1x guest-vlan vlan - id [ interface interface - list ] Disable Guest VLAN undo dot1x guest-vlan vlan - id [ inter[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-10 39.2.10 Configur ing 802.1x Timers The following commands a re u sed for co nfiguring the 802.1x timers. Perform the following configuration in sy stem view . Table 39-10 Configure 802.1x timers Operation Command Configure timers dot1x timer { handshake-period handshake -[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-11 supp - timeout - valu e : S pecifies how long the duration of an authentication timeout timer of a Supplicant is. The value range s from 10 to 120 in unit s of second and defa ults to 30. tx-period : S pecifies the transmission timeout timer . After the Authenticator send[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-12 Enable the error/event/pa cket/all debugging of 802.1x debugging dot1x { err or | even t | p acket | all } Disable the error/event/p acket/all debugging of 802.1x. undo debugging dot1x { error | event | p acket | all } 39.4 802.1x Configuration Example I. Network requirem[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-13 II. Network diagram Supplicant Authentication S erve rs (RADIUS Serve r Cluster IP Address: 10.11. 1.1 10.11.1.2) Internet Authenticator Switch Supplicant Authentication S erve rs (RADIUS Serve r Cluster IP Address: 10.11. 1.1 10.11.1.2) Internet Switch Authentication S e[...]

3Com Switch 8800 Configurati on Guid e Chapter 39 802.1x Configurat ion 39-14 [SW8800-radius-radius1] primary accounting 10.11.1.2 Set the IP address of the seco nda ry aut hentication/accounting RADIUS serve rs. [SW8800-radius-radius1] secondary authentication 10.11.1.2 [SW8800-radius-radius1] secondary accounting 10.11.1.1 Set the encryption key [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-1 Chapter 40 AAA and RADIUS/TACACS+ Protocol Configuration 40.1 AAA and RADIUS/TACACS+ Protocol Overview 40.1.1 AAA Overview Authentication, Authorization and Accounti ng (AAA) provide a uniform framewor k use d for configuring these thre e security[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-2 in PSTN environment or Ethernet switch with access function in Ethernet environ ment), NAS, namely RADIUS client end, will transmit user AAA request to the RADIUS server . RADIUS server ha s a user database re cording all the information of user a[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-3 Table 40-1 TACACS+ v s . RADIUS TACACS+ RADIUS Adopts TCP , providing more reliable network transmission. Adopts UDP . Encrypts the entire packet except for the standa rd T ACACS+ header . Encrypt s only t he passwo rd field in authentication pa c[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-4 z The TACACS server send s back an authent ication response, req uesting for the login password. Upon receiving the respon se, the TACACS client requests t he user for the login password . z After receiving the login password, the TACACS client se[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-5 User TACA CS Client TACA CS Server User lo gs on Authentication start packet Authentication resp onse pack et, requesting username The user inp uts usern ame Authentication contin uance packe t, se ndi ng us er nam e to th e s erve r Authenticatio[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-6 Figure 40-3 Network diagram for u sin g RADIUS to authenticate 40.2 AAA Configuration The following sections descri be AAA configuration tasks. z Creating/Deleting an ISP Domain z Configuring Relevant Attributes of an ISP Domain z Configuring Self[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-7 Switch 8800 ISP domain view , you can conf igure a complete set of exclusive ISP domain attributes on a pe r-ISP dom ain basis, which includes AAA policy ( RADIUS scheme applied etc.) For the Switch 8800, each supplicant belongs to an ISP domain. [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-8 users already online. An ISP is in active stat e once it is created, that is, at that time, all the users in the domain are allowed to req uest network service s. z Maximum number of supplicants specifie s how many supplicants can be contained in [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-9 Once this function is enabled on the switch, users can locate the self-service server through the following operations: z Select "Change user password" on the 802.1x clie nt. z After the client opens the default explor er (IE or NetScape[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-10 40.2.5 Setting the Attri butes of a Local User The attributes of a local user include it s pass word display mode, st ate, service type and some other settings. I. Setting the password display mode Perform the following configuration in sy stem v[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-11 Operation Command Set the priority of the specified user level level Restore the default priority of the specified user undo level Configure the attributes of lan-access users attribute { ip ip - address | mac mac - address | idle-cut second | ac[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-12 Table 40-9 Configure VLAN deliveri ng mode Operation Command Configure the VLAN delivering mode to be of string type private-group-id mode st andard Revert to the default VLAN delivering mode. undo private-group-id mode st andard By default, a VL[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-13 Among the above tasks, creating RADI US sc heme a nd setting IP add ress of RADIUS server are required, while other t akes are optional and ca n be performed as your requiremen ts. 40.3.1 Creating/Deleti ng a RADIUS scheme As mentioned above, RA [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-14 Table 40-11 Set IP Address and Port Number of RA DIUS Serve r Operation Command Set IP address and port number of prima ry RADIUS authentication/aut hori zation server . primary authentication ip - address [ port - number ] Restore IP address and[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-15 4 RADIUS servers, or specify one of the two servers as primary authentication/authorization serve r and secondary accounting server and the other one as secondary authentication/authorization se rve r and primary accounting server , or you may al[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-16 Set RADIUS accounting p acket en cryption key key accounting string Restore the default RADIUS ac counting pa cket encryption key undo key accounting By default, the encryption keys of RADIUS authentication/autho rization and accounting packet s [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-17 By default, RADIUS request packet will be retransmi tted up to three times. 40.3.6 Enabling the Selection Of Radius Accounting Option If no RADIUS server is available or if RADIUS accounting server fails when the accounting optional is configured[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-18 Table 40-17 Recommend ed real-time accounting in tervals for differe nt number of users Number of users Real-time accounting interval in minutes 1 to 99 3 100 to 499 6 500 to 999 12 ≥ 1000 ≥ 15 By default, minute is set to 12 minutes. 40.3.8 [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-19 40.3.9 Enabling/Di sabling Stopping Accounting Request Buffer Because the stopping accounting request conc e rns account balance and will af fect the amount of charge, which is very import ant for both the subscribe rs and the ISP , NAS shall mak[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-20 40.3.11 Setting the Supported Type of RADIUS Server The Switch 8800 support s the stand ard RA DIUS protocol an d the extended RADIUS service plat fo rms, such as IP Hotel, 201+ and Port al. Y ou can use the following command to set t he support [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-21 40.3.13 Setting the Username Forma t Transmitted to RADIUS Server As mentioned above, the supplicant s are gener ally named in userid@isp-name format. The part following “@” is the ISP domain name. The Switch 8800 wi ll put the users into dif[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-22 By default, the default data unit is byte and the default dat a packet unit is one packet. 40.3.15 Creating/Dele ting a Local RADIUS authentication Server RADIUS service, which adopt s authenticati on/authorization/accounting servers to manage us[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-23 Configuring TACACS + Au thentication Servers z Configuring TACACS + Authorization Servers z Configuring TACACS + Accounting Se rvers and the Related Attributes z Configuring the Source Addres s fo r TACACS+ Packets Sent by NAS z Setting a Key for[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-24 40.4.2 Configuri ng TACACS+ Authentication Servers Perform the following confi guration in T ACACS+ view . Table 40-27 Configure TACACS + aut h entication servers Operation Command Configure the T ACACS+ primary authentication server primary auth[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-25  Note: If only authentication and accounting se rv ers are configured and no authorization server is configured, both authentication and accounting c an be performed normally for the ftp, telnet, and ssh users, but the priority of these users [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-26 Table 40-30 Configure stop-a ccounting packet retransmi ssion Operation Command Enable stop-accounting p acket retransmission and set the allowed maximum number of transmission attempts retry stop-accoun ting retry - times Disable stop-accounting[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-27 Table 40-32 Set a key for securing the communication with the T ACACS+ server Operation Command Configure a key for securing the communication with the accou nting, authorization or authentication server key { accounting | authorization | authent[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-28 40.4.9 Setting Timers Re garding TACACS Server I. Setting the response timeout timer Since T ACACS+ is implemented on the basis of TCP , server resp o nse timeout or TCP timeout may terminate the connection to the T ACACS server . Perform the fol[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-29 Table 40-37 Set a real-time accounting interval Operation Co mmand Set a real-time accounting interval timer realtime-accoun ting minutes Restore the default real-time acco unting interval undo timer realtime-accounting The interval is in minutes[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-30 Operation Command Display related information of use r ’s connectio n display connection { access-ty pe { dot1x | gcm } | domain isp - name | interface interface - ty pe interface - number | ip ip - addre ss | mac mac - address | radius-scheme [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-31 Operation Command Enable debugging of local RADIUS authentication server debugging local-s erver { all | error | event | p acket } Disable debugging of local RA DIUS authentication server undo debugging local-server { all | error | event | p acke[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-32 II. Network Topology Authentication Servers ( IP address:10.110.91.164 ) Internet Switch telnet user Internet Figure 40-4 Network diagram for the re mote RADI US authentication of Telnet users III. Configuration procedure Add a T elnet user . Omi[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-33 40.6.2 Configuring Auth entication at Local RADIUS Authentication Server Local RADIUS authentication of T elnet/FTP users is similar to the remote RADIUS authentication described i n section 40.6.1 . But you shoul d modify the server IP address i[...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-34 III. Configuration procedure Configure the T elnet user . Here it is omitted.  Note: The configuration of the FTP and T elnet users can refer to User Interface Configuration of Getting Sta r t e d Operation section of this manual. Configure a [...]

