Home
/
Avaya
/
Cajun P580
/
User Manual

Avaya Cajun P580, User Manual, Page: 111 / 770

Share

Page: 111 / 770

Avaya Cajun P580 User Manual Download Page 111

Document No. 650-100-700, Issue 1

4-3

Security

Viewing the
Secure Mode
Setting

To view the secure mode setting, use the following CLI command:

>

show secure-mode

SSHv2

Overview

Purpose of SSH

The Avaya Multiservice switch supports Secure Shell (SSH) version 2 for
clients and servers. SSH is a protocol for secure remote login and other
secure services. SSH provides a secure service that is similar to Telnet.

SSH is necessary because Telnet transmits unencrypted text TCP/IP packets
that anyone on the same network can intercept. SSH encrypts the data being
transmitted and allows for several methods of client/server and user
authentication, connection integrity, and client/server verification. SSH
runs on top of a TCP/IP connection.

SSH Server and
Client

You can use the Avaya Multiservice switch as a server for SSH
connections. The SSH server protocol relies on a public/private key pair
that is generated on the server. The private key is kept on the server and
cannot be viewed. The public key can be displayed and is used by remote
clients to connect to the server. When a client tries to connect to the server,
the server provides the public key to the client. Depending on the
configuration of the client, it may use this key directly, or verify it against a
locally stored copy.

The Avaya Multiservice switch can also be used as a client in SSH
connections.

Encryption
Ciphers

The Avaya Multiservice switch supports Blowfish and 3DES encryption
ciphers. When the client connects to the host, the client supplies a list of
ciphers that it supports. The server selects the strongest common cipher.
You can also configure the Avaya Multiservice switch to force use of a
single cipher.

User
Authentication

The Avaya Multiservice switch supports only password authentication.
Each login attempt requires a username and password authentication for
logging onto the switch.You can also use a RADIUS server for remote
password authentication over a network. User authentication occurs after an
SSH session is successfully established.

The switch supports a maximum of seven client and server SSH sessions
running simultaneously. All connections require password authentication.

«
...
109
110
111
112
113
...
»

Summary of Contents for Cajun P580

Page 1: ...User Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Doc No 650 100 700 Issue 1 September 2003...

Page 2: ...the right in its sole discretion and without notice to make substitutions and modifications in the products and practices described in this document P550R is a registered trademark of Avaya Inc Micros...

Page 3: ...ter 1 Introduction 1 1 Overview 1 1 Switch Descriptions 1 1 Hardware Components 1 2 Overview 1 2 Avaya P580 Multiservice Switch Chassis 1 3 Avaya P882 Multiservice Switch Chassis 1 5 The Power System...

Page 4: ...nt 2 18 Modifying a User Account 2 20 Changing Your Password 2 22 Disabling a User Account 2 23 Deleting a User Account 2 24 Changing the Console Serial Port Settings 2 24 Configuring the Serial Conso...

Page 5: ...g the Public SSH Key 4 6 Configuring SSH Server 4 7 Displaying SSH Connections 4 8 Using the SSH Client 4 8 HTTPS Using SSLv3 or TLSv1 4 9 Overview 4 9 Supported Cipher Suites 4 10 Viewing Cipher Suit...

Page 6: ...r 5 15 Creating or Modifying a User 5 15 Adding a User to a Group 5 16 Removing a User from a Group 5 16 Viewing Configured Users 5 16 Deleting a User 5 17 Changing a User Password 5 17 Configuring SN...

Page 7: ...tion 7 10 Configuring Spanning Tree Bridges 7 11 Viewing Bridge Port Information 7 14 Configuring a Bridge Port 7 17 Configuring Spanning Tree Settings for Switch Ports 7 21 Chapter 8 Configuring Port...

Page 8: ...s of Configuring VLANs and Hash Table Size 9 6 AFT Default Settings 9 7 Address Forwarding Table Auto Sizing Auto Increment and Threshold 9 7 Total Entries Address Memory Age and Super Age Timers 9 9...

Page 9: ...ng Short Lived IP Protocol Filters 12 19 Creating IP Static Routes 12 19 Creating a Static Route to a Null Interface 12 21 Overview 12 21 Procedure 12 23 Creating IP Static ARP Entries 12 24 Creating...

Page 10: ...RP Virtual Router 12 77 Displaying VRRP Statistics 12 81 VRRP Configuration Considerations 12 83 Configuring IRDP 12 86 Enabling IRDP on an Interface 12 86 Configuring LDAP 12 89 Configuring LDAP Sett...

Page 11: ...15 7 Enabling OSPF on an IP Interface 15 8 Modifying OSPF Interfaces 15 8 OSPF Passive Interface 15 11 Creating OSPF Virtual Links 15 12 Deleting OSPF Virtual Links 15 14 Modifying OSPF Virtual Links...

Page 12: ...RIP Interfaces 17 1 Creating and Modifying IPX RIP Filters 17 3 Viewing RIP Interface Statistics 17 8 Chapter 18 Configuring the IPX SAP Protocol 18 1 Overview 18 1 Configuring IPX SAP Interfaces 18...

Page 13: ...nt Multicasting 20 5 Displaying Router Ports 20 8 Configuring Static Router Ports 20 9 Searching for Intelligent Multicast Sessions 20 10 Deleting an Intelligent Multicast Session 20 13 Deleting a Mul...

Page 14: ...e Utilization 21 20 Chapter 22 Monitoring and Configuring the Forwarding Cache 22 1 Overview 22 1 Configuring the Forwarding Cache 22 2 Monitoring the Forwarding Cache Statistics 22 4 Displaying Frame...

Page 15: ...a Priority to a DSCP 25 20 Displaying the DiffServ Table 25 21 Displaying the QoS Settings for a Physical Port 25 21 Setting Up an ACL Rule 25 22 Setting Up a Default ACL Rule 25 29 Displaying ACL Ru...

Page 16: ...Ns Statically Bound to Hunt Group Ports A 10 Appendix B Boot Mode B 1 Accessing BOOT Mode B 1 Accessing BOOT Mode During Power Up B 1 Accessing BOOT Mode with Corrupted Operational Images B 1 Password...

Page 17: ...ded in to the following chapters Chapter 1 Introduction Provides an overview of hardware and software used on the P580 and P882 Chapter 2 Setting Up the Switch Explains how to initially configure the...

Page 18: ...tion and procedures for creating access rules enabling an access list logging ACL activity and optimizing switch performance when an access list is enabled Chapter 14 Configuring RIP Routing Explains...

Page 19: ...agement features to optimize traffic throughput through the switch fabric Chapter 25 80 Series QoS Provides information about Quality of Service QoS and explains how to configure QoS on the switch App...

Page 20: ...op the installation System Output Text displayed by the system If you attempt to find the physical location of port 30 the system displays Unit 2 Port 2 Save the running configuration to the startup c...

Page 21: ...The procedures in this guide provide detailed steps for the Web Agent A series of CLI commands are also available that accomplish the same actions These commands are listed after the Web Agent proced...

Page 22: ...ferences Advanced Proxies and verify that the Direct Connection to the Internet button is selected When launching the online help wait until the help window has completely loaded before resizing the w...

Page 23: ...arting the HTTP Web Server To run the HTTP help server 1 Open your system s Wind32 NT Start Menu 2 Select the DocsCD program group 3 Select the document server from that program group The Avaya docume...

Page 24: ...o a Windows95 or NT host on your network 2 Transfer the entire help subdirectory located in C DocsCD to the root directory of your Web server 3 Launch your web browser and connect to your switch 4 Ent...

Page 25: ...e Switches Software Version 5 3 describes how to install and set up the family of Avaya Multiservice switches Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version...

Page 26: ...xxvi User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Preface...

Page 27: ...kbone applications These switches are the centerpiece for Avaya data voice and multimedia LANs The P580 switching capacity ranges from 46Gbps in Fabric mode 1 to 55Gbps in Fabric mode 2 The P882 switc...

Page 28: ...es 2 platform is an evolution of the 50 series also called series 1 architecture It offers a 20 increase in switching fabric performance or 2 11 Gigabits per second per fabric port This allows greater...

Page 29: ...ies modules provides support for Up to 120 10 100BASE TX ports RJ 45 connector autosensing Up to 288 10 100BASE TX ports Telco connector autosensing Up to 60 100BASE FX ports Up to 24 gigabit speed Et...

Page 30: ...slot one for the supervisor module 1 76 Gbps in and out on each fabric port in 50 series mode and 2 11 Gbps in and out on each fabric port in Fabric mode 2 45 76 Gbps backplane capacity in Fabric mode...

Page 31: ...s the redundant supervisor must be installed in slot 2 Ports With 50 Series modules the P882 Chassis supports Up to 300 10 100BASE TX ports RJ 45 connector autosensing Up to 720 10 100BASE TX ports Te...

Page 32: ...backplane capacity in Fabric mode 2 Under subscribed switching fabric in most configurations Single copy replication Input frames destined for multiple output switch ports pass through the crossbar on...

Page 33: ...r Allocation The switch uses dynamic power allocation when the amount of available power changes For example one power supply is turned on and you add another power supply or two power supplies are tu...

Page 34: ...itch management The supervisor module is part of the path that some packets take through the system Figure 1 2 illustrates a conceptual diagram of the supervisor module s functions Figure 1 2 Layer 3...

Page 35: ...orted 64 v5 00 01 6 0 or later Does not boot Unsupported 64 v6 00 00 Earlier than 6 0 Boots Unsupported 64 v6 00 00 6 0 or later Boots but displays the following error message WARNING The current vers...

Page 36: ...million packets per second of minimum sized Ethernet frames Note All layer 3 modules interoperate with layer 2 modules The ATM Uplink module provides LAN Emulation LANE connectivity over an ATM netwo...

Page 37: ...with RJ 21 Telco connectors layer 2 support 10 100 HDX FDX 100M M5510R 100FX 10 Port 100BASE FX module with SC connectors layer 2 and layer 3 support 1300 nM HDX FDX multimode fiber 2 Km M5512R 100TX...

Page 38: ...er M5502R 1000LX F 2 Port Full Duplex 1000BASE LX module layer 2 and layer 3 support 1310 nM optics 5Km singlemode fiber M5502R 1000SLX F 2 port 1000BASE SLX module layer 2 and layer 3 support 1310nM...

Page 39: ...es up to 10km 1000BASE ELX 1550 nM for singlemode fiber for distances up to 80km Note If you use the 1000BASE SX GBIC with single mode fiber you must use mode conditioning patch cords with a maximum d...

Page 40: ...NE V2 Client with LANE 1 compatibility supports 128 interfaces M8004R 1000T 4 Port 1000BASE T module with RJ 45 connectors layer 2 and layer 3 support 100M M8008R 1000T 8 Port 1000BASE T module with R...

Page 41: ...etwork Interface non transit Link Failover Spanning Tree Load sharing Note All ATM protocols are ATM Forum standard See Avaya P550R P580 P880 P882 Multiservice Switch ATM Uplink Module User Guide for...

Page 42: ...es For information on HTTPS see Chapter 4 Security RADIUS Client Support RADIUS is a service that authenticates users when they attempt to log in to a Network Access Device NAD such as an Avaya switch...

Page 43: ...ipes to transport traffic through the highest traffic areas of your network You can create hunt groups that interoperate with other vendors equipment for example Cisco s Etherchannel and Sun s Quad Ad...

Page 44: ...to provide fast fail over for hosts if the default gateway fails For information on VRRP see Chapter 12 Configuring IP Routing N 1 power Power supplies share the power supply load If one fails the re...

Page 45: ...forward the packet with a specific priority 0 7 forward the traffic with an unchanged priority or filter packets drop For information on access lists see Chapter 13 Configuring Access Lists IP Multic...

Page 46: ...For more information on 50 series buffers and queues see Chapter 24 Managing Buffers and Queues on 50 Series Modules 80 Series QoS Quality of Service QoS is a set of tools that make it possible for y...

Page 47: ...aces Ports become members of VLANs by being assigned or by rules Multiple VLANs can share a single trunk port In contrast multiple physical ports can be associated with a single VLAN In all cases traf...

Page 48: ...dule and forwarding tables address caches of media modules based on those frames This process creates three distinct results All known learned layer 3 traffic that requires routing is routed directly...

Page 49: ...on referred to as the FORE path or Fast Out of Bands Routing Engine since the routing is accomplished in the hardware of either supervisor module Figure 1 3 shows how traffic is routed in a switch Fig...

Page 50: ...1 24 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 1...

Page 51: ...net Managing Configuration Files Note The last step in each procedure tells you to Click APPLY to save the setup or changes that you made This step saves the setup or any changes to the running config...

Page 52: ...r active or standby to another chassis you must initialize NVRAM on the module nvram initialize CLI command If you do not initialize NVRAM before moving a supervisor module to another chassis and assi...

Page 53: ...line interface prompt displays You must now change the command mode to the Global Configuration mode so that you can use the setup command 6 Perform the following steps to change the command mode to...

Page 54: ...e brief series of questions that follows will help you to configure this switch After completing this process you will be able to manage the switch using the switch based HTTP server the Element Manag...

Page 55: ...Table 2 2 for an explanation of the pinouts for the 10Base t crossover patch cable Using Telnet to Manage the Switch You can manage the Avaya Multiservice switch several ways In addition to managing...

