3Com SUPERSTACK 3 3250 Implementation Manual Download Page 12

Page: 12 / 132

BOUT

HIS

UIDE

Please include the following information when contacting us:

■

Document title

■

Document part number (on the title page)

■

Page number (if appropriate)

Example:

■

SuperStack

3 Switch 3226 and Switch 3250 Implementation Guide

■

Part number: DUA1750-0BAA01

■

Page 25

Please note that we can only respond to comments and questions about
3Com product documentation at this e-mail address. Questions related to
technical support or sales should be directed in the first instance to your
network supplier.

Summary of Contents for SUPERSTACK 3 3250

Page 1: ...http www 3com com Part No DUA1750 0BAA01 Published December 2003 SuperStack 3 Switch 3226 and Switch 3250 Implementation Guide 3CR17500 91 3CR17501 91...

Page 2: ...ned in or delivered to you in conjunction with this User Guide Unless otherwise indicated 3Com registered trademarks are registered in the United States and may or may not be registered in other count...

Page 3: ...onfiguration Save and Restore 15 Multicast Filtering 16 Rapid Spanning Tree Protocol 16 Switch Database 17 Traffic Prioritization 17 Rate Limiting 17 RMON 17 Broadcast Storm Control 18 VLANs 18 Automa...

Page 4: ...tering 34 4 USING RESILIENCE FEATURES Rapid Spanning Tree Protocol 35 Rapid Spanning Tree Protocol RSTP 36 What is STP 36 How STP Works 38 STP Requirements 38 STP Calculation 39 STP Configuration 39 S...

Page 5: ...ON and the Switch 57 Alarm Events 58 8 SETTING UP VIRTUAL LANS What are VLANs 59 Benefits of VLANs 60 VLANs and Your Switch 61 The Default VLAN 61 Communication Between VLANs 61 Creating New VLANs 63...

Page 6: ...77 How RADIUS Authentication Works 78 Important Considerations 79 What is RADIUS 80 11 IP ROUTING What is Routing 82 Routing in a Subnetworked Environment 82 What is IP Routing 83 Benefits of IP Rout...

Page 7: ...EXAMPLES Simple Network Configuration Example 104 Desktop Switch Example 104 Advanced Network Configuration Example 105 Edge Switch Example 105 C IP ADDRESSING IP Addresses 107 Simple Overview 107 Ad...

Page 8: ......

Page 9: ...istrator who is responsible for configuring using and managing the Switches It assumes a working knowledge of local area network LAN operations and familiarity with communication protocols that are us...

Page 10: ...mple To change your password use the following syntax system password password In this example you must supply a password for password Commands The word command means that you must enter the command e...

Page 11: ...supplied in HTML format on the CD ROM that accompanies your Switch SuperStack 3 Switch 3226 and SuperStack 3 Switch 3250 Management Quick Reference Guide This guide contains a list of the features su...

Page 12: ...appropriate Example SuperStack 3 Switch 3226 and Switch 3250 Implementation Guide Part number DUA1750 0BAA01 Page 25 Please note that we can only respond to comments and questions about 3Com product d...

Page 13: ...onitor the way it works you have to access the management software that resides on the Switch This is known as managing the Switch Managing the Switch can help you to improve its efficiency and theref...

Page 14: ...control When auto negotiation is enabled default a port advertises its maximum capabilities these capabilities are by default the parameters that provide the highest performance supported by the port...

Page 15: ...e configuration file You must have read write management access level to be able to save and restore the Switch configuration Important Considerations 3Com recommends the Switch unit is reset to its f...

Page 16: ...TML format on the CD ROM that accompanies your Switch Multicast Filtering Multicast filtering allows the Switch to forward multicast traffic to only the endstations that are part of a predefined multi...

Page 17: ...pter 5 Using the Switch Database Traffic Prioritization The traffic prioritization capabilities of your Switch provides Class of Service CoS prioritization to your network You can prioritize traffic o...