3Com Switch 8800 Configurati on Guide Chapter 40 AA A and RADIUS/T ACACS+ Protocol Con figuration 40-35 z There might be some communi cation fault betwe en NAS and RA DI US/TACACS + server, which can be di scovered throug h pinging RADIUS/TACAC S+ server from NAS. So please ensure the norm al communica tion between NAS and RADIUS/TACACS+ server. II[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-1 Chapter 41 VRRP Configuration 41.1 Introduction to VRRP Virtual Route r Redundancy Protocol (V RRP) is a fau lt-tolerant protocol. In gene ral, a default route (for example, 10.100.10.1 as shown in the following internetworking diagram) will be configured for every host on [...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-2 Ether net Master Host 1 H ost 2 Host 3 10.100.10.7 10.100.10.8 10.100.10.9 Virtual IP address10.100.10.1 Network Backup Virtual IP address10.100.10.1 Actual IP address10. 100.10.2 Actual IP address10.100 .10.3 Figure 41-2 Network diagram for virtual router This virtual rout[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-3 41.2.1 Enabling/Disabli ng the Function to Ping the Virtual IP Address This operation enables or disables the func tion to ping the virtual IP address of the virtual router . The stand ard protocol of V RRP does not support the ping function, then the user cannot judge with[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-4 Due to the chips inst alle d, som e switche s support mat chin g one IP address to multiple MAC addresses. The Switch 8800 not only guarantees correct data fo rwarding in the sub-net, bu t also support such function: the user can cho ose to match the virtual IP address with[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-5 The virtual - a ddress can be an unused address in t he network segment whe re the virtual router resides, or the IP address of an interface in the virtual router . If the IP address is of t he switch in the virtual router , it can al so be configured as virtual - ad dress [...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-6 is higher than that of the cu rrent Maste r switch. Acco rdingly , the former Maste r switch will become the Backup switch. T ogether with preemption settings, a delay can also be set. In this way , a Backup will wait for a period of time before becoming a Ma ster . In an u[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-7 to authenticate the VRRP packet s. In this case an authenticatio n key not exceeding 8 characters should be configured. Those packet s failing to p ass the authenticati on will be discarded and a trap p acket will be sent to the network managem ent system. Perform the follo[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-8 Table 41-8 Configure virtual router tim er Operation Command Configure virtual router timer vrrp vrid virtual - router - ID timer advertise adve r - interval Clear virtual router timer undo vrrp vrid virtual - router - ID timer advertise By default, adver - interval is conf[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-9 41.3 Displaying and debugging VRRP After the above configurati on, execute display command in any view to display the running of the VRRP configuration, and to verify the conf iguration. Execute de bugging command in user view to debu g VRRP configuration. Table 41-10 Displ[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-10 II. Networking diagram Vi rt ual IP addr ess: 2 02.38.1 60.111 Swi tc h_A Hos t A 202.38. 160.3 VLA N- i nterf ac e 2: 202 .38.160 . 1 In t e rne t Sw i tc h_B VLA N- i nt er fa c e2 : 202.3 8.160.2 V LAN- i nt er fac e3: 10.100 . 1 0.2 Hos t B 10.2 .3.1 Figure 41-3 Networ[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-11 [LSW-B-vlan-interfa ce2] ip add re ss 202.38.160.2 255. 255.255.0 [LSW-B-vlan-interfa ce2] quit Configure VRRP . [LSW-B] vrrp ping -en able [LSW-B] interface vlan 2 [LSW-B-vlan-interfa ce2] vrrp vrid 1 virtual-ip 20 2.38.160.1 1 1 [LSW-B-vlan-interfa ce2] vrrp vrid 1 pree [...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-12 [LSW_A-vlan-interface2] vrrp vrid 1 virtual-ip 202.38.1 60.1 1 1 Set the priority for the virtual router . [LSW_A-vlan-in terface2] v rrp vrid 1 priority 1 10 Set the authentication key for the virtual router . [LSW_A-vlan-interface2] vrrp authentication-mode m d 5 switch [...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-13 switch for virtual router 2 and vice versa for swit ch B. Some hosts employ virtual route r 1 as the gateway , while others employ virtual router 2 as the gate way . In this way , both load balancing and mutual backu p are impleme nted. II. Networking diagram See Figure 41[...]

