NEC INTELLIGENT L2 SWITCH N8406-022A инструкция обслуживания

N8406-022A 1Gb Intelligent L2 Switch Application Guide Part number: 856-126757-106-00 First edition: July 2008[...]

2 Legal notices © 2008 NEC Corporation. The information contained herein is subject to change without notice. The only wa rranties for NEC products and services are set forth in the express warranty statements accompanying such products and serv ices. Nothing herein should be construed as constituting an addi tional warranty. NEC shall not be liab[...]

Accessing the switch 3 Contents Accessing the switch Introduction ............................................................................................................................................................. 6 Additional references ......................................................................................................[...]

Accessing the switch 4 Bridge Protocol Data Units ................................................................................................................................... 49 Determining the path for forwarding BPDUs ...................................................................................... ............. 49 Spanning Tree Group[...]

Accessing the switch 5 Customer support tools ......................................................................................................... .......................... 94[...]

Accessing the switch 6 Accessing the switch Introduction This guide describes ho w to use and configure the s witch on the Layer2 switch mode. For the information of ho w to use on the SmartPanel mode, see the SmartPane l Refer ence Guide. For the information of SSH, RADIUS, and TACACS+ on the SmartPanel mode, this gui de will help you. This guide [...]

Accessing the switch 7 Management Network The 1Gb Intelligent L2 Switch is a S witch Module within the Blade Enclosure. T he Blade Enclosure includ es an Enclosure Manager Card which manages the modules and CPU Blad es in the enclosure. The 1Gb Intelligent L2 Switch communicat es with the En closure Manager Card through it s internal management por[...]

Accessing the switch 8 Using the command line int erfaces The command line interface (CLI) can be ac cessed via local terminal connectio n or a remote session using Telnet or SSH. The CLI is the most direct method for collecting switch information and performin g switch configuration. The switch provides two CLI modes: The menu- based AOS CLI, and [...]

Accessing the switch 9 4. Configuring the default gate ways allows the sw itch to send outbound traffic to the routers. >> IP Interface 256# ../gw 4 (Select default gateway 4) >> Default gateway 4# addr 205.21.17.1 (Assign IP address for a router) >> Default gateway 4# ena (Enable default gateway 4) 5. Apply, verify, and sa ve the[...]

Accessing the switch 10 SNMP v3.0 SNMPv3 is an enhanced version of the Simple Net w ork Management Protocol, approved b y the Internet Engineering Steerin g Group i n March, 2002. SNMP v3.0 cont ains additional securit y and authenticat ion features that provide data origin aut hentication, data i nt egrit y checks, timeliness indicators, and e n c[...]

Accessing the switch 11 View based configurations CLI user equivalent To configure an SNMP user equivalent to t he CLI 'user,' use the fo llowing config uratio n: /c/sys/ssnmp/snmpv3/usm 4 name "usr" /c/sys/ssnmp/snmpv3/access 3 name "usrgrp" rview "usr" wview "usr" nview "usr" /c/sys/ssnm[...]

Accessing the switch 12 Configuring SNMP trap hosts SNMPv1 trap host 1. Configure a user with no authenticati on and pass word. /c/sys/ssnmp/snmpv3/usm 10 name "v1trap" 2. Configure an access group and grou p table entries for the user. T he command /c/sys/ssnmp/snmpv3/access <x>/nview can be used to specify which traps can be recei[...]

Accessing the switch 13 SNMPv2 trap host configuration The SNMPv2 trap host configuration is simil ar to the SN MPv1 trap host configuration. Wherever you specif y the model you need to specif y snmpv2 instead of snmpv1 . c/sys/ssnmp/snmpv3/usm 10 name "v2trap" /c/sys/ssnmp/snmpv3/access 10 name "v2trap" model snmpv2 nview "[...]

Accessing the switch 14 Secure access to the switch Secure switch management is needed for environm ents th at perform significant manage ment functions across the Internet. The following are some of the functions for secure d mana gement: • Limiting management users to a specific IP addre ss range. See the “Setting allowable source IP addres s[...]

Accessing the switch 15 How RADIUS authentication works RADIUS authentication works as follows: 1. A remote administrator connects to the switch and provides the user name and password. 2. Using Authentication/Auth orization pr otocol, the switch sends the request to the authentic ation serv er. 3. The authentication server che cks t he request aga[...]