Page 18: ...ces that can be located anywhere in a network but which communicate as if they are on the same physical segment With VLANs you can segment your network without being restricted by physical connections...

Page 19: ...hroughout an IP network It is used to join LANs at the network layer that is Layer 3 of the OSI Open Systems Interconnection model Your Switch is optimized for Layer 3 edge configurations and has only...

Page 20: ...20 CHAPTER 1 SWITCH FEATURES OVERVIEW...

Page 21: ...Features The default state for all the features detailed below provides the best configuration for most users In normal operation you do not need to alter the Switch from its default state However und...

Page 22: ...allows ports to automatically determine the best port speed duplex mode only at 10 Mbps and 100 Mbps and flow control When auto negotiation is enabled default a port advertises its maximum capabilitie...

Page 23: ...ports When an SFP module is inserted it has priority over the 10 100 1000 port of the same number 25 26 on the Switch 3226 49 50 on the Switch 3250 The corresponding 10 100 1000 port is disabled when...

Page 24: ...ult aggregated link configurations are extremely resilient and fault tolerant Figure 2 Dynamic Reassignment of Traffic Flows The key benefits of 802 3ad link aggregation are Automatic configuration ne...

Page 25: ...y simply adding an extra physical link between the units The Spanning Tree costs for a port running LACP is the cost assigned for an aggregated link running at that speed As required by the IEEE Std 8...

Page 26: ...st not be physically connected together until the aggregated link has been correctly configured at both ends of the link Failure to configure the aggregated link at both ends before physically connect...

Page 27: ...Gbps aggregated link between two Switch units To manually set up this configuration 1 Prepare ports 5 and 7 on the core Switch for aggregated links To do this a Check that the ports have an identical...

Page 28: ...28 CHAPTER 2 OPTIMIZING BANDWIDTH 3 Connect port 5 on the core Switch to port 25 on the Switch 3226 4 Connect port 7 on the upper Switch to port 26 on the Switch 3226...

Page 29: ...ticast A multicast is a packet that is intended for one to many and many to many communication Users explicitly request to participate in the communication by joining an endstation to a specific multi...

Page 30: ...ore logical and efficient than a unicast approach Application examples include distance learning transmitting stock quotes to brokers and collaborative computing A typical use of multicasts is in vide...

Page 31: ...e typically a router to find out the ports that wish to join a multicast group and then sets its filters accordingly The Switch 3226 and Switch 3250 are compatible with any device that conforms to the...

Page 32: ...hat received a report packet Enabling IGMP Multicast Learning You can enable or disable multicast learning using the Bridge Multicast Filtering IGMP snoopMode command on the Web interface For more inf...

Page 33: ...s do not travel beyond their origin subnetworks and hosts send them at random intervals to prevent the querier from being overwhelmed A host sends a separate report for each group that it wants to joi...

Page 34: ...process conserves bandwidth The alternative is for the router to wait for at least two queries to go unanswered before pruning that subnetwork from the delivery tree Role of IGMP in IP Multicast Filte...

Page 35: ...please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch Rapid Spanning Tree Protocol The Rapid Spanning Tree Protocol makes your net...

Page 36: ...s RSTP or STP will detect any misconfiguration that may cause a temporary loop and react accordingly Easy deployment throughout a legacy network through backward compatibility it will default to sendi...

Page 37: ...etwork configuration that creates loops Figure 6 shows the result of enabling STP on the bridges in the configuration STP detects the duplicate paths and prevents or blocks one of them from forwarding...

Page 38: ...re evaluated the situation and opened the path through Bridge B How STP Works When enabled STP determines the most appropriate path for traffic through a network It does this as outlined in the sectio...

Page 39: ...he one that has the lowest Root Path Cost Note that the Root Bridge does not have a Root Port The identity of the bridge that is to be the Designated Bridge of each LAN segment The Designated Bridge i...

Page 40: ...ks are manually configured incorrectly that is the physical connections do not match the assignment of ports to an aggregated link RSTP and STP may not detect these loops So that RSTP and STP can dete...