3Com Switch 8800 Configurati on Guid e Chapt er 41 VRRP Configurat ion 41-14 41.5 Troubleshooting VRRP As the configuration of VRRP is not very complicated, almost all the malfunctions ca n be found through viewing t he configuration an d debugging info rmation. He re are som e possible failures you might meet and t he corre sponding troubl eshooti[...]

3Com Switch 8800 Configurati on Gu id e Chapter 42 HA Configuration 42-1 Chapter 42 HA Configuration 42.1 Introduction to HA HA (high availability) is to achieve a high availability of the system and to recover the system as soon as possible in the event of Fabric failures so as to shorten the MTBF (Mean T ime Between Failure) of the system. The fu[...]

3Com Switch 8800 Configurati on Gu id e Chapter 42 HA Configuration 42-2 z Configuring the Load Mode of the Fabri c and Slave Board 42.2.1 Restarting the Slave System Manually In the environment in which t he sl ave system is available, the user can restart the slave system manually . Perform the following configuration in us er view . Table 42-1 R[...]

3Com Switch 8800 Configurati on Gu id e Chapter 42 HA Configuration 42-3 Table 42-3 Enable/Disab le automati c synchronization Operation Command Enable automatic synchronization slave auto-update config Disable automatic synchronization undo slave auto-update config By default, the automatic synchronization of system is enabled. 42.2.4 Synchronizin[...]

3Com Switch 8800 Configurati on Gu id e Chapter 42 HA Configuration 42-4 Caution: When a single Fabric is in position, t he load-balan ce mode is not effective and the Fabric changes to the load-si ngle mo de automatically. 42.3 Displaying and De bugging HA Configuration After the above config uration, execute display command in relevant view to di[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-1 Chapter 43 File System Management 43.1 File System Configuration 43.1.1 File System Overview The Ethernet switch provides a file system module for user’s ef ficient management over the storage devices su ch as flash memory . The file system of fers file access and direc[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-2 43.1.2 Direct ory Operation The file system can be used to create or del ete a directory , display the current workin g directory , and display the information about the files or di rectories u nder a specified directory . Y ou can u se the following commands to perf orm [...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-3 Caution: When you use the delete command without the unreserv ed option to delete a file, the file is in fact saved in the recycle bin and still occupies som e of the storage space. So, the frequent uses of this comm and may results in insufficient st orage space of the E[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-4 43.1.5 Setting the Prompt M ode of the File System The following command can be used for setting the prompt mode of the current file system. Perform the following configuration in sy stem view . Table 43-4 File system operation Operation Command Set the file system prompt[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-5 will begin the initialization with the default parameters. Relative to the saved-configuration, the configuration in ef fect during the operating process of the system is called current-confi guration. Y ou can use the following commands to display the current-configurati[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-6 43.2.4 Erasing Conf iguration Files from Flash Memory The reset saved-configuration comm and can be used to erase configuration files from Flash Memory . The system will use t he default configuration parameters for initialization when the Ethernet switch i s powered on f[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-7  Note: The system supports FTP se rvices over VPN. 43.3.1 FTP Overview FTP (File T ransfer Protocol) is a universal method for transmitting files on the Internet and IP networks. In this method, files are copi ed from one system to another . FTP supports defi nite file[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-8 T able 43-1 1 lists the config uratio n of the switching as FTP server . Table 43-11 Configuration of the switch as FTP serve r Device Configuration Default Description Start FTP server. FTP server is disabled. You can view the configuration information of FTP server with[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-9 authorized users. Y ou can use the followi ng com mands to configure FTP server authentication and authori zation. The authorizat io n information of FTP server includes the top working directory provided for F TP client s. Perform the following configuration in co rre sp[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-10 43.3.5 Displaying a nd Debugging FTP Server After the above configurati on, execute display command in any view to display the running of the FTP Server configuration, and to verify the effect of the co nfigu ration. Table 43-15 Display and debug FTP Server Operation Com[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-11 The switch application switch.app i s stor ed on the PC. Using F TP , the switch can download the switch.app from the remot e FTP serve r and upload the vrpcfg.cfg t o the FTP serve r u nde r the switch directory for backup purpose. II. Network diagram Switch PC Network [...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-12 Use the put command to upload the vrpcfg.cfg to the FTP server . [ftp] put vrpcfg.cfg Use the get command to download the switch.app fr om the FTP se rver to the Flash directory on the FTP server . [ftp] get switch.app Use the quit command to release FTP connection and r[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-13 [SW8800] ftp server enable [SW8800] local-user switch [SW8800-luser-switch] service-type ftp ftp-directory flash: [SW8800-luser-switch] password simple hello 2) Run FTP client on the PC and establish FTP connection. Upload the switch.app to the switch under the Flash dir[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-14 Switch PC Network Switch Switch PC Network Figure 43-4 TFTP configuration T able 43-17 lists the configuratio n of the swit ch as TFTP client. Table 43-17 Configuration of the switch as TFTP cli ent Device Configuration Default Description Configure IP address for the VL[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-15 43.4.3 Uploading Files by Means of TFTP T o upload a file, the client sends a request to the TFTP server and then transmit s data to it and receives the ac knowledgement from it. Y ou ca n use the following comman ds to upload files. Perform the following configuration i[...]