Accessing the switch 16 Configuring RADIUS on t he switch (BBI example) 1. Configure RADIUS parameter s. a. Click the Configure context button. b. Open the System fol der, and select Radius. c. Enter the IP address of the primary and secondar y RADIUS servers, and enter the RADIUS secret for each server. Enable the RADIUS server. CAUTION: If you co[...]

Accessing the switch 17 2. Apply, verify, and sa ve the configur ation. RADIUS authenticat ion features The switch supports the following RADIUS authenticati on features: • Supports RADIUS client on the switch, based on the protocol definitions in RFC 2138 and RFC 2866. • Allows RADIUS secret password up to 32 bytes. • Supports secondary auth[...]

Accessing the switch 18 RADIUS attributes for user privileges When the user logs in, the switch authent ic ates the level of access by sending the RADI US access request, that is, the client authentication request, to the RADIUS authenticati on server. If the authentication server successfully authenticates the r emote user, th e s w itch verifies [...]

Accessing the switch 19 Authorization Authorization is the action of determin in g a user’s privileges on t he device , and usually takes plac e after authentication. The default mapping bet ween TACACS+ authorization pr ivil ege levels and s witch manage ment access le vels is shown in the table below. The privil ege levels listed in the followi[...]

Accessing the switch 20 Configuring TACACS+ authentication on the switch (AOS CLI example) 1. Turn TACACS+ authenticatio n on, then configure the Primar y and Secondary TACACS+ servers. >> Main# /cfg/sys/tacacs (Select the TACACS+ Server menu) >> TACACS+ Server# on (Turn TACACS+ on) Current status: OFF New status: ON >> TACACS+ Se[...]

Accessing the switch 21 Configuring TACACS+ authentication on the switch (BBI example) 1. Configure TACACS+ authent ication for the switch. a. Click the Configure context button. b. Open the System folder, and select Tacacs+. c. Enter the IP address of the primary and seco ndar y TACACS+ servers, and enter the T ACACS+ secret. Enable TACACS+. d. Cl[...]

Accessing the switch 22 e. Configure custom privilege- level mapping (optiona l). Click Submit to accept each mapping change. 2. Apply, verify, and sa ve the configur ation. 1. A pply 3. Save 2. Verify[...]

Accessing the switch 23 Secure Shell and Secure Copy Secure Shell (SSH) and Secure Cop y (SCP) use secu re tunnels to e ncr ypt and secure messages bet ween a remote administrator and the switch. Telnet does not provi de this level of securit y. The Telnet method of managing a switch does not provide a secure connection. SSH is a protocol that enab[...]

Accessing the switch 24 Enabling or disabling SCP apply and save Enter the following commands from the s witch CLI to enabl e the SCP putc fg_apply an d p utcfg_apply_sa ve commands: >> # /cfg/sys/sshd/ena (Enable SCP apply and save) >> # /cfg/sys/sshd/dis (Disable SCP apply and save) SSHD# apply (Apply the changes) Configuring the SCP [...]

Accessing the switch 25 For example: >> # scp ad4.cfg admin@205.178.15.157:putcfg Applying and saving configuration Enter the apply and save commands after the command ab ove (scp ad4.cfg 205.178.15.157:putcfg), or use the following commands. You will be prom pted for a password. >> # scp <local_filename> <user>@<switch I[...]

Accessing the switch 26 Generating RSA host and server keys for SSH access To support the SSH server feature, two sets of RSA keys (host and server ke ys) are requir ed. The host key is 1024 bits and is used to identify the s witch. The server key is 768 bits and is used to make it impossible to decipher a captured session by breaking into the s wi[...]

Accessing the switch 27 User access control The switch allows an administ rator to define end user accounts that permit end users to perform limited actions on the switch. Once end user accounts are conf igure d and enabled, the switch requires us ername/pass word authentication. For example, an administrator can assig n a user who can log into the[...]

Ports and trunking 28 Port s and trunking Introduction The first part of this chapter describes the diff erent t ypes of ports used on the switch. This information is useful in understanding other applic ations described in this gui de, from the conte xt of the embedd ed s witch/server environment. For specific information on how to configure ports[...]

Ports and trunking 29 Statistical load distribution In a configured trunk group containing mor e than one po rt, the load distribution is determ ined by information embedded within the data frame. For IP traffic, the switch will ca lculate th e trunk port to use for forwarding traffic by implementing the load distri bution algorithm on value eq ual[...]