Page 41: ...Bridges B C X and Y have been defined as Root Ports because they are the nearest to the Root Bridge and therefore have the most efficient path Bridges B and X offer the same Root Path Cost for LAN seg...

Page 42: ...s a duplicate path and blocks one of the links If the enabled link breaks the disabled link becomes re enabled therefore maintaining connectivity Configuration 2 Redundancy through Meshed Backbone In...

Page 43: ...How STP Works 43 Figure 9 STP configurations...

Page 44: ...using the 802 1Q tagged link between Switch B and Switch C By default this link has a path cost of 100 and is automatically blocked because the other Switch to Switch connections have a path cost of 3...

Page 45: ...ease refer to Chapter 1 of the Getting Started Guide that accompanies your Switch For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require...

Page 46: ...on is removed from the network its entry is also removed from the database Learned entries are removed from the Switch Database if the Switch is reset or powered down Non aging learned If the aging ti...

Page 47: ...at is Traffic Prioritization Traffic prioritization allows high priority data such as time sensitive and system critical data to be transferred smoothly and with minimal delay over a network Traffic p...

Page 48: ...ification is the means of identifying which application generated the traffic so that a service level can be applied to it The three supported methods for classifying traffic are 802 1D classification...

Page 49: ...ority levels are fixed to the traffic queues as shown in Figure 11 Figure 11 IEEE 802 1D traffic types Figure 11 illustrates IEEE 802 1D traffic types as well as associated priority levels and how the...

Page 50: ...ansmitted it is always tagged with a source and a destination IP port number These numbers represent the type of application that created the packet and can be used to prioritize traffic originating f...

Page 51: ...he transmitting endstation sets the priority of each packet When the packet is received the Switch places the packet into the appropriate queue depending on its priority level for onward transmission...

Page 52: ...to prioritize the packet Configuring traffic prioritization CoS can be configured on your Switch using the Web interface or via the Command Line Interface CLI For a detailed description of the command...

Page 53: ...ge the traffic on your network Rate limiting will ensure that the traffic on a connection never exceeds the rate you specify Traffic prioritization will ensure that any packets dropped at times of net...

Page 54: ...54 CHAPTER 6 USING TRAFFIC MANAGEMENT...

Page 55: ...ins more about RMON It covers the following topics What is RMON Benefits of RMON RMON and the Switch What is RMON RMON is a system defined by the IETF Internet Engineering Task Force that allows you t...

Page 56: ...etting thresholds and sampling intervals to generate events on any RMON variable Alarms are used to inform you of network performance problems and they can trigger automated responses through the Even...

Page 57: ...twork devices at regular intervals to gather statistics and identify problems or trends As network sizes and traffic levels grow this approach places a strain on the management workstation and also ge...

Page 58: ...isted in Table 5 Alarms A new or initialized Switch has the following alarm s defined for each port For more information about the alarms setup on the Switch see Alarm Events on page 58 Events A new o...

Page 59: ...Guide supplied in HTML format on the CD ROM that accompanies your Switch What are VLANs A VLAN is a flexible group of devices that can be located anywhere in a network but which communicate as if the...

Page 60: ...st be updated manually With a VLAN setup if an endstation in VLAN Marketing for example is moved to a port in another part of the network and retains its original subnet membership you only need to sp...

Page 61: ...about each VLAN on your Switch before the Switch can use it to forward traffic VLAN Name This is a descriptive name for the VLAN for example Marketing or Management 802 1Q VLAN ID This is used to ide...

Page 62: ...o VLANs Figure 15 Two VLANs connected to a core switch using a third VLAN The Switch can also be used to route traffic between VLANs on a Layer 2 switch Figure 16 shows how a Layer 3 switch can be use...

Page 63: ...VLAN it can be an untagged member but if the port needs to be a member of multiple VLANs it must be a tagged member of all those VLANs except its default VLAN Typically endstations for example clients...

Page 64: ...Connections The simplest VLAN operates in a small network using a single switch In this network there is no requirement to pass traffic for multiple VLANs across a link All traffic is handled by the s...