3Com Switch 8800 Configurati on Guid e Chapter 43 File System Management 43-16 <SW8800> system-view [SW8800] Caution: If the Flash Memory of the switch is n ot enough, you need to first delete the existing programs in the Flash Memory and the n upload the new ones. Configure IP address 1.1.1.1 for the VLAN inte rface, e nsure the port connect[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-1 Chapter 44 MAC Address Table Management 44.1 MAC Address Table Management Overview An Ethernet Switch maint ains a MAC a ddress t able for fast forwarding p a ckets. A table entry includes the MAC addres s of a device and the port ID of the Ethernet switch connected[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-2 Y ou can configure (add o r modify) the MAC add re ss entries manual ly according to the actual networking environ m ent. The entries can be static ones or dynamic one s. 44.2 MAC Address Table Mana gement Configuration The following sections describ e the MAC addre[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-3 If aging time is set too short, the Ethernet switch may delete valid MAC addre ss table. Y ou can use the following comm ands to set the MAC address aging time for the system. Perform the following configuration in sy stem view . Table 44-2 Set the MAC addre ss a gi[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-4 44.3.1 Maximum MAC Address Number Learned b y a Port and Forwarding Option Configuration Tasks Maximum MAC address number learned by a port and forwarding o ption configuration tasks are d escri bed in the following t able: Table 44-3 Configure the maximum nu mber o[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-5 Sequence number Configuration item Command Description 5 Set the maximum number of MAC addresses learned by an Ethernet port, and when the current number of MAC addresses exceeds the threshold value, whether the switch forwards packets or gives the network administr[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-6 Execute the debugging command in user view to debug MAC address t able configuration. Table 44-4 Display and debug MA C address tables Operation Co mmand Display the information in the address table display mac-address [ mac - addr [ vla n vlan - id ] | [ static | d[...]

3Com Switch 8800 Configurati on Guide C hapter 44 MAC Address Table Management 44-7 II. Network diagram Consol e Por t Network Port Switch Internet Figure 44-2 Network diag ram for a ddre ss t able management co nfiguration III. Configuration procedure Enter the system view of the switch. <SW8800> system-view Add a MAC address (specify t he n[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-1 Chapter 45 Device management 45.1 Device Management Overview With the device managem ent function, the Ethernet Switch can display the curre nt running st ate and event debugging information abou t the slots, thereby implementing the maintenance and m anagement of the st ate a[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-2 Table 45-2 Enable the Timing Reboot Fun ction Operation Command Enable the timing reboot function of the switch, and set specified time and date schedule reboot at hh:mm [ yyyy/mm /dd ] Enable the timing reboot function of the switch, and set waiting time schedule reboot delay[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-3 45.2.4 Upgrading BootROM Y ou can use followed command to upgrade th e BootROM with the BootROM program in the Flash Memory . This configuration task facilit ates the remote upgrade. Y ou can upload the BootROM program file from a remo te end to the switch by FTP and then use [...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-4 main control boa rd of a 16 MB flash, th e service proce ssing board cann ot be updated according to the original pro cedure. T o update it, you need to execute the following command to download h ost softwa re cont aini ng the app file of service processing board host applica[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-5 Display CPU occup ancy display cpu [ slot slot - no ] 45.4 Device Management Configuration Example 45.4.1 Using the Switch as an FTP Clie nt to Implement the Remote Upgrade I. Network requirements The user logs into the switch u sing T elnet, downloads the application from the[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-6 Caution: If the flash memory of the switch is no t enough, you need to first delete the exi sting programs in the flash mem ory and then download the new ones to the memory. Enter the corresponding command in use r view to establish FTP connection. Then enter correct username [...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-7 45.4.2 Use the Switch as an FTP Ser ver to Implement the Remote Upgrade I. Network requirements The switch serves as an FTP server and the PC a s an FTP client. The configuration on the FTP se rver is as follo ws: an FTP user is configured with th e name switch, the password h[...]