Ports and trunking 30 Port trunking example In this example, the Gigabit uplink ports on each s witch, and the crosslink ports are configured into a total of five trunk groups: two on each switch, and one trunk group at the crosslink bet ween the two switches. All ports operate at Gigabit Ethernet speed. NOTE: The actual mappin g of switch ports to[...]

Ports and trunking 31 Configuring trunk groups (AOS CLI example) 1. On Switch 1, configure trunk groups 5 and 3: >> # /cfg/l2/trunk 5 (Select trunk group 5) >> Trunk group 5# add 23 (Add port 23 to trunk group 5) >> Trunk group 5# add 24 (Add port 24 to trunk group 5) >> Trunk group 5# ena (Enable trunk group 5) >> Tru[...]

Ports and trunking 32 Configuring trunk groups (BBI example) 1. Configure trunk groups. a. Click the Configure cont e xt button on the T oolbar. b. Open the Layer 2 folder, and select Tr unk Groups. c. Click a Trunk Group number to select it. Open Select[...]

Ports and trunking 33 d. Enable the Trunk Group. To add ports, select each port in the Ports Available list, and cl ick Add . e. Click Submit. 2. Apply, verify, and sa ve the configur ation. 3. Examine the trunking informa tion on each switch. a. Click the Dashboard context button on the T oolb ar. 1. A pply 3. Save 2. Verify[...]

Ports and trunking 34 b. Select Trunk Groups. c. Information about each configured trunk grou p is disp layed. Make sure that trunk groups c onsist of the expected ports and that each port is in the expected state. Configurable T runk Hash algorithm This feature allows you to conf igure t he particular parameters for the s witch Trunk Hash algorith[...]

Ports and trunking 35 Link Aggregation Control Prot ocol Link Aggregation Control Prot ocol (LACP) is an IEEE 802. 3ad standard for group ing several physical p orts into one logical port (known as a dyna mic trunk grou p or Li nk Aggr e gatio n group) wit h any devic e that supports the stand ard. Refer to the IEEE 802.3ad-2002 for a full descript[...]

Ports and trunking 36 Configuring LACP Use the following procedure to config ure LACP for port 20 and port 21 to participate in li nk aggregation. 4. Set the LACP mode on port 20. >> # /cfg/l2/lacp/port 20 (Select port 20) >> LACP port 20# mode active (Set port 20 to LACP active mode) 5. Define the admin key on port 20. Only ports with [...]

VLANs 37 VLANs Introduction This chapter describes net work design and topology co nsider ations for using Virtual Loca l Area Networks (VLANs). VLANs are commonly used to split up grou ps of net wo rk users into manageable broadc ast domains, to create logical segmentation of workgroups, and to e nforce secur ity policies among logica l segm ents.[...]

VLANs 38 Viewing and configuring PVIDs You can view PVIDs from the following AOS CLI commands: Port information >> /info/port Port Tag RMON PVID NAME VLAN(s) ---- --- ---- ---- -------------- ------------------------------- 1 n d 1 Downlink1 1 2 n e 1 Downlink2 1 3 n d 1 Downlink3 1 4 n d 1 Downlink4 1 5 n d 1 Downlink5 1 6 n d 1 Downlink6 1 [...]

VLANs 39 Figure 2 Default VLAN settings NOTE: T he port numbers specifi ed in these illustrations may not di rect l y correspond to the physical port configuration of your s witch model. When you configure VLANs, you configur e the switch ports as tagge d or u ntagged members of specific VLANs. See the following figures. In the following figure, th[...]

VLANs 40 Figure 4 802.1Q tagging (after port-based VLAN assignme nt) In the following figure, the tagged incoming packet is assi gned dir ectly to VLAN 2 because of the tag assignme nt in the packet. Port 5 is configured as a tagged member of VLAN 2, and port 7 is configured as an untagged member of VLAN 2. Figure 5 802.1Q tag assignment As shown i[...]

VLANs 41 VLANs and IP interfaces Carefully consider how you cr eate VLANs within the s w itch, so that communication with the switch remains possible. In order to access the swit ch for remote configuration, trap me ssages, and other manag ement functions, be sure that at least one IP interf ace on the switch has a VLAN defined. You can also inadve[...]

VLANs 42 Multiple VLANS with tagging The following figure shows only those s witch port to server links that must be configur ed for the example. While not shown, all other server links remain set at their default settings. Figure 7 Multiple VLANs with VLAN tagging The features of this VLAN are described in the follo wing tabl e: NOTE: T he port nu[...]