Page 65: ...are distributed amongst more than one Switch you must use 802 1Q tagged connections so that all VLAN traffic can be passed along the links between the Switches 802 1Q tagging can only be used if the d...

Page 66: ...66 CHAPTER 8 SETTING UP VIRTUAL LANS...

Page 67: ...n HTML format on the CD ROM that accompanies your Switch For background information on IP addressing see Appendix C IP Addressing Automatic IP configuration only operates on the first IP interface of...

Page 68: ...rver is on the network and working correctly it responds to the clients request with an IP address allocated from a pool of available addresses and other parameters such as a subnet mask default gatew...

Page 69: ...Important Considerations 69 If you want DHCP to be the method for automatic configuration make sure that your DHCP servers are operating normally before you power on your Switch...

Page 70: ...70 CHAPTER 9 USING AUTOMATIC IP CONFIGURATION...

Page 71: ...tch 3250 can restrict management access to an IP address or range of IP addresses using the trusted IP feature You can allow an IP address or range of addresses access to one or more of the following...

Page 72: ...and your browser may warn you that certificate has not been certified Using a properly validated certificate provides a higher level of security than the default certificate You can securely browse y...

Page 73: ...dminister your Switch using SSH start your Telnet SSH client and enter the IP address of your Switch If your Telnet SSH application supports both encrypted and unencrypted modes make sure that you hav...

Page 74: ...ule action deny As a result of the above rule the packet matches the parameters of the rule and will be blocked Port Security The Switch 3226 and Switch 3250 support the following port security modes...

Page 75: ...ork Login will not operate correctly if there is a bridge device between the client device and the Switch port or if there are multiple client devices attached via a hub to the Switch port In addition...

Page 76: ...g state and the client device can obtain an IP address If possible when a port is configured for Network Login it should also be configured to be a Spanning Tree Protocol STP edge port This minimizes...

Page 77: ...using the Web interface or the Command Line Interface you need to log in with a valid user name and password For further information on managing the Switch see the Setting Up For Management chapter in...

Page 78: ...r names and passwords require only a single action on the RADIUS database and are reflected immediately The Switch 3226 and Switch 3250 are fully compliant with the industry standard RADIUS protocol F...

Page 79: ...to using the local Switch database for user authentication This allows a user with admin access to login to the Switch via the console port and continue to manage it The Web interface and Telnet do no...

Page 80: ...ansactions between each network device and the server are authenticated by the use of a shared secret Additional security is provided by encryption of passwords to prevent interception by a network sn...

Page 81: ...hat is IP Routing Benefits of IP Routing IP Routing Concepts Multiple IP Interfaces per VLAN Implementing IP Routing IP Routing Protocols User Datagram Protocol UDP Helper Advanced IP Routing Options...

Page 82: ...networks to the main network Routing in a Subnetworked Environment Your Switch allows you to both perform routing and switching within your network You can streamline your network architecture by rou...

Page 83: ...acket it does not know the complete path to a destination only the next hop the next device on the path to the destination Each hop involves three steps 1 The IP routing algorithm computes the next ho...

Page 84: ...a typical case there is no need for you to manually intervene IP Routing Concepts IP routers use the following elements to transmit packets Router Interfaces Routing Tables Layer 3 Switching Multiple...

Page 85: ...t can forward the packet toward its destination The routing table consists of the following elements Destination IP address The destination network subnetwork or host Subnet mask The subnet mask for t...

Page 86: ...v2 Default Route In addition to the routes to specific destinations a routing table can contain a default route The router uses the default route to forward packets that do not match any other routing...

Page 87: ...wn IP interface on the Switch See Chapter 8 for more information on VLANs Multiple IP Interfaces per VLAN You can overlap IP interfaces without configuring a separate VLAN for each subnet This is call...

Page 88: ...g Task Force IETF assigns to your organization This address is specific to your network and Switch Refer to Appendix C for details on IP Addressing Subnet mask The 32 bit number that uses the same for...