Page 56: ...3 to 9998 on switch 192 168 0 126 enter telnet 192 168 0 126 9998 to start a Telnet session For information on how to change the TCP port for Telnet requests see Changing the TCP Ports for HTTP and Te...

Page 57: ...ph Viewing Active Telnet Sessions To view active Telnet sessions on the switch enter the show sessions command as shown in the example below A list of active telnet sessions is displayed Welcome to th...

Page 58: ...an HTTPS connection to manage the switch see HTTPS Using SSLv3 or TLSv1 in Chapter 4 Security Although this manual provides detailed procedures for using the Web Agent to configure the switch the CLI...

Page 59: ...ge the TCP port from 80 to 9999 on switch 192 168 0 126 enter http 192 168 0 126 9999 to open the Web Agent For information about how to change the TCP port for HTTP requests see Changing the TCP Port...

Page 60: ...e To optimize security change the root password for the system as soon as possible Figure 2 3 General Information Web Page Logging Out of the Web Agent To exit the Web Agent securely you must log out...

Page 61: ...2 Click Logout The Logout Web page is displayed in the content pane See Figure 2 4 Figure 2 4 Logout Web Page 3 Click YES to log out 4 Close all other open Web browser windows Configuring Custom Acces...

Page 62: ...to his or her user account The switch supports a maximum of 30 custom access types This section contains procedures for the following tasks Creating a Custom Access Type Modifying a Custom Access Type...

Page 63: ...ible Features list select the permission that you want to assign the custom access type Read Write allows users to view and modify settings for the feature Read Only allows users only to view settings...

Page 64: ...tent pane See Figure 2 5 2 In the Type Name field select the custom access type that you want to modify 3 Click Modify The Modify Custom Access Type Web page is displayed in the content pane See Figur...

Page 65: ...a custom access type you must specify read only read write or no permission when you use the set custom access type command to modify a custom access type Deleting a Custom Access Type Web Agent Proc...

Page 66: ...command configure no custom access type cat name Configuring User Accounts This section contains procedures for the following tasks Configuring User Account Security Creating a User Account Modifying...

Page 67: ...is field are 3 to 99 login attempts 4 In the Timeout Limit secs field enter the number of seconds that you want a user account disabled when the limit for login attempts is exceeded Once the timeout l...

Page 68: ...BOOT APP1 and APP2 images to the switch Update the software on a module Access the Load MIB Note To log in to the ATM Uplink module a user must Have read write access to the Modules and Ports Managem...

Page 69: ...Do not use a combination of the following special characters for the password or 6 In the Re enter Password field reenter the password that you entered in the Password field 7 In the Expiration Period...

Page 70: ...erfaces from which the user can manage the switch The options are Local CLI User can manage the switch from the serial console on the supervisor module Remote CLI User can manage the switch by means o...

Page 71: ...or the password or b In the Re enter New Password field reenter the password that you entered in the New Password field 6 To change the number of weeks for which the user account is valid change the s...

Page 72: ...all local cli remote cli web To modify the expiration period or expiration warning for a user account configure username name exp period exp period exp warning exp warning To modify the status of a us...

Page 73: ...lowing CLI command password passwd Disabling a User Account For security reasons you may want to disable certain user accounts such as the manuf and diag accounts Web Agent Procedure To disable a user...

Page 74: ...displayed in the content pane See Figure 2 13 Figure 2 13 Delete User Account Web Page 5 Click YES to delete the user account CLI Command To delete a user account use the following CLI command configu...

Page 75: ...configure the serial port as a TTY console using either the Web Agent or the CLI Web Agent Procedure To configure the console serial port as a TTY Console using the Web Agent 1 Select Console Configur...

Page 76: ...r changes or CANCEL to clear your selection CLI Command To configure the console serial port as a TTY Console use the following CLI command configure set console type tty ppp Table 2 4 Console Port Co...

Page 77: ...a modem to your switch with the specified serial cable and connectors and configure the serial port in PPP mode the switch will convert the normal Distributed Computing Environment DCE interface to a...

Page 78: ...yed as the Console Type Figure 2 17 Note If you select PPP the PPP Console Port Configuration Web page opens Figure 2 17 PPP Console Configuration Web Page 3 Select a baud rate from the Baud Rate fiel...

Page 79: ...ion 6 Click APPLY to save your changes or CANCEL to clear your selection Note If you click Apply the changes are saved in the Running config only The Startup config has not changed Therefore these and...

Page 80: ...word prompt The switch CLI prompt displays Enter the PPP configuration commands necessary to start PPP See Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6...

Page 81: ...ow The Modem Properties window re opens 12 Select the Options tab The Options window opens 13 Select Bring up terminal window after dialing from the Connection Control field Select OK The Modem Proper...

Page 82: ...PC 3 Double click the PPP modem you previously created The Connect To window opens 4 Enter your password and select Connect A Pre Dial Terminal Screen opens When the modem has successfully connected a...

Page 83: ...ols the change takes effect immediately and all connections through the previous port number are disconnected Any changes that you make to these TCP port numbers are retained if you reset the switch o...

Page 84: ...SH enter the port number that you want to use Valid port numbers are 22 or a port number from 9000 through 65535 The default port for SSH is port 22 5 To change the TCP port for HTTP requests in the P...

Page 85: ...name to start a Telnet session For example if you change the TCP port from 23 to 9998 on switch 192 168 0 126 enter telnet 192 168 0 126 9998 to start a Telnet session Opening the Web Agent After cha...

Page 86: ...ng configuration The switch does not support this activity If you need to reapply the startup configuration restart the switch Note If you initialize NVRAM nvram initialize command all switch settings...

Page 87: ...file data from the Script Execution Log File using either the Web Agent or the CLI Web Agent Procedure To view your Script Execution Log File from the Web Agent select Script Log File from the Config...

Page 88: ...nsion Important Do not copy the startup configuration to the running configuration The switch does not support this activity If you need to reapply the startup configuration restart the switch Web Age...

Page 89: ...ext files and BOOT APP1 and APP2 images You can copy files to and from multiple locations For example if you modify the running configuration and you want to reinstate your startup configuration param...

Page 90: ...ifies the path and name of the source file Source files can be ASCII files in NVRAM available for upload or files located on a TFTP server available for download Copy Destination Specifies the locatio...

Page 91: ...our startup or running configuration another file located on the switch or a file located on a TFTP server to a file on the switch TFTP Server Copies your startup or running configuration or another f...

Page 92: ...t files copied correctly Web Agent Procedure To view the status of a TFTP transfer using the Web Agent 1 Select File Management from the System Configuration Configuration Files group in the navigatio...

Page 93: ...eset Note The last step in each procedure tells you to click Apply to save the setup or changes that you made This step saves the setup or any changes to the running configuration only The startup con...

Page 94: ...location Device contact To enter general system information from the Web Agent 1 Select General Information from the System group on the Web Agent window The General Information dialog box opens Figur...

Page 95: ...of Summer Time Hours for your location For information about setting one time summer hours see Setting One Time Summer Time Hours later in this chapter For information about setting Summer Time Hours...

Page 96: ...of moving clocks ahead to provide greater amounts of daylight in the afternoon and to standardize time with other parts of the world In many parts of the world the Summer Time Hours algorithm is base...

Page 97: ...mmer Time Hours Algorithm before you set the clock Setting Recurring Summer Time Hours You can set recurring summer time hours using either the Web Agent or the CLI Web Agent Procedure To set recurrin...

Page 98: ...mple if you intend to reset the clock forward or backward by one hour keep the default value of 60 minutes 5 Set the Summer Time Hours that recur annually a Select the check box in the Recurring field...

Page 99: ...and month that you want the Summer Time Hours begin and end Start Specifies the start of Summer Time Hours End Specifies the end of Summer Time Hours Week Select the week during which you want recurri...

Page 100: ...hen recurring Summer Time Hours start or end The twelve months of the Gregorian calendar are provided For recurring Summer Time Hours the default Start value is April the month during which DST starts...

Page 101: ...o reset the clock forward or backward by one hour keep the default value of 60 minutes 5 Select the check box next to the One Time field to set the date and time for Summer Time Hours on a one time ba...

Page 102: ...ch Note You must set SNTP and Summer Time Hours before you can set the system clock See Enabling the Simple Network Time Protocol and Setting Summer Time Hours earlier in this chapter Note The system...

Page 103: ...you set are reached Shutdown Temperature The switch shuts down if this temperature is reached Upper Warning Temperature The switch generates an alarm if this temperature is reached If the Shutdown Tem...

Page 104: ...lot 2 Sensor column displays Note You cannot change settings for the backplane temperature sensors on the P882 If you attempt to change the settings the switch displays the following error message Set...

Page 105: ...ature supervisor slot backplane sensor cpu sensor probe warning upper lower low limit temperature Displaying the Power System Statistics You can display the statistics for your switch s power system f...

Page 106: ...stem Statistics You can display the statistics for your switch s cooling system from either the Web Agent or CLI Web Agent Procedure To display your switch s cooling system statistics using the Web Ag...

Page 107: ...the Status column to ensure that all the individual components are operational 3 If a component s status is non operational power down the switch and contact a service representative to diagnose the...

Page 108: ...ith the Supervisor Module for details 1 Select System Reset from the System group on the Web Agent window The System Reset Page dialog box opens Figure 3 11 Figure 3 11 System Reset Page Window 2 Sele...

Page 109: ...nformation about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Secure Mode Overview Important A...

Page 110: ...lly reenabled if SNMP v3 is enabled SNMPv3 remains in its current state enabled or disabled SNMPv3 remains in its current state enabled or disabled HTTP and Telnet are automatically disabled HTTP and...

Page 111: ...public key can be displayed and is used by remote clients to connect to the server When a client tries to connect to the server the server provides the public key to the client Depending on the config...

Page 112: ...SSH Server Displaying SSH Connections Using the SSH Client Enabling SSH on a TCP Port Before you can enable SSH you must disable the Telnet port You can however change the SSH port without disabling...

Page 113: ...avigation pane expand the System Administration folders 2 Click TCP Ports The TCP Ports Web page is displayed in the content pane See Figure 4 1 3 In the State field for SSH select Disable 4 Click App...

Page 114: ...DSA 4 In the Key Length field select 768 1024 or 2048 bytes The default is 1024 bytes 5 Click Generate New Key 6 Click Apply CLI Command To generate SSH key pairs and save them on the local server us...

Page 115: ...server Enabled or disabled TCP Port The TCP port on which SSH runs Port 22 is the default port To configure SSH 1 In the navigation pane expand the System Administration Security SSH folders 2 Click...

Page 116: ...This functionality is available only in the CLI You cannot use the Web Agent to display all current SSH sessions Sample Output Sample output of the show ssh sessions command is as follows SessionId Us...

Page 117: ...lished by Netscape Communications Corporation The Internet Engineering Task Force IETF defines TLS in RFC 2246 as the successor of SSL v3 SSL and TLS use certificates and public and private keys to se...

Page 118: ...iguration Creating a Self Signed SSL Server Certificate Viewing the Server Certificate Enabling SSL HTTPS Restarting SSL HTTPS Reverting to a Backup Certificate Supported Cipher Suites The P580 and P8...

Page 119: ...tes CLI Command To view the available cipher suites use the following CLI command show ssl ciphers Viewing the SSL Configuration Web Agent Procedure To view the SSL configuration 1 In the navigation p...

Page 120: ...e certificate to take effect For information on how to restart SSL see Restarting SSL HTTPS later in this chapter To create your X 500 distinguished name which is unique across the internet you need t...

Page 121: ...t Country Code Enter your country code State or Province full name Enter your state or province City Enter the name of your city Organization or Company Name Enter your organization or company name Di...

Page 122: ...is chapter CLI Command To create a self signed certificate use the following commands To create a CSR configure ssl certreq 512 1024 To self sign the CSR configure ssl selfcert Viewing the Server Cert...

Page 123: ...Document No 650 100 700 Issue 1 4 15 Security Figure 4 6 SSL Server Certificate Web Page CLI Command To view the SSL certificate use the following CLI command show ssl cert...

Page 124: ...65 535 The default port for SSL HTTPS is 443 5 In the State field for SSL HTTPS select Enable SSL HTTPS is disabled by default 6 Click Apply SSL HTTPS is enabled on the specified port CLI Command To e...

Page 125: ...verting to a Backup Certificate Overview You can revert back to a backup version of the SSL server certificate If you revert to a backup certificate the current certificate is renamed and made the bac...

Page 126: ...e parameters Once the RADIUS server receives the access request message it searches its database for the user account If it finds an account the password is correct and the optional parameters match a...

Page 127: ...all of the user accounts that can log into Avaya switches in a campus environment In this campus there are two teams of network administrators one team for the North campus and one for the South campu...

Page 128: ...et the Group name is sent along with the Access Request message to the RADIUS server The RADIUS server will send an Access Accept message if the user name password and Group name match that of the use...

Page 129: ...ogin is found and correct then the RADIUS server responds with an Access Accept message that includes the user s privileges Provided the user account has the right Management Type for example Web Agen...

Page 130: ...granted Read Only permission using the CLI either Telnet or serial cable to the supervisor s console port define the Avaya Vendor Specific Attributes ATTRIBUTE Avaya Service Type ATTRIBUTE Avaya Mgt T...