VLANs 43 Table 9 Multiple VLANs with tagging Component Description CPU Blade Server #2 This blade server belongs to VLAN 3. The port that the VLAN is attached to is configured only for VLAN 3, so VLAN tagging is off. PC #1 This PC is a member of VLAN 2 and 3. Via VLAN 2, it can communicate with Server 1, PC 3, and PC 5. Via VLAN 3, it can communica[...]

VLANs 44 2. Configure the VLANs and their member port s. Since all ports are by default configured fo r VLAN 1, confi gure only those ports that belon g to VLAN 2. crosslin k ports 17 and 18 must belong to VLANs 1 and 3. >> /cfg/l2/vlan 2 >> VLAN 2# add 1 (Add port 1 to VLAN 2) Current ports for VLAN 2: empty Pending new ports for VLAN [...]

VLANs 45 2. Configure the VLANs and their member port s. Since all ports are by default configured fo r VLAN 1, confi gure only those ports that belon g to other VLANs. >> /cfg/l2/vlan 3 >> VLAN 3# add 2 Current ports for VLAN 3: empty Pending new ports for VLAN 3: 2 >> VLAN 3# add 4 Current ports for VLAN 3: 2 Pending new ports f[...]

VLANs 46 c. Click a port number to select it. d. Enable the port and enable VLAN taggi ng. e. Click Submit.[...]

VLANs 47 2. Configure the VLANs and their member port s. a. Open the Virtual LANs fo lder, and select Add VLAN. b. Enter the VLAN name, VLAN ID number, and enabl e the VLAN. To add ports, select eac h port in the Ports Available list and click Add. Since all ports ar e config ured for VLAN 1 by default, configure onl y those ports that belong to VL[...]

VLANs 48 The external Layer 2 s witches should also be configured for VLANs and taggin g. 3. Apply, verify, and sa ve the configur ation. FDB static entries Static entries in the Forwarding Database ( F DB) allow the switch to forward packets without flooding ports to perform a lookup. A FDB static entry is a MAC address ass o ciated with a specifi[...]

Spanning Tree Protocol 49 S p anning T ree Protocol Introduction When multiple paths exist on a net work, Spanning Tree Prot ocol (STP) configures the ne twork so that a switch uses only the most efficient path. The following topics are di scussed in this chapter: • Overview • Bridge Protocol Data Units (BPDUs) • Spanning Tree Group (ST G) co[...]

Spanning Tree Protocol 50 Port path cost The port path cost assigns lower values to high-ba nd width ports, such as Gigabit Ether net, to encourage their use. The objective is to use the fastest links so that the route with the lowest cost is chosen. A value of 0 indicates that port cost is computed dynamically based on link spe ed. Th is works whe[...]

Spanning Tree Protocol 51 Adding and removing ports from STGs Information on adding and removing ports from STGs is as follo ws: • By default, all ports except Port 19 belong to VLAN 1 and STG 1. • Each port is always a member of at least one VLAN . Each VLAN is always a member of at least one STG. Port membership within VLANs can be change d, [...]

Spanning Tree Protocol 52 Figure 8 Two VLANs on one instance of Sp a nning Tree Protocol In the following figure, VLAN 1 and VLAN 2 belong to different Spanning T ree Groups. The two instances of spanning tree separate the topolo g y without forming a loop, so that both VLANs can for ward packets between the switch es without l osing connecti vity.[...]

Spanning Tree Protocol 53 Configuring Switch 1 (AOS CLI example) 1. Configure port and VLAN membership on S witch 1 as described in the “Configuring port s and VLANs on Switch 1 (AOS CLI example)” section, in the “VLANs” chapter of this guide. 2. Add VLAN 2 to Spanning Tree Group 2. >> /cfg/l2/stp 2 (Select Spanning Tree Group 2) >[...]

Spanning Tree Protocol 54 c. Enter the Spanning Tree Group numb er and set the Swit ch Spanning T ree State to on. To add a VLAN to the Spanning Tree Group, select the VLAN in the VL ANs A vaila ble list, and click Add. VLAN 2 is automatically removed from Spannin g T ree Group 1. d. Scroll down, and click Submit. 3. Apply, verify, and sa ve the co[...]