Page 89: ...use the Routing Information Protocol RIP protocol to take advantage of routing capabilities RIP is discussed in this chapter Administering IP Routing Keep these points in mind while you administer the...

Page 90: ...tion of a route request Each device keeps its own set of routes in its routing table RIP is an Interior Gateway Protocol IGP for TCP IP networks RIP operates using both active and passive devices Acti...

Page 91: ...modify the update time if needed to adjust performance Send and Receive Modes The following RIP send and receive modes are supported by the Switch Table 6 RIP Parameters RIP Parameter Default Value Ro...

Page 92: ...everse Poison Reverse is a RIP feature that you use specifically with a scheme called Split Horizon The Switch disables Poison Reverse by default Split Horizon avoids the problems that reverse route u...

Page 93: ...as advertised Important Considerations Note the following considerations when you implement RIP on your Switch Use RIP 2 rather than RIP 1 if possible because RIP 2 uses subnet masking and the next ho...

Page 94: ...bers and IP forwarding addresses You can also have up to 4 IP address entries for the same ports You need to have a thorough understanding of your network configuration to use UDP Helper Review the ne...

Page 95: ...s they discard the packet When a device receives the packet and confirms that its IP address matches the target protocol address the receiving device places its MAC address in the target hardware addr...

Page 96: ...orkstation then sends the frames for the remote destination to the Switch which uses its own routing table to reach the destination on the other network Example In the following example Server A canno...

Page 97: ...reports errors back to the source when routing problems occur With ICMP you can determine whether a delivery failure resulted from a local or a remote problem Advanced IP Routing Options Your Switch h...

Page 98: ...98 CHAPTER 11 IP ROUTING...

Page 99: ...1804 ft Category 5 cabling with connections up to 100 m 328 ft The different types of Gigabit Ethernet media and their specifications are detailed in Table 8 Table 8 Gigabit Ethernet cabling Gigabit...

Page 100: ...re 29 illustrates the key topology rules and provides examples of how they allow for large scale Fast Ethernet networks Figure 29 Fast Ethernet configuration rules The key topology rules are Maximum U...

Page 101: ...endstations Configuration Rules with Full Duplex The Switch provides full duplex support for all its ports excluding ports operating at Gigabit speeds Full duplex allows packets to be transmitted and...

Page 102: ...102 APPENDIX A CONFIGURATION RULES...

Page 103: ...B NETWORK CONFIGURATION EXAMPLES This chapter contains the following sections Simple Network Configuration Example Desktop Switch Example Advanced Network Configuration Example Edge Switch Example...

Page 104: ...ch Example The example in Figure 30 shows how a Switch 3226 can be used for a group of users that require dedicated 10 Mbps or 100 Mbps connections to the desktop It illustrates the use of VLANs to se...

Page 105: ...he features supported by your Switch Edge Switch Example The example in Figure 31 shows how you can use a Switch 3250 as an edge switch in a large network It shows how you can use aggregated links to...

Page 106: ...106 APPENDIX B NETWORK CONFIGURATION EXAMPLES...

Page 107: ...ress is Advanced Overview Gives a more in depth explanation of IP addresses and the way they are structured Simple Overview To operate correctly each device on your network must have a unique IP addre...

Page 108: ...ect at time of publication World Wide Web site http www internic net Advanced Overview IP addresses are 32 bit addresses that consist of a network part the address of the network where the host is loc...

Page 109: ...part and 24 bits for the host part Although only a few Class A networks can be created each can contain a very large number of hosts Class B address Uses 16 bits for the network part and 16 bits for...

Page 110: ...s a subnetwork part a subnet mask identifies the bits that constitute the subnetwork address and the bits that constitute the host address A subnet mask is a 32 bit number in the IP address format The...

Page 111: ...The number that includes both the Class B natural network mask 255 255 and the subnet mask 255 240 is sometimes called the extended network prefix Continuing with the previous example the subnetwork...

Page 112: ...h is attached to multiple segments When it receives the IP packets the gateway determines the next network hop on the path to the remote destination and sends the packets to that hop This could either...