Page 131: ...Type Avaya Remote CLI Sample Client File The following is a sample Client file Client files hold the IP address es of the NADs and their associated Shared Secrets Client files may vary from vendor to...

Page 132: ...4 24 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 4 Figure 4 7 RADIUS Web Page 2 Select Enable from the Enable State field pull down menu...

Page 133: ...racters case sensitive This value is itself encrypted and will not be displayed anywhere Web Agent or CLI once set It can be changed by simply entering in a new shared secret Source IP Address Enter a...

Page 134: ...1645 only Switch Service Type Required If enabled the switch will only honor Access Accept messages that have the correct Group name included This setting prevents the switch from incorrectly allowing...

Page 135: ...the HMAC SHA or HMAC MD5 authentication protocol Timeliness checks of the PDU to ensure that it has not been delayed or replayed Ability to define which MIB objects and table rows that specific users...

Page 136: ...between Version 1 Version 2 and Version 3 of the Internet Standard Network Management Framework RFC 3411 STD 62 An Architecture for Describing SNMP Management Frameworks RFC3412 STD 62 Message Proces...

Page 137: ...The NMS stores the non localized key and generates the localized key only before sending a PDU to the switch Each time you create a new SNMP user the switch generates and stores the localized key for...

Page 138: ...rts it in all PDUs that it sends to the switch The switch discards any PDUs that contain The incorrect number of switch reboots A 150 second or greater discrepancy in the number of seconds since the l...

Page 139: ...DMIB and usmStats Table of snmpUsmMIB internet Includes all MIB objects including the USM and VACM MIBs The view is created for administrative SNMPv3 users and is assigned to the predefined internet g...

Page 140: ...not assign the internet group to a community string The group requires both authentication and encryption which community strings do not support noAccess Provides only notify access to the internet v...

Page 141: ...administrator only normalRO Provides read only access to the normal view public normalRW Provides read write access to the normal view admin Includes the MIB objects that the admin security level inc...

Page 142: ...rts the SNMPv1 responses to SNMPv3 responses and forwards them to the originator of the initial request To identify a PDU as destined for the ATM Uplink module the NMS inserts the engine ID and contex...

Page 143: ...nmpCommunityTable to convert the PDU to an SNMPv1 PDU and then send it to the ATM Uplink module 4 The ATM Uplink module receives and processes the PDU and sends its response to the supervisor module 5...

Page 144: ...ers by using SNMP You must have administrator access to the switch to create the SNMPv3 administrator The administrator can however give specific user groups read write access to the USM and VACM MIBs...

Page 145: ...ess to the USM and VACM MIBs Users assigned to those user groups can then use SNMPv3 to create or modify SNMPv3 users To prevent SNMPv1 or v2 access to the USM or VACM MIBs assign views that include t...

Page 146: ...r Definition username User name for the SNMPv3 user The user name can range from 1 to 32 alphanumeric characters sha Authenticates the user by means of HMAC SHA md5 Authenticates the user by means of...

Page 147: ...e the following CLI command configure snmp server group groupname noAuth auth priv read readview write writeview notify notifyview Table 5 6 provides an explanation of the command keywords and variabl...

Page 148: ...ollowing CLI command configure no snmp server group groupname noAuth auth priv If multiple groups have the same group name you must enter the appropriate security keyword noAuth auth or priv to delete...

Page 149: ...username User name for the SNMPv3 user The user name can range from 1 to 32 alphanumeric characters Important Do not assign a community string and SNMPv3 user the same name groupname Name of the grou...

Page 150: ...d SNMPv3 users use the following CLI command show snmp user username auth password The authentication password for the user Text passwords can range from 8 to 64 characters Localized HMAC SHA hashed p...

Page 151: ...or No if disabled Localized encryption key of the user if encryption is enabled For information on localized keys see Authentication and Encryption Deleting a User To delete an SNMPv3 user use the fo...

Page 152: ...for the following tasks Creating or Modifying a Community String for the Switch Creating or Modifying a Community String for the ATM Uplink Module Viewing Configured Community Strings Setting the Trap...

Page 153: ...do not support authentication or encryption ip addr The IP address from which the community string is valid Trap messages are sent to this IP address if you enter the notify option notify Sends trap m...

Page 154: ...g a Community String SwitchCommunity String To delete a community string for the switch use the following CLI command configure no snmp server community community string ip address Table 5 11 provides...

Page 155: ...show snmp command For information on this command see Viewing the SNMP Status Table 5 13 provides an explanation of the command variable SNMP To set the administrative contact for the switch use the s...

Page 156: ...witch use the sysLocation object OID 1 3 6 1 2 1 1 6 The complete path to this object is iso 1 org 3 dod 6 internet 1 mgmt 2 mib 2 1 system 1 sysLocation 6 Disabling or Reenabling SNMP Disabling SNMP...

Page 157: ...ing SNMP Viewing the SNMP Status To view the status of SNMP use the following CLI command configure show snmp This command displays the status of SNMP enabled or disabled and the administrative contac...

Page 158: ...5 24 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 5...

Page 159: ...ns how they operate and provides procedures for creating VLAN s Need for VLANs If a traditional bridge receives a frame with a broadcast multicast or unknown destination address it forwards the data t...

Page 160: ...ports on one or more media modules on a switch or on different switches VLANs are limited broadcast domains meaning all members of a VLAN receive every broadcast packet seen by members of the same VLA...

Page 161: ...led on a switch port by selecting a Trunk mode for that port clear IEEE 802 1Q or Cisco Multi Layer mode A trunk port can send frames in clear mode with no VLAN ID or the VLAN ID over the same trunk A...

Page 162: ...AN There are two ways in which frames are classified to VLANs Untagged frames are classified to the VLAN associated with the port on which the frame is received Port based VLANs Tagged frames are clas...

Page 163: ...cast traffic of other VLANs will be sent onto this link and into the switch on the other end unnecessarily increasing the control plane load on the supervisor and increasing the chance for harmful lay...

Page 164: ...ple VLANs to a single port If you use the CLI to statically bind multiple VLANs to a single port do not attempt to use the Web Agent to statically bind additional VLANs to the port or remove existing...

Page 165: ...discard If you enable Automatic VLAN Creation AND set VLAN Binding type to Bind to Received make sure that you set the binding type before enabling AUTOMATIC VLAN CREATION or else the port may not be...

Page 166: ...lick CREATE The Create VLAN dialog box opens Figure 6 4 Figure 6 4 Create VLAN Dialog Box 3 Enter a name for the VLAN in the Name field 4 In the ID field enter an unused VLAN ID value between 2 to 409...

Page 167: ...der to support the maximum number of VLANs VLAN ID numbers should be chosen from the range of 1 to 1000 Initial Hash Table Size For every VLAN created a hash table is allocated of the initial size The...

Page 168: ...guration dialog box opens Figure 6 3 2 Click on the Name of the VLAN whose members you want to view The VLAN Switch Ports dialog box opens Figure 6 5 Figure 6 5 VLAN Switch Ports Dialog Box 3 See Tabl...

Page 169: ...witch port is assigned to VLAN using automatic VLAN binding i e if the binding for a switch port is set to Bind to Received The VLAN may be deleted but if the port VLAN binding is Bind to Received the...

Page 170: ...s all ports in the hunt group to the new VLAN Using Hunt Groups to Aggregate Bandwidth Overview Hunt groups allow you to aggregate multiple switch ports to act as one switch port effectively combining...

Page 171: ...e speed same media type connections in a group The group is not restricted to a single module in a switch Quicker recovery from link failure If a port in the group fails the remaining ports carry the...

Page 172: ...visor module always has Forwarding Engines numbered one and two For a 7 slot P580 switch numbers one and two for the Supervisor module and up to eight per media module slot for a maximum total of 50 F...

Page 173: ...is is different for the 50 series modules The twelve port layer 3 50 series media module all twelve ports are associated with one Forwarding Engine for layer 3 traffic and one Forwarding Engine for la...

Page 174: ...nship Table 6 3 Module Forwarding Engines and Fabric Ports Module Type Total Number of forwarding engines Number of Fabric Ports Description 80 series M8000R Supervisor 2 1 FORE port CPU 80 series 24...

Page 175: ...ort Gigabit Fiber layer 2 2 2 1 forwarding engine to 1 fabric port 50 series 2 port Gigabit Fiber layer 3 4 2 1 forwarding engine to 1 fabric port 50 series 4 port Gigabit Fiber layer 2 4 2 2 forwardi...

Page 176: ...3 ports but not a mix Can have a mix of 80 series and 50 series as long as they are the same bandwidth and all layer 2 or all layer 3 but not a mix A hunt group cannot be distributed between more than...

Page 177: ...The Hunt Group Configuration Web page is displayed in the content pane See Figure 6 9 Figure 6 9 Hunt Group Configuration Web Page 3 Click CREATE The Create Hunt Group Web page is displayed in the con...

Page 178: ...o restore previous settings CLI Commands Use the following CLI commands to configure a hunt group To create a hunt group configure set huntgroup huntgroup name load sharing enable disable To enable or...

Page 179: ...No 650 100 700 Issue 1 6 21 Using VLANs Hunt Groups and VTP Snooping Figure 6 11 Module Information Window 2 Select a port number from the Ports column The Physical Port Configuration window opens Fig...

Page 180: ...otiation should be disabled on the ports to further ensure against speed mismatch If this is a new hunt group disable all of the ports you are adding to the hunt group If you are adding ports to an ex...

Page 181: ...1 6 23 Using VLANs Hunt Groups and VTP Snooping Figure 6 13 Switch Ports Window 3 Select the name of the port you want to configure from the Name column The Switch Port Configuration window for that...

Page 182: ...and P882 Multiservice Switches v6 0 Chapter 6 Figure 6 14 Switch Port Configuration Window 4 Select the hunt group assignment from the Hunt Group pull down menu 5 Click APPLY to save your changes or C...

Page 183: ...to restore previous settings Note If thousands of addresses have been learned on a port and a link in the hunt group goes down the switch over of traffic between ports may take several seconds Note If...

Page 184: ...to a hunt group using the CLI enter the following command from Configure mode configure set port huntgroup mod num mod swport range mod num mod swport range huntgroup name Removing Ports from Hunt Gro...

Page 185: ...e setting Valid Trunk Mode options that work with VTP Snooping are Cisco Inter Switch Link Multi layer and IEEE 802 1Q VLAN additions deletions and name changes made on the network s Cisco VTP server...

Page 186: ...t Procedure To configure VTP snooping using the Web Agent 1 Select Configuration from the Modules Ports folder on the Web Agent window The Module Information window opens see Figure 6 11 2 Select the...

Page 187: ...ame associated with the Cisco VTP Domain The default is Null not set Changing this parameter automatically clears the learned VTP information the remaining parameters in this table Note The domain nam...

Page 188: ...nfigure set vtp snooping enable Updater Identity Displays the IP address of the Cisco switch that initiated the VTP configuration update Update Timestamp Displays the date and time that the Cisco swit...

Page 189: ...th through the network and then blocks any redundant paths STP first identifies a root switch and then identifies the most efficient path from the root switch to each switch in the network Any redunda...

Page 190: ...her to detect and break loops in the network Interoperability is achieved by the ability of RSTP to detect the presence of bridges running STP and to operate in common spanning tree mode When an RSTP...

Page 191: ...bridge does not have a root port Designated ports provide the lowest cost path from a network segment to the root bridge Each network segment has one designated switch on which one port is designated...

Page 192: ...All ports with STP configured belong to the same spanning tree domain and rules are as defined in IEEE802 1D BPDUs are as defined by 802 1D and are sent out Clear on each link regardless of whether or...

Page 193: ...e Domains The only other constraint is to limit the number of outgoing BPDUs It is required that the number of outgoing BPDUs be less than 500 second on all multiservice switches This means that if yo...

Page 194: ...ains and the legacy domain the proprietary BPDU is seen returning to the Multilayer domain through the legacy domain and the loop is blocked The Dual Layer Spanning Tree method is preferred when inter...

Page 195: ...global spanning tree options on the switch 1 In the navigation pane expand the L2 Switching folder 2 Click Spanning Tree The Spanning Tree Information Web page is displayed in the content pane See Fig...

Page 196: ...her point Note When the Spanning Tree mode is set to IEEE 802 1D bridge protocol data units BPDUs are sent out ports in Clear non tagged format even if the port has a tagged format 3Com IEEE 802 1Q or...

Page 197: ...with In the Dual Layer Spanning Tree model the switch terminates all 802 1D Spanning Tree Domains The switch does not forward 802 1D BPDUs or participate in any 802 1D Spanning Tree Domains It only p...

Page 198: ...bal Spanning Tree Information Field Definition Configuration Type of Spanning Tree that the switch is running Options are IEEE 802 1D Per VLAN Dual Layer and Disable Protocol Version Version of Spanni...

Page 199: ...displayed in the content pane See Figure 7 2 3 In the Bridge field click the bridge that you want to configure The Spanning Tree Bridge Configuration Web page is displayed See Figure 7 3 Figure 7 3 Sp...