Spanning Tree Protocol 55 Configuring Port Fast Forwarding Use the following CLI commands to enable Port Fast For warding on an external port. >> # /cfg/l2/stp 1/port 20 (Select port 20) >> Spanning Tree Port 20# fastfwd ena (Enable Port Fast Forwarding) >> Spanning Tree Port 20# apply (Make your changes active) >> Spanning [...]

RSTP and MSTP 56 RSTP and MSTP Introduction Rapid Spanning T ree Protocol (IEEE 802.1w) enhances the Spanning T ree Protocol (IEEE 802.1D) to provide r api d convergence on Spannin g Tree Group 1. Multiple Spa nnin g Tree Protocol (IEEE 802.1s) extends the Rapid Spanning Tree Protocol to provide b oth rapid c onvergence and load b alancing in a VLA[...]

RSTP and MSTP 57 RSTP configuration guidelines This section provides important information about configuri ng Rapid Spanning T r ee Grou ps: • When RSTP is turned on, STP par ameters apply only to ST P Group 1. • When RSTP is turned on, all VLANs from ST P Groups other than STP Group 1 are moved to ST P Group 1. The other STP Groups (2-32) are [...]

RSTP and MSTP 58 b. Open the MSTP/RSTP fo lder, and select General. c. Select RSTP mode, and set the MSTP/RSTP state to ON. d. Click Submit. 3. Apply, verify, and sa ve the configur ation. Open Select 1. A pply 3. Save 2. Verify[...]

RSTP and MSTP 59 Multiple S panning T ree Protocol IEEE 802.1s Multiple Spanning Tr ee extends the IEEE 802.1 w Rapid Spanning Tree Protocol through m ultiple Spanning Tree Groups. MSTP maintai ns up to 32 spanning -tree instances that correspond to STP Groups 1-32. In Multiple Spanning Tree Protocol (MST P), several VL ANs can be mapped to each Sp[...]

RSTP and MSTP 60 3. Assign VLANs to Spanning Tree Groups. >> /cfg/l2/stp 2 (Select Spanning Tree Group 2) >> Spanning Tree Group 2# add 2 (Add VLAN 2) >> Spanning Tree Group 2# apply (Apply the configurations) Configuring Multiple Spanning Tree Protocol (BBI example) 1. Configure port and VLAN membership on the s witch, as describ[...]

RSTP and MSTP 61 3. Configure Common Internal Span ni ng Trees (CIST) bridge paramet ers. a. Open the MSTP/RSTP fol der, and select CIST -Bridge. b. Enter the Bridge Priority, Maximum Age, and For ward Delay values. c. Click Submit. Open Select[...]

RSTP and MSTP 62 4. Configure Common Internal Span ning Tree (CIST) port parameters. a. Open the MSTP/RSTP folder, and select CIST -Ports. b. Click a port number to select it. Open Select[...]

RSTP and MSTP 63 c. Enter the Port Priority, Path Cost, and select the Link Type. Set t he CIST Port State to ON . d. Click Submit. 5. Apply, verify, and sa ve the configur ation. 1. A pply 3. Save 2. Verify[...]

IGMP Snooping 64 IGMP Snooping Introduction IGMP Snooping allows the switch to forward multicast tr affic only to those ports that request it. IGMP Snooping prevents multicast traffic from being flooded to all data ports. T he s witch learns which server hosts are interested in receiving multicast traffic, and forwards it only to ports connected to[...]

IGMP Snooping 65 IGMP Filtering With IGMP Filtering, you can allo w or den y a port to send and receive multicast traffic to certain multicast groups. Unauthorized users are restric ted from stream ing multicast traffic across the net work. If access to a multicast group is denied, IGMP Membership Reports from the port for t hat group are dropped, [...]

IGMP Snooping 66 3. View dynamic IGMP information. >> /info/l3/igmp (Select IGMP Information menu) >> IGMP Multicast# dump (Show IGMP Group information) >> Switch-A - IGMP Multicast# dump Group VLAN Version Port ----------- ------ --------- ------------- 238.1.0.0 1 V2 20 238.1.0.1 1 V2 21 >> IGMP Multicast# mrouter (Select [...]

IGMP Snooping 67 3. Assign the IGMP Filter to a port. >> //cfg/l3/igmp/igmpflt (Select IGMP Filtering menu) >>IGMP Filter# port 24 (Select port 24) >>IGMP Port 24# filt ena (Enable IGMP Filtering on the port) Current port 24 filtering: disabled New port 24 filtering: enabled >>IGMP Port 24# add 1 (Add IGMP Filter 1 to the po[...]