Page 113: ...ask imposes on the network One subnet mask per IP network address fixes the number of subnetworks and the number of hosts per subnetwork For example if you decide to configure the 158 100 0 0 16 netwo...

Page 114: ...16 158 101 26 32 16 158 95 80 0 8 The router selects the route to 158 101 26 0 24 because its extended network prefix has the greatest number of bits that correspond to the destination IP address of t...

Page 115: ...o be the same as the netmask for any other supernet As in subnetting a netmask creates a division between the network portion of an address and the host portion of an address However since the network...

Page 116: ...r supernet the portion of that address space that the larger supernet was not using Because the smaller supernet netmask has more 1 bits packets whose address was part of its address space would be ro...

Page 117: ...4 22 in the third octet This yields a netmask of 255 255 252 0 255 255 252 0 11111100 These zeros must be in the first address 255 255 252 0 11111100 Netmask First Address in Supernet 234 170 160 0 2...

Page 118: ...of 4 so the ISP grants an address range starting at 234 170 160 0 and hopes that the block between 158 and 160 can be filled in later Supernet 2 must also begin on an even multiple of 4 The first avai...

Page 119: ...c cable Access Control List ACL A permission system used to restrict access to a resource An ACL comprises a list of authorized users aging The automatic removal of dynamic entries from the Switch Dat...

Page 120: ...ork to fail Broadcast storms can be due to faulty network devices CA See Certificate Authority cache Stores copies of frequently accessed objects locally to users and serves them to users when request...

Page 121: ...IP address endstation A computer printer or server that is connected to a network Ethernet A LAN specification developed jointly by Xerox Intel and Digital Equipment Corporation Ethernet networks use...

Page 122: ...for exchanging files text graphic images sound video and other multimedia files on the World Wide Web HTTPS Hypertext Transfer Protocol over SSL The term is used to describe HTTP transfers that are e...

Page 123: ...router that it wishes to receive transmissions addressed to a specific multicast group Based on group membership information learned from the IGMP a router is able to determine which if any multicast...

Page 124: ...protocol specified by the IEEE for determining which devices have access to a network at any one time MAC address Media Access Control address also called hardware or physical address A layer 2 addres...

Page 125: ...rding to the type of data it carries and its progress though the network RADIUS Remote Authentication Dial In User Service An industry standard protocol for carrying authentication authorization and c...

Page 126: ...using a switch or bridge server A computer in a network that is shared by multiple endstations Servers provide endstations with access to shared network services such as computer files and printer que...

Page 127: ...which port should forward the packet if it is to be forwarded Also known as Forwarding Database TCP IP Transmission Control Protocol Internet Protocol This is the name for two of the most well known p...

Page 128: ...its of the address form the network part of the address VLAN Virtual LAN A group of location and topology independent devices that communicate as if they are on the same physical LAN VLAN tagging A sy...

Page 129: ...7 CIDR Classless InterDomain Routing 114 Configuration Restore 15 Save 15 conventions notice icons About This Guide 10 text About This Guide 10 CoS configuring traffic 52 How traffic is processed to p...

Page 130: ...es and benefits 84 OSI reference model 83 router interface 84 routing table 85 86 transmission process 83 types of routes 89 L learn RIP mode 91 learned SDB entries 46 M MAC Media Access Control addre...

Page 131: ...P 35 avoiding the subdivision of VLANs 44 Bridge Identifier 38 Bridge Protocol Data Units 38 default port costs 39 default priority 38 Designated Bridge 39 Designated Bridge Port 39 example 40 Hello B...

Page 132: ...132 INDEX...

Search results

Summary of Contents for SUPERSTACK 3 3250

Reviews:

Related manuals for SUPERSTACK 3 3250

Brands by name

Popular brands

3Com SUPERSTACK 3 3250, Implementation Manual

Search results

Summary of Contents for SUPERSTACK 3 3250

Reviews:

Related manuals for SUPERSTACK 3 3250

Brands by name

Popular brands