3Com Switch 8800 Configurati on Guide Chapter 45 Device managem ent 45-8 Caution: If the flash memory on the switch is not sufficient, delete the original appli cation program in the flash before uploading th e new one into the flash of the switch. 3) After uploading, performs upgrading on the swit ch. <SW8800> Y ou can use the boot boot-load[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-1 Chapter 46 System Maintenance and Debugging 46.1 Basic System Configuration The basic system configura t ion and ma nagement include: z Switch name setting z System clock set t i ng z Time zone setting z Summer time setting 46.1.1 Setting a Name for a Switch Pe[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-2 Table 46-3 Set the time zone Operation Command Set the local time clock timezone zone_name { add | minus } HH:MM:SS Restore to the default UTC time zone undo clock timezone By default, the UTC time zone is adopted. 46.1.4 Setting the Summer Time Y ou can set th[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-3 Operation Command Display the information about the optical module co nnected with a in-place optical port on current frame display fiber-module or display fiber-module [ interface - type interface - number | interface - name ] 46.3 System Debugging 46.3.1 Enab[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-4 Table 46-6 Enabling/Di sabling the d ebugging Operation Command Enable the protocol debugging debugging { all [ timeout interval ] | module - name [ debugging - option ] } Disable the protocol debugging undo debugging { all | module - name [ debugging - option [...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-5 46.4 Testing Tools for Network Connection 46.4.1 ping The ping command ca n be used to check the net work conne ction and if the host i s reachable. Perform the following configuration in any view . Table 46-8 The ping command Operation Co mmand Support IP ping[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-6 46.4.3 tracert The tracert is used for testing the gateways p assed by the p acket s from the source host to the destination one. It is mainly us ed for checking if the netwo rk is connected and analyzing where the f ault occu rs in the network. The execution p[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-7 The description of the component s of log information is as follows: 1) % In practical output, some of the informati on is sta rted with the % character , which means a logging is ne ce ssary . 2) Priority The priority is computed according to fo llowing formul[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-8 Module name Description DEV Device management module DHCP Dynamic host configuration proto col module DIAGCLI Diagnosis module DNS Domain name se rver mo dule DRVMPLS Multiprotocol label switching drive module DRVL2 Layer 2 drive module DRVL3 Layer 3 drive modu[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-9 Module name Description MPM Multicast port management module MSDP Multicast source discovery protocol module MSTP Multiple spanning tree protocol module NAT Network address translation modul e NTP Network time protocol module OSPF Open shortest path first modul[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-10 Switch information falls into three categories: log information, debuggin g information and trap information. The info-center classifie s every kind of inform ation into 8 severity or urgent levels. The log filtering rule is that the system prohibits outputtin[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-11 Logging buffer 4 logbuf snmp 5 snmpagent Log file 6 logfile  Note: The settings in the 7 directions are ind epende nt from e ach other. Th e settings will take effect only after enabling the information center. The info-center of Ethernet Switch has the fol[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-12 Table 46-15 Send the configuration info rmation to the console terminal. Device Configuration Default val ue Configuration description Enable info-center By default, info-center is enabled. Other configurations are valid only if the info-center is enabled. Set[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-13 Table 46-17 Send the configuration info rmation to the log buffer Device Configuration Default val ue Configuration description Enable info-center By default, info-center is enabled. Other configurations are valid only if the info-center is enabled. Set the in[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-14 Set the information output direction to SNMP — — Set information source — You can define which modules and information to be sent out and the time-stamp format of information, and so on. You must turn on the switch of the co rrespondin g module before de[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-15 Table 46-21 Configure to output information to the logho st Operation Command Output information to the loghost info - center loghost ho st - ip - addr [ channel { channel - number | channel - name } | facility local - number | language { chinese | english } ][...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-16 Every channel has been se t with a default record, whose module n ame is default and th e m od u le n um b er i s 0x ffff 0000. However , for different chan nels, the default record may have different default settings of l og, trap and debugging. When there i [...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-17  Note: Info-center is enabled by default. After info-c enter i s enabled, system performances are affected when the system processes much information because of information classification and outputting. 2) Configuring to output information to console termi[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-18 may have different default settings of l og, trap and debugging. When there i s no specific configuration reco rd for a modu le in the channel, use the d efault one.  Note: If you want to view the debugging information of some modules on t he switch, you mu[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-19 Enable terminal display function of trap information terminal trapping Disable terminal display function of trap information undo terminal trapping 46.5.5 Sending the Confi guration Information to Telnet Terminal or Dumb Terminal T o send configuration informa[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-20 Table 46-31 Define information so urce Operation Command Define information source info - center source { modu - nam e | default } channel { channel - num ber | channel - nam e } [ debug { level seve rity | state state }* | log { le vel severity | state state [...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-21 This configuration will af fect the timest amp of t he displayed information. Perform the following configuration in sy stem view: Table 46-32 Configure the output forma t of time-stam p Operation Command Configure the output format of the time-stamp info-cent[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-22 1) Enabling info-center Perform the following configuration in sy stem view . Table 46-34 Enable/disabl e info-center Operation Command Enable info-center info - center enable Disable info-center undo info - center en able  Note: Info-center is enabled by d[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-23 modu - name spe cifies the module name; default rep resent s all the modules; all represent s all the information filter confi guration in channelnum chunnel except default; level refers to the severity levels; severity specifie s the severity level of informa[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-24 Disable info-center undo info - center en able  Note: Info-center is enabled by default. After info-c enter i s enabled, system performances are affected when the system processes much information because of information classification and outputting. 2) Con[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-25 Every channel has been se t with a default record, whose module n ame is default and th e m od u le n um b er i s 0x ffff 0000. However , for different chan nels, the default record may have different default settings of l og, trap and debugging. When there i [...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-26  Note: Info-center is enabled by default. After info-c enter i s enabled, system performances are affected when the system processes much information because of information classification and outputting. 2) Configuring to output information to SNMP NM Perfo[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-27 Every channel has been se t with a default record, whose module n ame is default and th e m od u le n um b er i s 0x ffff 0000. However , for different chan nels, the default record may have different default settings of l og, trap and debugging. When there i [...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-28 Table 46-46 Display and debug info-cen ter Operation Co mmand Display the content of information channel display channel [ channel - n umber | channel - name ] Display configuration of system log and memory buffer display info - center Display the attribute of[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-29 III. Configuration steps 1) Configuration on the switch Enable info-center [SW8800] info-center enable Set the host with the IP address of 20 2.38.1. 10 as the loghost; set the severity level threshold value as informational, set the output language to English[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-30 kill -HUP 147 After the above operation, the swit ch system c an record informatio n in related log files.  Note: To configure facility, severity, filter and t he file syslog.conf synt hetically, you can get classification in great detail and filter the inf[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-31 2) Configuration on the loghost This configuration is performed on the logho st. S tep 1: Perform the following co mmand as the super user (root). mkdir /var/log/SW8800 touch /var/log/SW8800/information S tep 2: Edit file /etc/syslog.conf as the super user (ro[...]