Page 200: ...ting is 20 seconds Bridge Hello Time The time between generation of BPDUs by the root bridge The valid range for this field is 1 to 10 seconds The default setting is 2 seconds Bridge Forward Delay The...

Page 201: ...priority priority value 802 1D vlan vlan id name vlan name Path Cost Default The type of default path costs that ports in this bridge will use Options are common spanning tree uses the 16 bit default...

Page 202: ...anning tree 802 1D vlan vlan id name vlan name To view the current configuration and status of the bridge show spantree all 802 1D vlan vlan id name vlan name Viewing Bridge Port Information Web Agent...

Page 203: ...ng Tree Bridge Port Information Web Page Table 7 4 Spanning Tree Bridge Port Information Field Explanation Bridge Port Bridge port number Port Physical port number of the bridge port Name Name that is...

Page 204: ...g Tree to forward traffic and is forwarding traffic currently Designated Root Root bridge for this spanning tree Designated Cost The path cost to the designated root of the segment that is connected t...

Page 205: ...the Bridge Ports field click the bridge for which you want to configure a port The Spanning Tree Per Module Bridge Port Information Web page is displayed in the content pane 4 In the Bridge Ports fiel...

Page 206: ...chosen as the primary path in the spanning tree when there are two or more paths of equal cost The valid range for this field is 0 to 240 in increments of 16 The default setting is 128 Administrative...

Page 207: ...oup For example if a hunt group comprises four 1 GB ports and the operational path cost for one port is 20 000 the operational path cost for the hunt group is 5 000 20 000 4 If Administrative Path Cos...

Page 208: ...t port spantree force protocol migration mod swport range mod swport range 802 1D vlan vlan id name vlan name Force BPDU Migration Clicking SEND RSTP BPDU in this field forces the bridge port to send...

Page 209: ...ane expand the Modules Ports folder 2 Click Configuration The Module Information Web page is displayed in the content pane 3 In the Switch Ports field click the switch ports that you want to configure...

Page 210: ...7 22 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 7 Figure 7 6 Switch Port Configuration Web Page...

Page 211: ...port as connected to a point to point link ForceFalse Defines the port as connected to a shared LAN segment Auto Automatically detects whether the port is connected to a shared link or a point to poi...

Page 212: ...settings for a switch port To enable or disable Spanning Tree on a port configure set port spanning tree mode mod num mod swport range mod num mod swport range disable enable To specify whether a port...

Page 213: ...covery For more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Two Categories...

Page 214: ...If a non autonegotiating device running FD is connected to a negotiating device the negotiating device runs at HD and the link does not operate properly Note A Gigabit Ethernet device negotiates at HD...

Page 215: ...00Base T4 3 100Base TX 4 10Base T full duplex 5 10Base T half duplex Note T4 100 Mbps with 8B 6T coding scheme Once the greatest common denominator of settings is determined each device equipped with...

Page 216: ...the remote switch of the fault The remote switch then shuts down the remote port If the receive signal is restored on the local port the local port sends a message to the remote switch which then turn...

Page 217: ...ically disabled If the switch is operating in Fabric mode 1 80 series Gigabit modules support remote fault detection on only one port If you enable remote fault detection on more than one port a loss...

Page 218: ...Respond Only option With 10 100 links you can use the Enable with Aggressive Backoff option to enable Active Backpressure creation of a collision on a link Active Backpressure only applies to HD links...

Page 219: ...ed frames received on the port are classified Note that a port has exactly one Port VLAN Changing this to a new VLAN removes the port from the old VLAN Setting the VLAN Binding attribute in the Switch...

Page 220: ...ll be sent with no tagging Static 802 1Q Multi layer Ingress Untagged frames are classified to the VLAN associated with the port on which the frame is received Tagged frames are classified to the VLAN...

Page 221: ...h unknown VLAN IDs For Multi layer if a tagged frame is received but the VLAN for that tagged frame does not exists on the switch that frame will be dropped Forwarding All broadcast frames from all VL...

Page 222: ...looding domain of the selected VLAN This is an alternative to using Bind to Received 802 1Q Multi layer Ingress Untagged frames are classified to the VLAN associated with the port on which the frame i...

Page 223: ...lso referred to as overlapping VLANs it is NOT recommended on clear non trunked ports due to the impact it has on the network The impact is that destination unknown unicast packets are flooded on the...

Page 224: ...s if Known Mode is set to enable on the port which stops the flooding of destination unknown unicast packets If you had many clients servers on separate VLANs and they tried to communicate over multip...

Page 225: ...navigation pane expand the Modules Ports folder 2 Select Configuration The Module Information Web page is displayed in the content pane Figure 8 2 Figure 8 2 Module Information Web Page 3 In the Ports...

Page 226: ...t Module 4 In the Enable column select the checkbox to enable the port 5 Click APPLY to save your settings or CANCEL to restore previous settings 6 In the Name column select the port name 7 The Detail...

Page 227: ...the port 10 In the Flow Control Mode field select one of the following options Enable Sets the port to both send and receive pause signals This setting prevents buffer overflows on both local and rem...

Page 228: ...tch generates only log messages for the port It does not generate alarm messages SNMP traps This setting prevents the network management station trap receiver from being overwhelmed by port status mes...

Page 229: ...Sets the port to both send and receive pause signals This setting prevents buffer overflows on both local and remote port Disable Sets the port to neither send or receive pause signals Use this settin...

Page 230: ...ort from the Ports column for the Gigabit module that you want to configure The Physical Port Configuration dialog box for that module opens Figure 8 5 Figure 8 5 Physical Port Configuration Dialog Bo...

Page 231: ...able Sets the port to both send and receive pause signals This setting prevents buffer overflows on both local and remote port Disable Sets the port to neither send or receive pause signals Use this s...

Page 232: ...sical Port dialog box parameters Table 8 4 Detailed Physical Port Dialog Box Parameters Parameter Definition Name A user definable name for this port possibly a drop connection name or the name of the...

Page 233: ...overflows on the local port but not on the remote port Enable Receive Only Sets the port to only receive and respond to pause signals from the remote port This setting prevents buffer overflows on the...

Page 234: ...link at startup Configuring Physical Ports on Fast Ethernet Ports You can configure ports on a Fast Ethernet module using either the Web Agent or CLI commands Web Agent Procedure To configure ports o...

Page 235: ...heckbox is checked in the Enable column To change the enable remove the check in the checkbox 5 If you change the enable checkbox Click APPLY to save your settings or CANCEL to restore previous settin...

Page 236: ...sired or use the default name 8 Select one of the following from the Category field pull down menu User Port if this is an end station port Service Port if this is a trunk port 9 Select a speed 10 Mb...

Page 237: ...e field pull down menu to enable Auto Negotiation Note This feature is only available for 10 100 TX modules Auto Negotiation works best when the port or device on the other end of the connection is al...

Page 238: ...ffer being overwhelmed 16 Select the percentage of a port s traffic that can be unknown unicast and broadcast packets from the Flood Rate Limit Rate field pull down menu Note Set this value lower if t...

Page 239: ...led this setting is ignored Duplex Mode Select the port duplex mode half or full duplex If auto negotiation is enabled this setting is ignored Flow Control Mode Determines if flow control is used on t...

Page 240: ...by placing a threshold on the percentage of port traffic that can be flooded packets unknown unicasts and multicasts You can also optionally include known multicast packets in this percentage to furth...

Page 241: ...ation The All Ports Configuration dialog box opens 4 See Configuring Physical Ports on 10 Gigabit Ports Configuring Physical Ports on Gigabit Ports and Configuring Physical Ports on Fast Ethernet Port...

Page 242: ...d remove the port from the hunt group simultaneously the switch assigns all ports in the hunt group to the new VLAN Web Agent Procedure To configure switch port parameters using the Web Agent 1 In the...

Page 243: ...figuring Ports Figure 8 9 Switch Port Configuration Dialog Box 4 Enter information in the Web page fields as appropriate See Table 8 6 for an explanation of each field 5 Click APPLY to save your chang...

Page 244: ...Tags Select Ignore if you do not want to use received Frame VLAN tags Use is the default Note If you select ignore the received frames are bound to the port s default VLAN VLAN Binding Select the port...

Page 245: ...articipate in the same hunt group must have the same bandwidth Thus 10 Gigabit ports can participate only in a hunt group that consists of other 10 Gigabit ports Spanning Tree Mode Select Disable to r...

Page 246: ...ent is connected to exactly one other bridge normally with a direct cable between them Only point to point links and edge ports can rapidly transition to forwarding state If you set this field to Auto...

Page 247: ...e software to v6 0 switch ports for which fast start was enabled have Admin Edge Port set to edge port For more information on Rapid Spanning Tree see Chapter 7 Configuring Rapid Spanning Tree Oper Ed...

Page 248: ...n feature does not create entries in 3Com Mapping Tables When a VLAN is created automatically the VLAN name and VLAN ID are derived from the received tagged frame The VLAN name will be created as auto...

Page 249: ...on the switch the packet is forwarded on to the VLAN assigned to the port default VLAN for that port To prevent unintended forwarding of unknown VLAN traffic to the port s default VLAN configure the...

Page 250: ...a VLAN is created manually When a VLAN is created automatically the software assigns the VLAN to the port it is received on if that port is set to Bind to All and Bind to Received Additionally softwar...

Page 251: ...that have unknown destination addresses set the Known Mode field to Enable for all ports on the same VLAN as the port for which you are enabling MAC address lock 5 Set the Intrusion Trap field to Ena...

Page 252: ...trusion trap timer to other than the default setting set port intrusion trap timer mod swport range intrusion trap timer value Using the All Module Ports Configuration Window The All Ports Configurati...

Page 253: ...Switch Ports Configuration All Ports dialog box 4 Select the check box next to the field you want to configure 5 Select an option for the specific field from that fields pull down menu 6 Select Restor...

Page 254: ...for more information about the switch ports Next Previous Module Displays the next or previous module s switch port parameters Table 8 10 Switch Port Parameters Parameter Definition Links Opens associ...

Page 255: ...e on different types of modules For example the primary port can be 10 100 Ethernet and the secondary port can be Gigabit Ethernet Redundancy for ATM ports is not supported If the primary port fails t...

Page 256: ...is not unique to the pair it is assumed that the existing pair is being modified After creating a redundancy pair enable port redundancy globally for all configured pairs See Disabling or Enabling Por...

Page 257: ...port secondary port huntgroup secondary huntgroup name Deleting a Port Redundancy Pair Web Agent Procedure You can delete a port redundancy pair from the Port Redundancy Configuration web page To dele...

Page 258: ...Port Redundancy The Port Redundancy Configuration web page appears Figure 8 12 Port Redundancy Configuration Web Page 3 In the Configuration field select one of the following from the pull down menu E...

Page 259: ...al Port Configuration Web page The type of GBIC that is connected to each port is displayed in the Connector field on this Web page To open the Physical Port Configuration Web page 1 Expand the Module...

Page 260: ...en you or the Network Error Detection and Recovery NEDR feature disable the port However the LED remains solid green If NEDR shuts down a port the switch will forward traffic through a redundant port...

Page 261: ...eshold NEDR logs the event in the event log or disables the port If you set the feature to notify NEDR does not log another event until the rate of CRC errors drops below the falling threshold and the...

Page 262: ...and show port network error detection mod port range If the port is not listed as enabled for NEDR reenable NEDR on the same port or ports again Table 8 11 Keywords Arguments and Options Keywords Argu...

Page 263: ...a redundant protocol is configured off Disables NEDR on the port or ports that you specify The default setting is notify rising threshold value The rising threshold The number of CRC errors that trig...

Page 264: ...th If you do not enable a protocol that supports redundancy on the port and provide an alternate path you may lose traffic if the port shuts down If you replace a module that has a port which has been...

Page 265: ...guration but they still will be subjected to take on the hunt group setting until they are removed from the hunt group To globally enable IEDR for all ports in hunt groups 1 Enter Global Configuration...

Page 266: ...internal error config Viewing IEDR Settings for Hunt Groups To view the global IEDR setting for hunt groups 1 Enter Global Configuration mode The CLI displays the configure prompt 2 Enter the followi...

Page 267: ...config enabled on port 3 2 Internal error config enabled on port 4 1 Internal error config enabled on port 4 2 Internal error config enabled on port 4 3 Internal error config enabled on port 4 4 Slot...

Page 268: ...4 Slot 6 has 10 100 ethernet ports that are unsupported and will not be set Internal error config disabled on port 7 1 Internal error config disabled on port 7 2 Internal error config disabled on port...

Page 269: ...y for the size of the Hash tables the size of the Address Forwarding Tables and the number of VLANs This information is detailed in the following pages in this chapter New address Learning When a MAC...

Page 270: ...eps track of the memory locations where the learned AFT entries MAC addresses are stored These memory locations are referred to as buckets An individual bucket can range in size from 1 to 128 AFT entr...

Page 271: ...her 20K of memory used for the 18 000 MAC entries Hash Table guidelines for creating VLANs Maximum Number of VLANs In order to support the maximum number of VLANs VLAN ID numbers should be chosen from...

Page 272: ...each VLAN number in the range of 1 to 1000 to an index that is the same as the VLAN number In this situation there will never be any collisions See the Maximum Number of VLANs Supported section for va...