IGMP Snooping 68 c. Enable IGMP Snooping. d. Click Submit. 3. Apply, verify, and sa ve the configur ation. 1. A pply 3. Save 2. Verify[...]

IGMP Snooping 69 Configuring IGMP Filtering (BBI example) 1. Configure IGMP Snooping. 2. Enable IGMP Filtering. a. Click the Configure context button. b. Open the IGMP folder, and select IGMP Filters (click the underlined text, not the fold er). c. Enable IGMP Filtering globally. d. Click Submit. Open Select[...]

IGMP Snooping 70 3. Define the IGMP Filter. a. Select Layer 3 > IGMP > IGMP Filters > Add Filter. b. Enable the IGMP Filter. Assign the range of IP mult icast address es and the filter action (allo w or den y). c. Click Submit. Open Select[...]

IGMP Snooping 71 4. Assign the filter to a port and enable IGMP Filtering on the port. a. Select Layer 3 > IGMP > IGMP Filters > Sw itch Ports. b. Select a port from the list. Open Select[...]

IGMP Snooping 72 c. Enable IGMP Filtering on the port. Select a filter in the IGMP Filters Available list, and clic k Add. d. Click Submit. 5. Apply, verify, and sa ve the configur ation. 1. A pply 3. Save 2. Verify[...]

IGMP Snooping 73 Configuring a Static Multicas t Router (BBI example) 1. Configure Static Mrouter. a. Click the Configure context button. b. Open the Switch folder and select IP Menu > IGMP > IGMP Static MRouter. c. Enter a port number, VLAN ID number, and IGMP version number. d. Click Submit. 2. Apply, verify, and sa ve the configur ation. 1[...]

Remote monitoring 74 Remote monitoring Introduction Remote Monitoring (RMON) allows net work devices to exchang e net work monitoring data. RMON performs the following major functions : • Gathers cumulative statistics for Ethernet interfaces • Tracks a history of statis tics for Ethernet interfaces • Creates and triggers alarms for user-defin[...]

Remote monitoring 75 2. View RMON statistics for the port. >> /stats/port 23 (Select Port 23 Stats) >> Port Statistics# rmon ------------------------------------------------------------------ RMON statistics for port 23: etherStatsDropEvents: NA etherStatsOctets: 7305626 etherStatsPkts: 48686 etherStatsBroadcastPkts: 4380 etherStatsMult[...]

Remote monitoring 76 2. Select a port. 3. Enable RMON on the port.[...]

Remote monitoring 77 4. Click Submit. 5. Apply, verify, and sa ve the configur ation. RMON group 2 — history The RMON History group allows yo u to sam ple and arch ive Ethernet statistics for a specific interface during a specific time interval. The switch supp orts up to five RMON History groups. NOTE: RMON port statistics must be enabled for th[...]

Remote monitoring 78 Configure RMON History (BBI example) 1. Configure an RMON History group. a. Click the Configure context button. b. Open the Switch folder, and select RMON > History > Add History Group. 2. Configure RMON History Group parameters. 3. Click Submit. 4. Apply, verify, and sa ve the configur ation. Open Select 1. A pply 3. Sav[...]

Remote monitoring 79 RMON group 3 — alarms The RMON Alarm group allo ws you to define a set of thresholds us ed to de termine network performance. W hen a configured threshold is crossed, an al arm is gen erated. For exampl e, you can configure the s witch to issue an alarm if more than 1,000 CRC errors occur during a 10-m i nute time interval. T[...]

Remote monitoring 80 Configure RMON Alarms (AOS CLI example 2) 1. Configure the RMON Alarm para meters to track ICMP messages. >> /cfg/rmon/alarm 5 (Select RMON Alarm 5) >> RMON Alarm 5# oid 1.3.6.1.2.1.5.8.0 >> RMON Alarm 5# intrval 60 >> RMON Alarm 5# almtype rising >> RMON Alarm 5# rlimit 200 >> RMON Alarm 5# [...]

Remote monitoring 81 Configure RMON Alarm Group parameters to check ifInOctets on por t 19 once every hour. Enter a rising lim it of two billion, and a rising event i ndex of 6. This configuration cr eates an RMON alarm that checks ifInOctets on port 19 once every hour. If the statistic exce eds t wo billion, an alarm is generate d that triggers ev[...]