3Com Switch 8800 Configurati on Guide Chapt er 46 System Maintenance an d Debugging 46-32  Note: To configure facility, severity, filter and t he file syslog.conf synt hetically, you can get classification in great detail and filter the information. 46.5.12 Configuration Examples of Sending Log to the Console Terminal I. Network requirements The[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-1 Chapter 47 SNMP Configuration 47.1 SNMP Overview By far , the Simple Network Management Protocol (SN MP) has ga ined the mo st extensive applica tion in the co mputer networks . SNMP has been put into us e and widely accepted as an indust ry stand ard in practice. It is used [...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-2 A 2 6 1 5 2 1 1 2 1 B Figure 47-1 Architecture of the MIB tree The MIB (Management Information Base) is use d to describe the hierarchi cal architecture of the tree and it is th e set defined by the st andard variables of the monitored network device. In the above figure, the[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-3 MIB attribute MIB content References DHCP MIB — QACL MIB — ADBM MIB — RSTP MIB — VLAN MIB — Device management — Private MIB Interface management — 47.3 Configuring SNMP The following sections descri be the SNMP configuration tasks. z Setting Community Names z Se[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-4 Table 47-2 Set community names Operation Command Set the community name and the access authority snmp - agent community { read | wr i t e } community - name [ [ mib - view view - name ] [ acl acl - list ] ] Remove the community name and the access authority undo snmp - agent [...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-5 Table 47-4 Enable/disa bl e SNMP Agent to send Trap Operation Command Enable the sending of trap(system view) snmp-agent trap enabl e [ standard [ authentication ] [ coldstart ] [ linkdown ] [ linkup ] | bgp [ backwardtransition ] [ established ] | vrrp [ authfai lure | newma[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-6 Table 47-6 Set the lifetime of Trap message Operation Command Set lifetime of Trap message snmp - agent trap life seconds Restore lifetime of Trap message undo snmp - agent trap life By default, the lifetime of T rap message is 120 seconds. 47.3.6 Setting the Engine ID of a L[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-7 47.3.8 Setting the Source Address of Trap Y ou can use the following commands to set or remove the sou rce address of the trap. Perform the following configuration in sy stem view . Table 47-9 Set the source address of trap Operation Command Set the Source Address of Trap snm[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-8 47.3.10 Creating/Updati ng View Information or Deleting a View Y ou can specify the view to control the access to the MIB by SNMP manage r . Y ou can use either the predefined views or the self- defined views. Y ou can use the followin g commands to create, updat e the inform[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-9 47.4 Displaying and Debugging SNMP After the abov e configuration, execute the display command in any view to display the running of the SNMP configuration, and to ve rify the effect of the configuration. Table 47-14 Display and debug SNMP Operation Command Display the statis[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-10 II. Network diagram Ethernet NMS 129.102.0.1 129.102.149.23 Figure 47-2 Network diagram for SNM P configuration III. Configuration procedure Enter the system view . <SW8800> system-view Set the community name, group and u s er . [SW8800] snmp-agent sys-info version all[...]

3Com Switch 8800 Configurati on Guid e Chapter 47 SNMP Configuration 47-11 Users can query and configure the Ethernet switch th rough the network manage ment system. For details, see th e manu als for the network management pro ducts.[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-1 Chapter 48 RMON Configuration 48.1 RMON Overview Remote Network Monitoring (RM ON) is a ty pe of IETF-defined MIB. It is the most important en hancement to the MIB II st andard. It mainly used for monitori ng the dat a traffic on a segment and ev en on a whol e network. It i[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-2  Note: Before configuring RMON, you must ens ure that the SNMP agent is prope rly configured. See Chapter 50 SSH Terminal Service for the SNMP agent configur ation. The following sections descri be the RMON configuration t asks. z Adding/Deleting an Entry to/from the Even[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-3 Perform the following configuration in sy stem view . Table 48-2 Add/delete an entry to/from the alarm t able Operation Command Add an entry to the alarm table rmon alarm entry - number alarm - variable sampling - time { delta | absolute } rising-threshold threshol d - value[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-4 Table 48-4 Add/delete an entry to/from t he extended RMON al arm table Operation Command Add an entry to the extended RMON alarm table rmon prialarm entry - number alarm - var [ alarm - des ] sampling - timer { delta | absolut e | changeratio } rising-threshold threshold - v[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-5 Delete an entry from the history control table. undo rmon history entry - number History control entry calculates variou s data at th e sampling time interval.Y ou can u se the display rmon history command to view the information of the history control entry . 48.2.5 Adding/[...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-6 Display the event log of RMON display rmon eventlog [ event - number ] 48.4 RMON Configuration Example I. Network requirements Set an entry in RMON Ethernet st atistics t able for the Ethernet port p erformance, which is convenient for network administrato rs’ query . II. [...]

3Com Switch 8800 Configurati on Guid e Chapter 48 RMON Configur ation 48-7 Packets received according to length (in octets): 64 :644 , 65-127 :518 , 128-255 :688 256-511:101 , 512-1023:3 , 1024-1518:0[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-1 Chapter 49 NTP Configuration 49.1 Brief Introduction to NTP 49.1.1 NTP Functions As the network topology gets more and more complex, it becomes impo rtant to synchronize the clocks of the eq uipment on the whol e network. Network T ime Protocol (NTP) is the TCP/IP that advert[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-2 z Before synchronizing the system clo cks on Ethernet Switch A and B, the clock on Ethernet Switch A is set to 10:00:00am, and that on B is set to 11:0 0:00am. z Ethernet Switch B serves as an NTP ti me server. T hat is, Ethernet Switch A synchronize s the local cloc k wit h [...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-3 time server of the local equipment. In this case the local Ethernet Switch works as an NTP cli ent. If you set a remote server as a peer of the local Ethernet Switch, the l ocal equipment operates in symmetric a ctive mode. If you configure an interface on the local Ethernet [...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-4 II. Configuring NTP Peer Mode Set a remote server whose ip address is ip - address as the peer of the local equipment. In this case, the lo cal equipment operates in symmetric active mode. ip - address specifies a host address other than a broadcast, multica st or reference c[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-5 IV. Configuring NTP Broadcast Client Mode Designate an interface on the local Ether net Switch to receive NTP broad cast messages and operate in bro adcast client mode. The local Ethernet Switch li stens to the broadcast from the server . When it receiv es the first broadca s[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-6 VI. Configuring NTP Multicast Client Mode Designate an interface on the local Ethernet Switch to receive NTP multicast messages and operate in multicast client mod e. The local Ethe rnet Switch listens to the mult icast from the server . Wh en it receives the first mult icast[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-7 Table 49-8 Configure NTP authentication key Operation Command Configure NTP authentication key ntp-service authen tication-keyi d number authentication-m ode md5 value Remove NTP authentication key undo ntp- service authentica tion-keyid number Key number number ranges from 1[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-8 ntp-service unicast-server or ntp-service unicast-peer command also designates a transmitting interface, use the one designated by them. 49.2.6 Setting NT P Master Clock This configuration t ask is to set the extern al reference cl ock or the local clock as th e NTP ma ster c[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-9 server : Allow local NTP time service request an d control query . However , the local clock will not be synchroniz ed by a remote server . peer : Allow local NTP time servi ce request and control query . And the local clock will also be synchronized by a remote serve r . 49.[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-10 49.4 NTP Configuration Example 49.4.1 Configuri ng a NTP Server I. Network requirements On SW88001, set local clock as the NTP master clock at stratum 2. On SW88002, configure SW88001 as the time server in se rver mode and set the local eq uipment as in client mode. (Note: S[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-11 clock stratum: 16 reference clock ID: none nominal frequency: 100.0000 Hz actual frequency: 100.0000 Hz clock precision: 2^17 clock offset: 0.0000 ms root delay: 0.00 ms root dispersion: 0.00 ms peer dispersion: 0.00 ms reference time: 00:00:00.000 UTC Jan 1 1900(00000000.00[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-12 II. Network diagram See Figure 7-2. III. Configuration procedure Configure Ethernet Switch SW88003: Enter system view . <SW88003> system-view Set the local clock as the NTP master clock at stratum 2. [SW88003] ntp-service refclock-master 2 Configure Ethernet Switch SW8[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-13 Reference time: 19:21:32.287 UTC Oct 24 2004(C5267F3C.49A61E0C) By this time, SW88004 has been synchronized by SW88 005 and it is at stratum 2, or higher than SW88005 by 1 . Display the sessions of SW88004 and you will se e SW88004 has been con nected with SW88005. [Quidwa4][...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-14 Configure Ethernet Switch SW88001: Enter system view . <SW88001> system-view Enter Vlan-interface2 view . [SW88001] interface vlan-interface 2 [SW88001-Vlan-Interface2] ntp-service broadcast-client The above examples configured SW88 004 a nd SW8800 1 to listen to the b[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-15 their respective Vlan-i nterface2. (Note: SW 88003 support s to configure the l ocal clock as the master clock) II. Network diagram See Figure 7-2. 1) Configuration procedure Configure Ethernet Switch SW88003: Enter system view . <SW88003> system-view Set the local clo[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-16 49.4.5 Configure Authenticati on-Enabled NTP Server Mode I. Network requirements SW88001 set s the local clock as the NTP ma ster clock at stratum 2. SW88002 sets SW88001 as it s time server in server mode and itself in client mode a nd enables authentication. (Note: SW88001[...]