Page 273: ...en 1 to 1000 Table 9 2 is an example of the size of the hash table created per the number of VLANs created using the guidelines Table 9 1 Number of Supported VLANs Version of Code Fabric Mode 1 Fabric...

Page 274: ...each VLAN should be 256 or less 45 VLANs times 256 11 520 or 12K This leaves 48K for AFT entries 60K 12K 48K Example 2 VLANs have the different Hash Table Sizes Configuring the Avaya Multiservice swit...

Page 275: ...e ID does not directly correlate to the VLAN ID Initial Hash Table Size 1024 the default setting for the Initial Hash table size Auto Increment HT Size Default setting is True Enable to automatically...

Page 276: ...1 for enabling or disabling Auto Increment HT size Trigger Multiplier The first condition is the Trigger Multiplier which sets a minimum threshold for the number of learned entries a VLAN must have b...

Page 277: ...Total Entries Display how many address entries are contained in the table Address Memory Displays how much address memory is currently being used the amount of memory still available and the largest...

Page 278: ...re set aft super agetime age time value Instance Table Information The Instance Table Information is a summary of a AFT instance or Hash Table settings and utilization per VLAN See Figure 9 2 Instance...

Page 279: ...Box See Table 9 3 for a definition of the Address Table Instance dialog box parameters Table 9 3 Address Table Instance Parameters Parameter Definition VLAN Association Name of the VLAN this Hash tabl...

Page 280: ...Note The number of addresses for a given hash table is 4 1 for example if you have a hash table of 16 bytes the VLAN can hold 64 addresses in its table instance To achieve optimal Bucket Utilization H...

Page 281: ...eshold percentage in the Threshold Util field if you just want to cause the table reconfiguration to occur at a different level of usage efficiency The default value of 40 is recommended for most appl...

Page 282: ...1 Select Address Search from the Address Forwarding Table group on the Web Agent window The Address Entry Search dialog box opens Figure 9 4 Figure 9 4 Address Entry Search Dialog Box Note DISPLAY AL...

Page 283: ...he Search Value column 4 To search using a Port Select the Port check box in the Search By column Select a search variable from the Port field pull down menu The options are Forward Filter and CPU Ent...

Page 284: ...es of entries in the Address Forwarding Table can be modified The port priority and persistence can be changed for learned and management entries 7 To change an entry in the Address Forwarding Table s...

Page 285: ...Port Port associated with this MAC address table entry Valid An entry is valid until it ages out at which time it becomes invalid Aging out occurs when a frame with the entry s MAC address is not rece...

Page 286: ...or a source address or destination address To correct this set Persistence to Permanent Status The status of the address entry Options include Learned Management Self AFT Self Entries 01 80 C2 00 00 0...

Page 287: ...the AFT manually using the Web Agent or the CLI Web Agent Procedure To add an AFT address manually using the Web Agent 1 In the navigation pane expand the L2 Switching Address Forwarding Table folders...

Page 288: ...main in the AFT indefinitely 6 In the Priority field select a priority level for packets that are forwarded to this MAC address Options are None Normal and High High priority addresses move to the fro...

Page 289: ...C address Priorities range from 0 to 7 Port Uses the priority of the physical port Cisco ISL tag or 802 1p tag Note This field applies only to 80 series modules 9 Click APPLY to save your changes or C...

Page 290: ...the suboptions as appropriate in the DHCP Option Circuit Info and DHCP Option 82 Agent Info fields CLI Commands To use the CLI to change the status of option 82 enter Global Configuration mode and use...

Page 291: ...pervisor is installed loaded with the same software version as the Active supervisor and synchronized it is ready to act as a redundant or standby supervisor If the Active supervisor does fail the red...

Page 292: ...Using Hunt Groups to Aggregate Bandwidth in Chapter 6 Using VLANs Hunt Groups and VTP Snooping for more details Redundant Power Supplies Only two power supplies are required to support a fully loaded...

Page 293: ...rward data properly The redundant components are available as separate options Redundant Switch Controllers and Elements Controllers and Elements are located at the rear of the switches When the redun...

Page 294: ...ox window If the Primary controller fails the redundant controller takes over switch controller operation When an element fails diagnostics run automatically to test the hardware Information about a f...

Page 295: ...itch controller with the new switch controller This ensures that the switch checks the status of the new switch controller 3 Insert the previously Primary switch controller into the Redundant Controll...

Page 296: ...re field pull down menu on the Switch Fabric Status dialog box Figure 10 3 3 Click APPLY The Switch Fabric Status should now show the redundant controller and element Available Figure 10 4 4 Save the...

Page 297: ...ble the redundant hardware by using the CLI enter the following command from Enable Configure mode configure set fabric configure redundant hardware enable Replacing the Primary Controller If a Primar...

Page 298: ...s over the operation of the failed Primary controller To replace the failed Primary controller 1 Disable redundant hardware 2 Copy the running config to the startup config 3 Synchronize if you have re...

Page 299: ...py the running config to the startup config 3 Synchronize if you have redundant supervisor modules 4 Power off the switch power supplies To avoid bodily harm and equipment damage you must power off th...

Page 300: ...figure an alternate Ethernet Console IP address for both Configure an alternate IP address for both slot 1 and 2 CPU s by using the Web Agent or the CLI Note Do not Login to a Standby Supervisor modul...

Page 301: ...his is the default gateway that the standby Ethernet console IP interface uses It does not have to match the Active CPU s default gateway The default value is 0 0 0 0 4 The Switch MAC Prefix field dis...

Page 302: ...eb Agent or CLI to perform the synchronization Note If the Active Supervisor module and the Standby redundant Supervisor module are synchronized while the active supervisor module is being heavily use...

Page 303: ...Module Redundancy Statistics The active supervisor periodically sends a health report message to the standby redundant supervisor If the standby supervisor is enabled it responds with a health report...

Page 304: ...supervisor module is inserted into slot 1 the slot 2 supervisor module remains active and sends health reports to the standby supervisor in slot 1 If the slot 2 supervisor is removed reset or fails o...

Page 305: ...e startup configuration file to the standby supervisor Note The P580 and P882 Supervisor modules must be in the same Fabric mode to synchronize To synchronize the active and standby supervisor modules...

Page 306: ...ion Status Displays the functional status of the CPU modules Power Up Reset Image Displays the image the CPU will use upon startup or reset APP1 Version Displays the version of the image in applicatio...

Page 307: ...y In earlier versions of software you had to manually reset the standby supervisor if these settings changed Important If you are updating the boot code you must manually reset the standby supervisor...

Page 308: ...10 18 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 10...

Page 309: ...domains The root name servers handle the domains such as COM EDU GOV etc The master name server Located in the middle of the DNS database tree It contains pointers to the individual name servers for e...

Page 310: ...to the server If recursion is disabled and the server cannot answer the query the server will responds with a Referral answer The client will then use that information to query another DNS server This...

Page 311: ...need only update the DNS database Many vendors provide DNS servers Consult the DNS Server vendor s documentation for information on configuring the DNS server Virtually every IP protocol stack include...

Page 312: ...vaya com domain you need only type the host name without the suffix Avaya configure ping hostA instead of Avaya Configure ping hostA avaya com Order of Operations for DNS on the Avaya Multiservice Swi...

Page 313: ...the DNS query has expired This implies that the query could not be answered at the present time Server Failure indicates that the DNS server is unable to answer due to a failure on the DNS server its...

Page 314: ...Switches v6 0 Chapter 11 Web Agent Procedure To configure a DNS client by using the Web Agent 1 Select DNS from System Administration group on the Web Agent window The DNS Configuration dialog box op...

Page 315: ...4 Enter the domain name suffix for each DNS server in the Domain Name Suffix fields fields 1 6 5 Click APPLY to save your changes or CANCEL to restore previous settings CLI Commands The following comm...

Page 316: ...Avaya configure ip name server 20 20 20 20 Added name server 20 20 20 20 to the name server list Avaya configure ip name server 30 30 30 30 Added name server 30 30 30 30 to the name server list Avaya...

Page 317: ...cast it implements IGMP and DVMRP The following information and procedures provided in this chapter pertain to layer 3 module configurations only Routing Function Requirements for IP Routing Routing C...

Page 318: ...logically independent from and sits on top of the Layer 2 VLANs The function of the Inter VLAN router is to route traffic between VLANs subnets The router has an interface or virtual port for each VLA...

Page 319: ...ith 80 series modules Supervisor and Media modules you must configure your switch with a minimum of version 5 0 and above Minimum Configuration Requirements Your switch must be configured as follows t...

Page 320: ...mask for each VLAN and associated subnet 5 Globally enable IP Forwarding Routing 6 Enable the routing protocol on an interface 7 Specify how the router will communicate with other routers by configur...

Page 321: ...2 5 Configuring IP Routing Figure 12 2 IP Interfaces Dialog Box 2 To modify an IP interface first click on Select to select the specific interface modify the parameter s and then click on APPLY or CAN...

Page 322: ...lect the interface enter the new value of the ARP Timeout period and change the Admin State parameter to UP then click on APPLY 3 To delete an IP interface first click on Select to select the specific...

Page 323: ...Document No 650 100 700 Issue 1 12 7 Configuring IP Routing Figure 12 3 Add IP Interface Web Screen...

Page 324: ...routing only or routing and management for the serial interface or the Ethernet Console configure both for management only Ethernet Console Creates an IP interface and assigns the IP address to the Su...

Page 325: ...Mgmt Default Enables you to manage the switch from the Command Line Interface CLI or the Web Agent and configure IP routing for the switch Mgmt Only Enables you to manage the switch however IP routing...

Page 326: ...for the interface Options include None Default DVMRP IGMP Note By Default multicast forwarding is disabled To enable multicast forwarding go to the IP Global Configuration page Proxy ARP Enable or dis...

Page 327: ...u can enable IP Unicast Forwarding Routing Globally using either the Web Agent or the CLI Web Agent Procedure To enable IP routing using the Web Agent 1 Select Global Configuration from the Routing IP...

Page 328: ...12 12 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 12 Figure 12 4 IP Global Configuration Dialog Box...

Page 329: ...be enabled on the desired IP interface enabled by default BOOTP DHCP Option 82 Agent Info Enable This sub option 82 identifies the IP address and if available the system name of the switch The Defaul...

Page 330: ...ce settings can cause the switch to stop all routing Local Routes Enter a preference value for local routes Note Local Routes must always have the higher preference High Preference Static Routes Enter...

Page 331: ...computing resources on network 192 168 10 x to communicate with computing resources on network 192 168 60 x without having to go through a router To create a multinetted network you must assign multi...

Page 332: ...will be the relay Configuring Short Lived IP Protocol Filters Overview This feature helps conserve the forwarding engine resources of the switch Depending on the configuration of your network the forw...

Page 333: ...ets of the protocol For information about the slow path see Routing Overview in Chapter 1 Introduction By default a filter is enabled for DNS and NTP packets To route the packets of other short lived...

Page 334: ...route packets of the protocol For information about the FIRE and FORE paths see Routing Overview in Chapter 1 Introduction CLI Command To disable the filter for a short lived IP protocol enter Global...

Page 335: ...or example ip short lived tcp 112 ip short lived udp 53 ip short lived udp 123 Creating IP Static Routes You can create IP static routes using either the Web Agent or the CLI Important Do not create a...

Page 336: ...for your IP static route Mask Enter an IP subnet mask for your IP static route Next Hop Address Enter an IP address for the gateway associated with the IP static route The default setting is null 0 wh...

Page 337: ...re configured on the switch configure show ip route static Creating a Static Route to a Null Interface Overview A null interface is a virtual interface that discards IP packets and is used to prevent...

Page 338: ...t have a destination of 10 10 3 32 to Router 1 2 Because VLAN 103 is down Router 1 sends the packets to the Border Router 3 The Border Router then sends the traffic back to Router 1 via the route 10 1...

Page 339: ...in the content pane See Figure 12 6 4 In the Network Address field enter the IP address of the network for which you are creating a null interface 5 In the Mask field enter the subnet mask for the net...

Page 340: ...Agent Procedure To create a static ARP entry in your switch s ARP cache using the Web Agent 1 Select Static ARP from the Routing IP Configuration group on the Web Agent window The IP Static ARP Entri...

Page 341: ...Agent between a BOOTP DHCP server and the requesting client You can create a BOOTP DHCP Server entry using either the Web Agent or the CLI Note BootP DHCP must first be enabled in the IP Global Config...

Page 342: ...ure 12 11 Add BOOTP DHCP Server Entry Dialog Box 3 Enter the BOOTP DHCP server IP address in the IP Address field 4 Click CREATE to save your changes or CANCEL to restore previous settings Note It is...

Page 343: ...set the entry to redistribute either all routes or specific routes If you want to redistribute only specific routes you must set up an access list to either permit or deny specific routes for redistr...

Page 344: ...Agent Procedure To create an IP redistribute list entry 1 In the navigation pane expand the Routing IP Configuration folders 2 Click IP Redistribute List The IP Redistribute List Entries Web page is...

Page 345: ...whose routes you want to redistribute Options are RIP OSPF static and local 7 In the Destination Protocol field select the protocol to which you want the routes redistributed Options are Rip and OSPF...

Page 346: ...To view IP redistribute list entries use the following CLI command show ip redistribute Modifying an IP Redistribute List Entry Note Modifying an IP redistribute list entry that has OSPF for its desti...