Remote monitoring 82 Configure RMON Alarms (BBI example 2) 1. Configure an RMON Alarm group. a. Click the Configure context button. b. Open the Switch folder, and sele ct RMON > Alarm > Add Alarm Group. Configure RMON Alarm Group parameters to check icmpInEchos , with a polling interval of 60, a rising limit of 200, and a rising event index o[...]

Remote monitoring 83 3. Apply, verify, and sa ve the configur ation. RMON group 9 — events The RMON Event group allo ws you to define events that are triggered by alarms. An event can be a log message, an SNMP trap message, or both. The switch supports up to 30 RMON Event groups. When an alarm is generated, i t triggers a co rresponding eve nt no[...]

Remote monitoring 84 Configuring RMON Events (BBI example) 1. Configure an RMON Event group. a. Click the Configure context button. b. Open the Switch folder, and select RMON > Event > Add Event Group. Configure RMON Event Group parameters. This configuration creates a n RMON event that sends a SYSLOG message each time it is triggered by an a[...]

High availability 85 High availability Introduction Switches support high availab ilit y network topologies. This releas e provides information a bout Up link Failure Detection. Uplink Failure Detection Uplink Failure Detection (UFD) is desig ne d to support Network Adapter Teaming on the CPU Blades. UFD allows the switch to monitor specific uplink[...]

High availability 86 Failure Detection Pair To use UFD, you must configure a Failure D etection Pa ir and then turn UFD on. A Failur e Detection Pair consists of the following groups of ports: • Link to Monitor (LtM) The Link to Monitor group consists of one uplink port (20-24) , one trunk group that contains only uplink ports , or one LACP trunk[...]

High availability 87 Monitoring Uplink Failure Detection The UFD information menu displays th e current status of the LtM and LtD, and their member ports or trunks. For example: >> Information# ufd Uplink Failure Detection 1: Enabled LtM status: Down Member STG STG State Link Status --------- --- ------------ ----------- port 24 down 1 DISABL[...]

High availability 88 Configuring UFD on Switch 2 (AOS CLI example) 1. Create a trunk group of uplink ports (20-24) t o monitor. First you must set each port to full duplex mode. >> Main# /cfg/port 20/gig/mode full (Set port 20 to full duplex) >> Main# /cfg/port 22/gig/mode full (Set port 22 to full duplex) >> Main# /cfg/trunk 2 (C[...]

High availability 89 d. Enable the FDP. Select ports in the LtM Ports Available list, and click Ad d to plac e the por ts into the Link to Monitor (LtM). Select ports in the LtD Ports Available list, and click A dd to place the por ts into the Link to Disable (LtD). e. Click Submit. 2. Apply, verify, and sa ve the configur ation. 1. A pply 3. Save [...]

Troubleshooting tools 90 T roubleshooting tools Introduction This appendix discusses some tools to hel p you use the Port Mirroring feat ure to troubl eshoot common net work problems on the switch. Port Mirroring The Port Mirroring feature on t he s witch is very useful for troubleshooting a ny connection-oriented pro ble m. An y traffic in or out [...]

Troubleshooting tools 91 Configuring Port Mirroring (AOS CLI example) To configure Port Mirroring for the ex ample sho wn in the precedi ng figure: 1. Specify the monitoring port. >> # /cfg/pmirr/monport 20 (Select port 20 for monitoring) 2. Select the ports that you want to mirror. >> Port 20 # add 23 (Select port 23 to mirror) >>[...]

Troubleshooting tools 92 Configuring Port Mirroring (BBI example) 1. Configure Port Mirroring. a. Click the Configure context button. b. Open the Switch folder, and select Port-Based Port Mirroring (click the u nderlined text, not the folder). c. Click a port number to select a monitoring port. d. Click Add Mirrored Port. Open Select[...]

Troubleshooting tools 93 e. Enter a port number for the mirrored po rt, and select the Port Mirror Direction. f. Click Submit. 2. Apply, verify, and sa ve the configur ation. 3. Verify the Port Mirroring information on the switch. 1. A pply 3. Save 2. Verify[...]

Troubleshooting tools 94 Other network troubleshooting techniques Other network troubleshooting techni ques i nclude the following. Console and Syslog messages When a switch experiences a probl em, review the c onsole and S yslog messages. The switch displa ys t hese informative messages when state changes a nd system prob lems occur. Syslog messag[...]