3Com Switch 8800 Configurati on Gu id e Chapter 49 NTP Configuration 49-17 [SW88001] ntp-service authentication-keyid 42 authentication-mode md5 aNiceKey Configure the key as reliable. [SW88001] ntp-service reliable authentication-keyid 42[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-1 Chapter 50 SSH Terminal Service 50.1 SSH Terminal Service 50.1.1 SSH Overview This chapter introduces th e secure she ll (SSH) feature. When a user telnet s to the switch from an insecure network, the SSH feature can provide se cure information and powerful authentication f[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-2 Local swit ch Local Ethernet WA N Ser ver SSH cli ent PC Laptop Laptop Wo r k s t a t i o n Wo r k s t a t i o n Rem ote Ethernet Remote swi tch Ser ver SSH se r v er Local Ethernet WA N Ser ver PC SSH PC Laptop Laptop Wo r k s t a t i o n Rem ote Ethernet Ser ver SSH Figur[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-3 z The server initiates a procedure to authe ntic ate the user. If the server is co nfigured not to authenticate the user, the proces s procee ds to session request phase directly. z The client employs an authentication m ode to authenticate the serve r till the authenticati[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-4 Num Item Command Description 2 Entering VTY type of user interface view [SW8800] user- interf ace vt y X X – 3 Configure the protocol supported by current u ser interface [SW8800-ui-vtyX-X] protocol inbound { all | ssh | telnet } Optional 4 Returning to system view [SW880[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-5 Num Item Command Description 15 Configure the SSH compatibility mode [SW8800] ssh server compatible _ ssh1x enable Optional By default, the server is compatible with the SSH1.x client. I. Configuring the protocol the current user interface supports Use this configuration ta[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-6 z The minimum and maximum lengths for the host key and the server key are 512 bits and 2048 bits respectively. Perform the following configuration in sy stem view . Table 50-3 Generate an RSA key pai r Operation Command Generate an RSA key pair rsa local-ke y-pair create De[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-7 Table 50-5 Configure the updating cycle of the server key Operation Command Configure the updating cycle of the server key ssh server rekey-interv al hours Cancel the updating cycle configuration undo ssh server rekey -interval By default, the system does not update the ser[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-8 Table 50-8 Public key configuration Operation Command Enter the public key view rsa peer-public-key key - name Exit the public view and return to the system view peer-public-key end  Note: The configuration commands a re applicable to the environment s where the server e[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-9 While the Generator is running, move your mous e over the blank area of the window. Save the pair of keys as publickey and privatekey. File names are aaa.pub and aaa.pri[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-10 Convert the file aaa.pub into key configuration data in Hex. Convert the converted result in to the CLI of the switch unit [SW8800-rsa-key-code] [SW8800-rsa-key-code]30818602 81806123 9F5A4D90 9049C7F4 3AC1CAC6 221BAC8B [SW8800-rsa-key-code]450CE4DD 4F0B3C96 84078BA5 CA1F5[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-11 X. Exiting the public key edit view Use this configuration task to return from the public key edit view to the public key view and save the input publi c key . Before saving the input public key , the system will che ck the validity of the key: z If the public key string c[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-12 50.1.3 SSH Client Configuration The following sections descri be the SSH client configuration ta sks. z Set to perform the first-time authenticat ion on the SSH server to be acce ssed z Specifying the public key of the server z Configuring the first-time au thentication of[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-13 Perform the following configuration in sy stem view . Table 50-16 Configure the first-time aut hentication of the server Operation Command Configure the first-time aut hentication of the serve r ssh client first-time enable Cancel the first-time authentication of the serve[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-14 II. Network diagram Switc h PC SSH clien t Switc h SSH ser v e r PC Figure 50-3 Network diag ram for SSH se rver III. Configuration procedure 1) Generate the RSA key. [SW8800] rsa local-key-pair create  Note: If the configuration for generating the local key has a lread[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-15  Note: You can use the default values for SSH aut hentication timeout and retries. After completing the above configurations, you c an run the SSH 2.0-enabled client softwar e on any other terminal connected with the switch and a ccess the switch with the username clien[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-16 50.1.6 SSH Client C onfiguration Example I. Network requirements As shown in Figure 50-4: z Switch A is used as an SSH client. z Switch B is used as the SSH server , and the IP address is 10.1 65 . 87.136. II. Network diagram PC IP address 10.165.87.136 SSH client Switch B[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-17 [SW8800] ssh client first-time enable Access the remote server and perform o peration s. z Employ RSA public key authentication mode, and start using the co rrespondin g encryption algorithm configured. [SW8800] ssh2 10.165.87.136 22 perfer_kex dh_group1 perfer_ctos_cipher[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-18 Table 50-18 Configure the servi ce type to be used Operation Command Configure the service type to be used ssh user username service-ty pe { telnet | sftp | all } Restore the default service type undo ssh user username service-type By default, the service type is telnet . [...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-19 Num Item Command Description sftp-client> bye sftp-client> exit 3 Shut down the SFTP client sftp-client> quit Optional Chang the current direct ory sftp-c lient> cd [ remote - path ] Return to the upper directory sftp-c lient> cdup Display the current direct[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-20 Perform the following configuration in sy stem view . Table 50-21 Start the SFTP client Operation Co mmand Start the SFTP client sftp ipaddr [ prefer_kex { dh_group1 | dh_exchange_grou p } ] [ prefer_ctos_cipher { des | 3des | aes128 } ] [ prefer_stoc_cipher { des | 3des |[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-21 Operation Command directory ls [ remote - path ] Create a new directory on the server mkdir remote - path Delete a directory from the server rmdir remote - path  Note: The dir command and the ls command have the sam e functionality. IV. SFTP file operations As shown in [...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-22 Table 50-25 Display help information for clie nt comm ands Operation Command Display help information for client command s help [ command - nam e ] 50.2.4 SFTP Conf iguration Example I. Network requirements As shown in Figure 50-5: z Switch B is used as the SFTP server , a[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-23 [SW8800-rsa-public-key] public-key-code begin [SW8800-rsa-key-code] 308186028180739A291ABDA704F5D93DC8FDF84C427463 [SW8800-rsa-key-code] 1991C164B0DF178C55FA833591C7D47D5381D09CE82913 [SW8800-rsa-key-code] D7EDF9C08511D83CA4ED2B30B809808EB0D1F52D045DE4 [SW8800-rsa-key-code[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-24 -rwxrwxrwx 1 noone nogroup 225 Aug 24 08:01 pubkey2 -rwxrwxrwx 1 noone nogroup 283 Aug 24 07:39 pubkey1 drwxrwxrwx 1 noone nogroup 0 Sep 01 06:22 new -rwxrwxrwx 1 noone nogroup 225 Sep 01 06:55 pub Create a new directory new 1, and check if the new directory has been creat[...]