Page 347: ...re information see Creating an IP Redistribute List Entry earlier in this chapter Deleting an IP Redistribute Entry Note Deleting an IP redistribute list entry that has OSPF for its destination protoc...

Page 348: ...tch to forward multicast traffic from the local multicast server to group members on directly attached subnetworks If a multicast packet is forwarded to multiple interfaces on one VLAN only one Forwar...

Page 349: ...ted After selecting the specific IGMP version for an interface you can manually configure the Version 1 0 querier The selection of the querier for Version 2 0 is dynamic but can be overridden Globally...

Page 350: ...for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 12 Figure 12 15 IP Global Configuration Dialog Box 2 Select Enable from the IP Multicast Forwarding field pull down menu to enable IP mu...

Page 351: ...Y to save your changes or CANCEL to restore previous settings CLI Command To globally enable IGMP using the CLI enter the following command from Configure mode configure set router igmp Modifying IGMP...

Page 352: ...mask associated with this interface Note This parameter is not configurable from the IGMP configuration dialog box IGMP Version Select the IGMP Version 1 0 or 2 0 to be associated with the IGMP inter...

Page 353: ...Response Interval in sec Enter a time in seconds to wait for a response from a host after a query is sent If no response is received within this time the host is removed from the group table The valid...

Page 354: ...ber of DVMRP neighbor to neighbor probe messages The loss of these messages may cause multicast routing to become unstable Configuring the DVMRP Global Configuration Web Agent Procedure To configure D...

Page 355: ...Select Disable to globally disable DVMRP The default value is Enable Neighbor Router Probe Interval Enter probe interval in seconds for the switch to probe the network for available neighbor routers...

Page 356: ...erval in seconds that elapses between delivery of DVMRP routing table updates The valid range for this field is 30 to 90 seconds The default setting is 60 seconds Route Replace Time Enter the amount o...

Page 357: ...ticast protocol on an interface to DVMRP before you can configure DVMRP See Displaying Existing IP Interfaces earlier in this chapter and enable a multicast protocol for this interface 2 See Table 12...

Page 358: ...with the protocol set to IPIP IP in IP Tunnel Endpoint Address Displays the Tunnel endpoint IP address of a router You can modify this setting to represent the end router IP address to which you want...

Page 359: ...Displaying the IP Routing Table Statistics Searching the IP ARP Cache Displaying Global IP Routing Statistics You can monitor switch performance using either the Web Agent or the CLI Web Agent Procedu...

Page 360: ...w the definition of each statistic Table 12 11 IP Routing Global Statistics Statistic Defines the IP In Receives Total number of input datagrams received from interfaces including those received in er...

Page 361: ...Routed via this entity and the Source Route option processing was successful Note This is routed by the supervisor in the software IP In Unknown Protocols Number of input datagrams discarded due to er...

Page 362: ...to be reassembled IP Reassembly OKs Number of IP datagrams successfully reassembled IP Reassembly Failures Number of failures detected by the IP re assembly algorithm timeout errors Note that this is...

Page 363: ...ICMP Timestamp Reply messages received ICMP In Address Mask Requests Number of ICMP Address Mask Request messages received ICMP In Address Mask Replies Number of ICMP Address Mask Reply messages rece...

Page 364: ...rts Total number of received UDP datagrams for which there was no application at the destination port UDP In Errors Number of received UDP datagrams that could not be delivered for reasons other than...

Page 365: ...P Relay Agent BOOTP DHCP In Responses Total number of BOOTP DHCP response datagrams received by the BOOTP DHCP Relay Agent BOOTP DHCP In Discards Number of BOOTP DHCP requests discarded Incremented wh...

Page 366: ...Table 12 12 to determine your search parameters 4 Select SEARCH If routes are available they are displayed in the IP Routing Table dialog box Figure 12 22 Table 12 12 IP Route Table Search Parameters...

Page 367: ...you must delete the local IP interface associated with that entry Displaying the IP Routing Table Statistics To display the IP Routing Table Statistics 1 Select Route Table Statistics from the Routin...

Page 368: ...outing IP Display group on the Web Agent window The ARP Cache Entry Search dialog box opens Figure 12 24 Table 12 13 IP Routing Table Statistics Dialog Box Parameters Parameter Definition Current Numb...

Page 369: ...RP Cache Search dialog box parameters 4 Click SEARCH to start the search If matching entries are found they are displayed in IP ARP Cache dialog box IP Multicast Statistics You can view IP Multicast s...

Page 370: ...ache Note It is possible to use access rules to filter and prioritize multicast traffic Displaying IGMP Global Statistics Web Agent Procedure IGMP global statistics provides membership reports members...

Page 371: ...12 15 IGMP Global Statistics Dialog Box Parameters Parameter Defines the Group Membership Reports Received Number of reports received in response to a group membership query Hosts respond to a Query b...

Page 372: ...tics IP Address IP address associated with the interface IP Address Mask Subnet mask associated with each listed interface State Current state of the interface For example if the interface is enabled...

Page 373: ...ted querier on this interface Applicable only if IGMP V2 is used Group Join Requests Received Number of new groups on this interface Group Leave Requests Received Number of leave requests received on...

Page 374: ...ntries Click Flush Table to clear the entire table Click REFRESH to receive the most up to date information on the entries in the table 3 See Table 12 17 for an definition of the IGMP Group Membership...

Page 375: ...ulticast Forwarding Cache dialog box opens Figure 12 28 Local Multicast Forwarding Cache Dialog Box 2 To modify the Local Multicast Forwarding Cache select an entry and Click Delete Entry to delete on...

Page 376: ...Parameters Defines the Destination Group Address Destination group address of the multicast transmission Source SubNetwork Subnet on which the IGMP interface s exist Source Address Mask Subnet mask a...

Page 377: ...hange probes and routing updates so they each have a picture of their neighbors capabilities and the DVMRP network topology Report Messages Received Route Report messages received on this switch Prune...

Page 378: ...robe messages transmitted to the network Report Messages Transmitted Report messages transmitted on this switch Prune Messages Transmitted Prune messages transmitted upstream on this switch This indic...

Page 379: ...status indications include UP The interface is active DOWN The interface is inactive Type Type of interface configured Possible values include Broadcast All traffic is forwarded through the routers T...

Page 380: ...group on the Web Agent window The DVMRP Interface Statistics dialog box opens Figure 12 30 Figure 12 31 DVMRP Neighbor Routes Dialog Box 2 Select the number in the Neighbor DVMRP Router s column if i...

Page 381: ...window The DVMRP Routing Table Statistics dialog box opens Figure 12 32 Table 12 21 DVMRP Neighbor Routers Parameter Displays Neighbor Network Address The neighbor router s IP address Found on Interf...

Page 382: ...p on the Web Agent window The DVMRP Route Table dialog box opens Figure 12 33 Figure 12 33 DVMRP Route Table Dialog Box 2 To modify your DVMRP Route table do one of the following To delete one or more...

Page 383: ...st to source network Expiration Period in sec Time in seconds remaining before the source network is removed from the DVMRP routing table Upstream Router s IP address of the DVMRP router that is the u...

Page 384: ...opens 3 See Table 12 24 for an explanation of the DVMRP Upstream Router s dialog box parameters Displaying the DVMRP Designated Forwarder s Table Web Agent Procedure To view the DVMRP Designated Forwa...

Page 385: ...Route Table dialog box opens see Figure 12 33 2 Select the number from the Downstream Dependent Router s column for the appropriate source network The Downstream Dependent Router s dialog box opens Ta...

Page 386: ...ing Cache from the Routing DVMRP group on the Web Agent window The Multicast Forwarding Cache dialog box opens Figure 12 35 Table 12 26 DVMRP Downstream Dependent Router s Dialog Box Parameter Paramet...

Page 387: ...ding Cache dialog box parameters Table 12 27 Multicast Forwarding Cache Dialog Box Parameters Parameter Defines the Select Selection of the multicast forwarding cache Destination Group Address Destina...

Page 388: ...eam Prune Information dialog box Next Pruned Downstream Interface to Timeout Next interface that is currently pruned which will be grafted back Downstream Interface s Number of downstream interfaces A...

Page 389: ...ted in IP unicast packets with the protocol set to IPIP IP in IP Non Encapsulated Tunnel All multicast data traffic on this interface is IPIP encapsulated but the protocol messages are simple unicast...

Page 390: ...unnel All multicast data traffic on this interface is IPIP encapsulated but the protocol messages are simple unicast Interface is Pruned Status of whether the interface has been pruned Prune Expiratio...

Page 391: ...l router The Backup router monitors the availability of the Master router and will assume Mastership in the event that the Master router fails The VRRP protocol is described in detail in RFC 2338 Glob...

Page 392: ...ettings CLI Command To globally enable VRRP from the CLI enter the following command in Configure mode configure router vrrp Enabling VRRP on an Interface VRRP can be enabled on an interface using the...

Page 393: ...e from the VRRP field pull down menu for the interface you selected 4 Click APPLY to save your changes or CANCEL to restore previous settings CLI Command To enable an VRRP on an interface using the CL...

Page 394: ...Avaya P580 and P882 Multiservice Switches v6 0 Chapter 12 Figure 12 38 VRRP Virtual Routers Dialog Box 2 Select CREATE The Add VRRP Virtual Router dialog box opens Figure 12 39 Figure 12 39 Add VRRP V...

Page 395: ...VR ID can be used for multiple virtual routers as long as the associated IP Interfaces are on different VLAN s each VR ID number can be used once per VLAN The default value is 1 The range is 1 255 dec...

Page 396: ...ld described below The default value is None Authorization Key Enter the Authentication Key in this field If the Authentication Type was set to None then a password will not be used in the VRRP electi...

Page 397: ...using the drop down menu Enabling Address Owner Override allows the VIP to reply to ICMP requests if the router is not the IP Address owner of the virtual router s IP Address the VIP and IP Address a...

Page 398: ...atistics Dialog Box Fields Parameter Definition Interface Displays the IP Interface name that the virtual router is associated with VR ID Displays the virtual router identification number IP Address D...

Page 399: ...ing IP Interface or that the associated IP Interface is Down Backup Indicates that the virtual router is in the Backup state A virtual router in this state monitors the availability of the Master rout...

Page 400: ...rities are automatically assigned Backup routers can use the default Priority settings and correct Master Backup election will be achieved Another IP Address does not have to be reserved for the virtu...

Page 401: ...mary state to become Backup Selecting an Advertisement Interval In most cases leaving the Advertisement Interval to its default value of 1 is adequate Usually this is also desired because it will allo...

Page 402: ...of their neighbor routers by listening for the advertisements When a host attached to a link starts up it may multicast a router solicitation to ask for immediate advertisements rather than waiting fo...

Page 403: ...able IRDP on the selected interface The default value is Disable Preferences Enter the preference of the address as a default router address relative to other router addresses on the same subnet The m...

Page 404: ...36 11 Select Enable the IP Multicast Forwarding field pull down menu 12 Click APPLY to save your changes or CANCEL to restore previous settings Min Advertisement Interval sec Enter the minimum time i...

Page 405: ...illed if a primary server fails The LDAP client sends a search for access control lists to the primary server if the client finds the primary server The primary server retrieves the access lists from...

Page 406: ...number of the primary LDAP server for the access control list domain The port number is used in conjunction with the primary server IP address There are no special overload values The default port is...

Page 407: ...Server Port Enter the backup LDAP server port number for the access control list domain The port number is used in conjunction with the secondary server IP address There are no special overload value...

Page 408: ...Web Agent window The LDAP Statistics dialog box opens Figure 12 43 Figure 12 43 LDAP Statistics Dialog Box 2 Click Refresh to dynamically update LDAP Statistics parameters 3 See Table 12 35 for an exp...

Page 409: ...ic route in the Next Hop Address field Producer Signal The sequence number that when modified triggers the LDAP client to download the latest policy from the LDAP server Typically Avaya Policy Manager...

Page 410: ...ent window The IP Interfaces dialog box opens Figure 12 37 4 Select CREATE The Add IP Interface dialog box opens Figure 12 3 5 Select Serial Console from the VLAN field pull down menu This indicates t...

Page 411: ...ess Control Rules are used to describe how to forward route packets as opposed to where to forward them The how can be to forward the packet with a specific priority 0 7 forward the traffic with an un...

Page 412: ...score _ character ACL Names are entered when you create a rule By using the same ACL Name for multiple rules you are effectively creating a list of rules The Access List Index determines the order of...

Page 413: ...permit all at the end of every list Therefore if no match is found the packet is forwarded with the priority un changed What are Wildcards Wildcards are a template that govern which part of an IP add...

Page 414: ...de networks as well as interfaces to Inside networks The Outside networks need access to a web server and should be denied access to any other resource within the Inside network Hosts on the Inside ne...

Page 415: ...rest of the Inside networks And Rule 4 blocks the web server from getting to the rest of the networks Outside Rule 5 gives the hosts on the Inside network access to any network Rule 6 blocks any othe...

Page 416: ...separate sections The switch supports a maximum total of 512 access control rules regardless of the number of access lists For example you could create the following three ACLs ACL A with 100 rules AC...

Page 417: ...vaya Multiservice switch supports ACL names up to 32 characters Alpha Numeric Spaces are allowed in the names but are not recommended Instead of spaces use the underscore _ character See Naming Conven...

Page 418: ...g box opens Figure 13 3 Access Type Select the method of handling incoming datagrams based on the IP access type from the following pull down menu options Deny Filter Allows you to filter out drop pac...

Page 419: ...Document No 650 100 700 Issue 1 13 9 Configuring Access Lists Figure 13 3 IP Extended Access Rule Creation Dialog Box...

Page 420: ...ased on the specified configuration Permit Fwd pri8 high to pri1 low Allows you to prioritize traffic based on the specified configuration Permit Fwd with no change in priority Allows you to forward t...

Page 421: ...ation port see http www iana org assignments port numbers TCP UDP Destination Port Specify a range of destination ports that pass data between two hosts or switches using the Transmission Control Prot...

Page 422: ...tting to 30 000 Greater than 30 000 the switch does not change the setting Automatically sets hash mode for IP unicast traffic to SA DA This setting improves the performance of the switch when an ACL...

Page 423: ...s List dialog box displays Figure 13 1 2 Select Create Extended The IP Extended Access Rule Creation dialog box displays Figure 13 3 3 Enter a number between 100 and 199 or Alphanumeric for extended A...

Page 424: ...r traffic to either a specific address or to an entire subnet In this example all traffic between the two subnets is filtered This example also assumes that the network is a Class C sub network 255 25...

Page 425: ...specify the destination IP address of the network node and use a subnet wildcard of 0 0 0 0 To deny filter all traffic you must specify a destination address of 0 0 0 0 and a wildcard of 255 255 255...

Page 426: ...rvisor ethernet or console port For more information about the slow path and FIRE and FORE paths see Routing Overview in Chapter 1 Introduction This section includes procedures for the following tasks...

Page 427: ...ACL matches in the event log Figure 13 5 Sample ACL matches in the event log Setting a Logging Interval Web Agent Procedure To set the interval for ACL logging 1 In the navigation pane expand the Rou...

Page 428: ...to optimize performance Terminology The following terms are used extensively in this section 5 tuple The five elements that fully describe the criteria of the ACL rule Source IP Mask Destination IP Ma...

Page 429: ...of the packet for a high rate of L3FE re use In the most complex case such as an ACL that specifies the entire 5 tuple the granularity of identification will cause a very low rate of re use FORE Fast...

Page 430: ...ance Enable Routing at the Module Design Safe Efficient ACLs Identify the Ports Configuring Hash Mode Managing F chip Memory Recognize Performance Issues When the ACL is the root of a performance prob...

Page 431: ...eed this information to match Flows against the F chip statistics to locate the problem area The next step and this will be repeated as needed is to note the usage statistics with and without the ACL...

Page 432: ...yer 3 forwarding cache The default setting is 120 seconds You can set this timer to a value from 120 to 360 seconds The Age interval timer starts when a new forwarding entry is added to the layer 3 fo...

Page 433: ...istributed licensed routing function When a module is licensed the on board F Chips FIRE provide the fast path processing When a module is unlicensed the fast path is handled by the single F Chip FORE...

Page 434: ...r of micro Flows to be created Minimize Rules The number of rules has a direct impact on the CPU effort to match rules to Flows This is especially true when there is a high frequency of packets that a...

Page 435: ...her other slots are empty or full F Chips numbers are associated with their respective Fabric ports To locate the Fabric port and F Chip for Physical Port you need to know the media type and slot For...

Page 436: ...CL is enabled This setting can cause a noticeable increase in the total flows identified and result in an increased usage of F chip memory See Managing F chip Memory in this case Important Changing th...

Page 437: ...entified than in the DA only mode The F chip memory can accommodate approximately 70 000 total entries for routed L3 flows This number comprises IP Unicast IP Multicast and IPX entries for that F chip...

Page 438: ...Procedure To use the Web Agent to manually double the IP Unicast maximum to 30 000 entries 1 In the navigation pane expand the Routing L3 Forwarding Cache and then click Cache Configuration The Layer...

Page 439: ...Neighbors Viewing RIP Statistics Key Chains NBMA IP Interfaces For more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 M...

Page 440: ...o Global RIP Enable or disable the RIP protocol The default is Enable Note You must disable the IP Interface before Disabling or Enabling RIP Update Timer Enter the value in seconds that represents th...

Page 441: ...r the CLI Web Agent Procedure To modify RIP interfaces using the CLI from the Web Agent 1 Select Interfaces from the Routing IP RIP group on the Web Agent window The RIP Interfaces dialog box opens Fi...

Page 442: ...rsion Specify the version of RIP you want to use to send packets across this interface Selections include V1 V2 V1 V2 V1 is the default setting Receive Version Specify the version of RIP you want to u...

Page 443: ...the default setting Auth Type Specify the type of authentication available for use on a given RIP interface Authentication types include None No authentication required Simple Uses a clear text passw...

Page 444: ...ghbor using either the Web Agent or the CLI Web Agent Procedure To create a trusted RIP neighbor using the Web Agent 1 Select Trusted Neighbors from the Routing IP RIP group on the Web Agent window Th...

Page 445: ...at the key is valid This key must be identical on each device that will participate in an exchange of information In the case of RIP version 2 only routers can use MD5 encryption to ensure that only r...

Page 446: ...realistic number would be 18000 seconds 5 Hours For this time interval the RIP V2 interface would exchange routes with other RIP V2 routers in the same subnet Once expired the RIP V2 interface would...

Page 447: ...number of the Key Valid range 1 to 255 Key Name 16 character alpha numeric key This is the actual key used by MD5 encryption This setting must be identical to the Key on other RIP V2 routers on the sa...

Page 448: ...Example To create a Key Chain called AvayaChain with Key ID 123 Key Name MD5 Key AvayaKey123 that begins on March 10 2002 at 5 30 a m and lasts indefinitely enter the commands in the following order k...

Page 449: ...l the entries Click REFRESH to receive the most up to date information on the entries 3 Use Table 14 4 to interpret the RIP statistics Table 14 4 RIP Statistical Parameters Parameter Defines the Inter...

Page 450: ...upport for this functionality was added to enable route exchange over nonbridged connections routed PVCs For more information about NBMA see NBMA IP Interfaces in Chapter 15 Configuring the OSPF Routi...

Page 451: ...ts to build their own network routing tables These packets that describe the local links are short and cause less traffic congestion than Routing Information Protocol RIP which broadcasts large routin...

Page 452: ...ne router networks in their areas and advertise them onto the backbone Autonomous System Backbone Router ASBR router that has directly connected interfaces in non OSPF networks These networks are then...

Page 453: ...your router ID and whether or not you want the switch to be the Autonomous System AS border router You can globally configure OSPF using either the Web Agent or the CLI Web Agent Procedure To globall...

Page 454: ...nformation on route redistribution filters see Configuring Route Redistribution in Chapter 12 Configuring IP Routing SPF Hold Time Specify the minimum number of seconds between SPF shortest path first...

Page 455: ...can create OSPF areas using either the Web Agent or the CLI Web Agent Procedure To create OSPF areas using the Web Agent 1 Select Areas from the Routing IP OSPF group on the Web Agent window The OSPF...

Page 456: ...ter network 10 10 10 1 0 0 0 255 area 2 2 2 2 If you enter the IP network mask 255 255 255 0 instead of the wildcard mask 0 0 0 255 all OSPF interfaces that have 1 for the last octet of their IP addre...

Page 457: ...e an OSPF area use the following command Note Before deleting an OSPF area assign any interfaces that are associated with the area to a different area or delete the interfaces configure router ospf no...

Page 458: ...You must bring the IP interface Down to successfully enable OSPF on the IP interface If you do not you will get an error message and OSPF will not be enabled 2 Select the down arrow from the OSPF fiel...

Page 459: ...or the interface that you want to modify 9 Modify the OSPF interface as necessary See Table 15 3 for an explanation of each field on this Web page 10 Click Apply 11 Reenable the interface a In the nav...

Page 460: ...database description and link state request packets The value range is 1 3600 The default is 5 Hello Interval Enter the time seconds between the Hello packets that the router sends on the interface T...

Page 461: ...255 area 2 2 2 2 If you enter the IP network mask 255 255 255 0 instead of the wildcard mask 0 0 0 255 all OSPF interfaces that have 1 for the last octet of their IP address will be added to area 2 2...

Page 462: ...igure router ospf passive interface interface name ip addr To set the state of an OSPF interface that is configured as a passive interface to normal configure router ospf no passive interface interfac...

Page 463: ...ay Estimated number of seconds it takes to transmit a link state update packet over this virtual link The value range is 1 3600 The default is 1 Retransmit Interval Number of seconds between link stat...

Page 464: ...og box opens Figure 15 5 2 Select the virtual link that you want to remove 3 Click DELETE The virtual link is removed Dead Interval Time in seconds that a router s Hello packets have not been seen bef...

Page 465: ...tual Links dialog box parameters 4 Click APPLY to save your changes or CANCEL to restore previous settings CLI Command To modify an OSPF virtual link use the following command configure router ospf ar...

Page 466: ...log Box 2 Select CREATE The Add OSPF Summary dialog box opens Figure 15 8 Figure 15 8 Add OSPF Summary Dialog Box 3 See Table 15 5 for details about the Add OSPF Summary dialog box parameters Table 15...

Page 467: ...to remove 3 Click DELETE The OSPF summary you selected is removed CLI Command To delete an OSPF summary use the following command configure router ospf no area area id range ip address mask Modifying...

Page 468: ...ospf area area id range ip address mask Monitoring Switch Performance Using OSPF Statistics You can monitor switch performance using the following OSPF statistics OSPF Links OSPF Neighbors OSPF Link...

Page 469: ...ntegrated Routing supports OSPFv2 External LSA Count Number of external LS type 5 link state advertisements LSAs in the link state database Originate LSA Count Number of LSAs originated by this router...

Page 470: ...point for Link State Advertisements SPF Runs Number of times that the intra area route table has been calculated using this area s link state database Border Rtrs Total number of area border routers r...

Page 471: ...neighbors You can display OSPF neighbors using either the Web Agent or the CLI Web Agent Procedure To display the OSPF neighbors using the Web Agent 1 Select Neighbors from the Routing IP OSPF group o...

Page 472: ...to decide which router is the master and to decide upon the initial Database Description sequence number Neighbor conversations in this state or greater are called adjacencies Exchange Router is desc...

Page 473: ...up on the Web Agent window The Link State Database Search dialog box opens Figure 15 12 Note You can select more than one item in the Search By column to help narrow your search results T Option Speci...

Page 474: ...Area ID click the Area ID checkbox and specify the IP address of the Area ID that you want to find in the database and click SEARCH Type click the Type checkbox and from the Type pull down menu selec...

Page 475: ...e only flooded within a particular area Network Links These packets are generated by Designated Routers and describe the set of routers attached to a particular network Summary Network These summaries...

Page 476: ...cribe inter area routes to various networks They can also be used for aggregating routes Summary AS Border This describes links to Autonomous System Border Routers and are generated by Area Border Rou...

Page 477: ...ition Area Displays the 32 bit identifier of the area from which the LSA was received Type Displays the link state type Types include Router Links Network Links Summary Network Summary AS Border AS Ex...

Page 478: ...n of OSPF over NBMA is almost identical to operation of OSPF over broadcast LANs Flooding uses the designated router and both subnets are represented identically within the OSPF link state database by...

Page 479: ...ace Note RIP or OSPF must be enabled to set up NBMA neighbors Note See Creating and Assigning IP Interfaces to the VLAN in Chapter 12 Configuring IP Routing for option settings 1 Open the Routing IP C...

Page 480: ...ce interface name The following prompt displays configure if interface name 3 Enter the following command at the prompt ip address ip addr mask 4 Enter the following command at the prompt type nbma Se...

Page 481: ...web agent or the CLI Web Agent Procedure To remove the NBMA neighbors using the web agent TBD CLI Command To remove the NBMA neighbors using the CLI enter the following command at the configure router...

Page 482: ...I Commands for RIP To set up an NBMA neighbor on RIP you must first create a RIP interface 1 After you create a RIP interface enter the following command at the prompt router rip The configure router...

Page 483: ...ce Switches Software Version 6 0 IPX Overview The IPX protocol is connectionless and performs datagram delivery and routing in Novell NetWare networks Each IPX address consists of Network Number A 32...

Page 484: ...s Table 16 1 IPX Datagram Structure Fields Field Definition Checksum Provides integrity checking Note Checksum is normally not enabled in IPX networks and is usually set to 0xFFFF Packet Length Length...

Page 485: ...modules Packet Type Indicates the type of service required or offered by the packet Types include Sequenced Packet Exchange SPX packet NetWare Core Protocol NCP packet NetBIOS propagated packet Desti...

Page 486: ...lobal Configuration Dialog Box 2 Configure IPX Routing Global Configuration dialog box parameters to make your switch an IPX router See Table 16 2 for an explanation of the dialog box parameters Table...

Page 487: ...rom Routing IPX Configuration group on the Web Agent window The IPX Interfaces dialog box opens Figure 16 5 SAP Select Disable to prevent IPX SAP from routing globally This affects all IPX interfaces...