3Com Switch 8800 Configurati on Guid e Chapter 50 SSH Terminal Service 50-25 sftp-client> Exit SFTP . sftp-client> quit Bye <SW8800>[...]

3Com Switch 8800 Configurati on Gu id e Chapter 51 PoE Configuration 51-1 Chapter 51 PoE Configuration 51.1 PoE Overview 51.1.1 PoE on the Switch The Switch 8800 support s power-over-Ethernet (PoE). Equipped wi th external power supply and PoE-cap able cards, Switch 8800 s can p r ovide 48 VDC power for remote powered devices (PDs, such as IP phone[...]

3Com Switch 8800 Configurati on Gu id e Chapter 51 PoE Configuration 51-2 51.1.2 External PSE 4500-A Power System If PSE4500-A power system is t aken as the external power supply of the switch, the power distribution is as follows: 1) Input voltage: 90 VAC to 160 VAC z One PSU (power supply unit) of the PSE4500-A power system can provide 1200 W of [...]

3Com Switch 8800 Configurati on Gu id e Chapter 51 PoE Configuration 51-3 Table 51-1 PoE configuration tasks o n the Switch 8800 No Item Command Description 1 Enter sy stem view system-view — 2 Enter Ethernet port view interface interfac e - typ e interface - number As a result of this command, a port view prompt is displayed, which varies with t[...]

3Com Switch 8800 Configurati on Gu id e Chapter 51 PoE Configuration 51-4 T o cancel the configurations, use the corresponding undo command s. For details about the parameters, refer to the Com mand Manual .  Note: z When setting the maximum PoE power supplied by the switch, yo u must set it to a value greater than the total power that has been [...]

3Com Switch 8800 Configurati on Gu id e Chapter 51 PoE Configuration 51-5 II. Network diagram Figure 51-1 PoE remote power supplyin g III. Configuration procedure Set the maximum power to 400 W on t he card in slot 3. By default, the power o f each card is full, so the power on the card in sl ot 5 need not be configured. [SW8800] poe max-power 400 [...]

3Com Switch 8800 Configurati on Guide Chapt er 52 PoE PSU Supervision Config uration 52-1 Chapter 52 PoE PSU Supervision Configuration 52.1 Introduction to PoE PSU Supervision The PoE-capable Swit ch 8800 can moni tor the external PoE PSUs through the powe r supervision module on th e PoE extern al power system. The PoE PSU supervision module e nab[...]

3Com Switch 8800 Configurati on Guide Chapt er 52 PoE PSU Supervision Config uration 52-2  Note: z You can set the thresholds to any appro priate values in the range, but make sure the lower threshold is le ss t han the upper threshol d. z For 220 VAC input, it is recommended to set the upper threshold to 264 V and th e lower threshol d to 181 V[...]

3Com Switch 8800 Configurati on Guide Chapt er 52 PoE PSU Supervision Config uration 52-3 52.3.1 DC Output Alarm Thres holds Configuration Tasks Table 52-2 DC output ala rm thre sh olds configuration tasks No Operation Command Description 1 Enter system v iew system-view — 2 Set the overvoltage alarm threshold of DC output (upp er threshold) for [...]

3Com Switch 8800 Configurati on Guide Chapt er 52 PoE PSU Supervision Config uration 52-4 [SW8800] poe-power output-thresh lower 45.0 Display the DC output state of the PoE PSUs. [SW8800] display poe-power dc-output state Display the DC output voltage/current value s of the PoE PSUs. [SW8800] display poe-power dc-output value 52.4 Displaying PoE Su[...]

3Com Switch 8800 Configurati on Guide Chapt er 52 PoE PSU Supervision Config uration 52-5 II. Network diagram Figure 52-1 Network diagram for PoE s upe rvisio n configuration III. Configuration procedure Enter system view . <SW8800> system-view Set the overvoltage alarm t hreshold of AC input for PoE PSUs to 264.0 V . [SW8800] poe-power input[...]