Page 488: ...rface Click on CREATE Note Only the create button is shown if no IPX Interfaces are configured 3 The Add IPX interface Dialog Box opens Figure 16 4 Figure 16 4 ADD IPX Interface Dialog Box 4 See Table...

Page 489: ...5 IPX Interfaces Dialog Box Note Due to its length the IPX Interfaces dialog box is split into two views 6 To view or modify IPX Interfaces select IPX Interfaces from Routing IPX Configuration group o...

Page 490: ...g VLANs in Chapter 6 Using VLANs Hunt Groups and VTP Snooping Network Number Enter the number of the IPX network you want to assign to the IPX interface This number is a hexadecimal 32 bit 8 character...

Page 491: ...x RIP Select Disable to prevent IPX RIP from routing globally This affects all IPX interfaces set up to use the IPX RIP routing protocol The default value is Enable SAP Select Disable to prevent IPX S...

Page 492: ...rameters Parameter Allows you to Network Enter the IPX network number that you want to assign to the IPX static route Next Hop Node Enter the MAC address for the next destination to which the packet i...

Page 493: ...ing command in Interface mode config if if name ipx route network address range options Deleting IPX Static Routes You can delete an IPX static route using either the Web Agent or the CLI Web Agent Pr...

Page 494: ...atic Route configuration 4 Click APPLY to save your changes or CANCEL to restore previous settings CLI Command To modify an IPX static route using the CLI enter the following command Interface mode co...

Page 495: ...the Add IPX Static Service dialog box parameters Table 16 5 IPX Static Service Dialog Box Parameters Parameter Allows you to Service Name Enter the IPX Static Service name For example FS_ENG01 Use SL...

Page 496: ...rver 9 Remote Bridge Server 24 Advertising Print Server 47 Network Enter the IPX Static Service network number in Hex Node Enter the IPX Static Service node address in hex The format of the node value...

Page 497: ...window The IPX Static Services dialog box opens see Figure 16 9 2 Select the checkbox for the IPX Static Service that you want to remove 3 Click DELETE to remove the IPX static service or CANCEL to k...

Page 498: ...your switch Displaying IPX Global Statistics Searching the IPX Route Table Displaying the IPX Route Table Displaying IPX Route Table Statistics Searching the IPX Service Table Displaying the IPX Serv...

Page 499: ...Dialogue Box Parameters Parameter Allows you to IPX In Receives View the total number of IPX packets received including errors IPX In Delivers View the total number of IPX packets delivered locally Th...

Page 500: ...l to 16 IPX In Checksum Errors View the number of IPX packets received with bad checksums IPX Out Requests View the number of IPX packets supplied locally for transmission This does not include any pa...

Page 501: ...found they are displayed in the IPX Route Table dialog box If no routes are available a message is displayed in the IPX Route Table dialog box Table 16 7 IPX Route Table Search Parameters Parameter Al...

Page 502: ...te Table Statistics dialog box opens see Figure 16 14 Table 16 8 IPX Route Table Parameters Parameter Defines the Select Parameter selected Network Network number in hex of the IPX network Interface I...

Page 503: ...le 1 Select Service Table Search from the Routing IPX Display Web Agent window The IPX Service Table Search dialog box opens see Figure 16 15 Table 16 9 IPX Route Table Statistics Statistic Definition...

Page 504: ...om the Search By column and specify Static as your search value 3 See Table 16 10 to determine the search parameters Table 16 10 IPX Service Table Search Parameters Parameter Allows you to Source Sear...

Page 505: ...Service Name Search the IPX Service Table using a service name you specify Note that you can specify a single asterisk to indicate a wildcard character that will match all characters entered before th...

Page 506: ...rver 9 Remote Bridge Server 24 Advertising Print Server 47 Network Network number of the IPX service Node Node address of the service Socket Number associated with a running process on the end node fo...

Page 507: ...ble 16 12 to review each statistic Table 16 12 IPX Service Table Statistics Dialog Box Statistic Defines the Current Number of Services The current number of IPX services Peak Number of Services The p...

Page 508: ...16 26 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 16...

Page 509: ...more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Configuring IPX RIP Inter...

Page 510: ...he maximum allowed by the MTU of the RIP interface If disabled RIP packets are limited to 50 network entries The default is Disabled Periodic Update Interval sec Specify the length of time for the per...

Page 511: ...ng IPX RIP Filters You can create and modify IPX RIP filters from either the Web Agent or the CLI Web Agent Procedure To create and modify IPX RIP filters using the Web Agent 1 Select Filters from the...

Page 512: ...e This box only appears with the IPX RIP Filters Dialog Box Interface Select the interface to which this filter will be applied to RIP packets sent and or received on the interface Precedence Specify...

Page 513: ...pply the filter only to RIP packets sent outbound direction on the interface Enable allows you to filter and suppress traffic and is the default Select Disable to disable the filtering and suppression...

Page 514: ...Open the Direction pull down menu and select Outbound f Open the Filter Suppress pull down menu and select Enable g Enter 0 in the Ticks and Hops fields 3 Click Apply to save your changes or CANCEL t...

Page 515: ...nter ffffffff in the End Network field e Select Outbound from the Direction pull down menu f Select Enable from the Filter Suppress pull down menu g Enter 0 in the Ticks and Hops fields 3 Click APPLY...

Page 516: ...istics using the CLI enter the following command from Interface mode config if interface name show ipx interface intf name Table 17 3 IPX RIP Interface Statistical Parameters Parameter Definition Inte...

Page 517: ...preting IPX SAP Interface Statistics For more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Softwa...

Page 518: ...date packets to be sent out over an interface with no interpacket transmission delay Enable If you want to send the IPX SAP periodic update packets to be sent out over an interface with an interpacket...

Page 519: ...le To allow SAP updates to be immediately transmitted to the network in response to changes in the network topology default Get Nearest Server Reply Select one of the following from the pull down menu...

Page 520: ...name filters using the Web Agent 1 Select Name Filters from the Routing IPX SAP group on the Web Agent window The IPX SAP Name Filters dialog box opens Figure 18 2 Only the CREATE button is displayed...

Page 521: ...a service name For example FS_ENG001 A single asterisk may be present as the last character which will match all remaining characters of a service name Type Enter the service type that identifies the...

Page 522: ...presents a wildcard that applies to all server names d Enter 7 in the Type field e Select Outbound from the Direction pull down menu Filter Suppress Select to enable or disable whether the services ma...

Page 523: ...CLI enter the following command from Configure mode configure ipx sap name filter precedence filter name service type outbound inbound both filter allow filter hops Creating IPX SAP Network Filters Yo...

Page 524: ...ote This field is displayed in the IPX SAP Net Filter dialog box not in the Add IPX SAP Net Filter dialog box Interface Select the interface to which this filter will be applied to SAP packets sent an...

Page 525: ...ckets sent on the interface Both Applies the filter to SAP packets both sent and received on the interface Default value is outbound Filter Suppress Disable whether the services matching Net and Type...

Page 526: ...ters dialog box opens Figure 18 4 2 Select CREATE The Add IPX SAP Net Filter dialog box opens Figure 18 5 3 Configure the following parameters a Select an interface name from the Interface pull down m...

Page 527: ...from the Direction pull down menu f Select Enable from the Filter Suppress pull down menu g Enter 0 in the Hops field Entering 0 ensures that there is no override in the transmission of data on the ne...

Page 528: ...e Network Number The network number of the IPX network associated with the interface Triggered Updates Sent The number of triggered updates sent from the SAP interface Non triggered Updates Sent The n...

Page 529: ...700 Issue 1 18 13 Configuring the IPX SAP Protocol CLI Command To interpret IPX SAP interface statistics using the CLI enter the following command from Interface mode config if interface name show ipx...

Page 530: ...18 14 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 18...

Page 531: ...Switches Software Version 6 0 Implementation This section introduces AppleTalk routing explains how it operates and explains why you would want to configure it on the Avaya P580 or P882 Multiservice s...

Page 532: ...to the network for a certain period of time Name Binding Protocol NBP This protocol translates alphanumeric entity names to AppleTalk addresses NBP maintains a table of node addresses and entities wit...

Page 533: ...the naming mechanism that AppleTalk uses users do not have to understand how AppleTalk works AppleTalk supports a peer to peer network thus dedicated servers or centralized network are not required A...

Page 534: ...om the Routing AppleTalk Configuration group on the Web Agent window The AppleTalk Routing Global Configuration dialog box opens Figure 19 1 Note AppleTalk Routing is disabled by default Figure 19 1 A...

Page 535: ...om the Routing AppleTalk Configuration group on the Web Agent window The AppleTalk Interfaces dialog box opens Figure 19 2 Figure 19 2 AppleTalk Interfaces Dialog Box 3 Select CREATE The Add AppleTalk...

Page 536: ...e The Network Range Start value must be less than or equal to the Network Range End value Network Range End Enter the ending network number The network number specifies the range of AppleTalk network...

Page 537: ...id Editing AppleTalk Interfaces You can edit AppleTalk interfaces using either the Web Agent or the CLI Web Agent Procedure To edit an AppleTalk interface using the Web Agent Note You must enable Appl...

Page 538: ...or Cancel to remove the new zone 5 Select Interfaces from the Routing AppleTalk Configuration group on the Web Agent window The AppleTalk Interfaces dialog box re opens Figure 19 6 6 Select the new zo...

Page 539: ...ant to update in the Select column 18 Click APPLY to save your changes or CANCEL to restore previous settings Note You may select and change multiple interfaces simultaneously with one APPLY operation...

Page 540: ...zone name config if interface name no appletalk vlan vlan id Creating an AppleTalk Static Route You can create an AppleTalk static route using the Web Agent or the CLI Web Agent Procedure To create a...

Page 541: ...bers for extended networks Each number in the range must be an integer between 1 and 65279 Note Network Range Start must be less than or equal to Network Range End Network Range End Enter the ending n...

Page 542: ...zone name Editing AppleTalk Static Routes You can edit AppleTalk Static routes using either the Web Agent or the CLI Web Agent Procedure To edit an AppleTalk static route using the Web Agent 1 Select...

Page 543: ...you need to delete then click the DELETE button 4 Navigate back the AppleTalk Static Route dialog box by selecting Static Route from the Routing AppleTalk Configuration group on the Web Agent window T...

Page 544: ...an AppleTalk static route using either the Web Agent or the CLI Web Agent Procedure To delete an AppleTalk static route using the Web Agent 1 Select Static Route from the Routing AppleTalk Configurat...

Page 545: ...ou can display NBP names to users and use addresses internally to locate entities When you register your entity s name and address pair NBP validates its uniqueness An NBP Filter prevents hosts on one...

Page 546: ...NBP filter using the CLI enter the following command from Interface mode config if interface name appletalk access list access list number permit deny nbp string Table 19 3 AppleTalk NBP Filter Parame...

Page 547: ...box parameters 3 Click CREATE to add a new filter The Add AppleTalk NBP Filter dialog box opens See Creating an AppleTalk Name Binding Protocol NBP Filter earlier in this chapter for more information...

Page 548: ...Figure 19 15 2 Select Edit If The Add Delete Interface to NBP Filter dialog box opens see Figure 19 16 Figure 19 16 Add Delete Interface to NBP Filter Dialog Box 3 Select the interface to be added fro...

Page 549: ...You can create an AppleTalk Zone Filter using either the Web Agent or the CLI Web Agent Procedure To create an AppleTalk zone filter using the Web Agent 1 Select Zone Filter from the Routing AppleTal...

Page 550: ...guration group on the Web Agent window The AppleTalk Zone Filter dialog box opens Figure 19 18 2 Click the checkbox in the Select column next to the AppleTalk zone filter that you want to be edit 3 Se...

Page 551: ...e appletalk access list access list number permit deny zone string Adding or Deleting Interfaces to a Zone Filter You can add or delete interfaces to a zone filter using either the Web Agent or the CL...

Page 552: ...es v6 0 Chapter 19 Click the checkbox in the Select column for the interface that you want to be remove 4 Click Add to add this zone filter to the selected interface DELETE to remove this zone filter...

Page 553: ...alk Statistics This section includes Viewing AppleTalk Global Statistics Viewing the AppleTalk Interface Statistics Table CLI Command Viewing AppleTalk Route Table Statistics Viewing the AppleTalk ARP...

Page 554: ...about the AppleTalk Global Statistics dialog box parameters Table 19 5 AppleTalk Global Statistical Dialog Box Parameters Parameter Number of Echo Req Tx Echo requests transmitted Echo Reply Rx Echo...

Page 555: ...eceived that had a short PDU in error TTL Expired Packets dropped because they timed out Checksum Error Packets which had checksum in error AARP Req Rx AppleTalk ARP requests received AARP Reply Rx Ap...

Page 556: ...istics table using the Web Agent 1 Select Interface Statistics from the Routing AppleTalk Display group on the Web Agent window The AppleTalk Interface Statistics Table opens Figure 19 21 Figure 19 21...

Page 557: ...route table and delete or flush entries from the table using the Web Agent 1 Select Route Table from the Routing AppleTalk Display group on the Web Agent window The AppleTalk Route Table opens Figure...

Page 558: ...ge Displays the network range Metric Displays the AppleTalk metric for the network range State Displays the state of the entry The options include Good Suspect Going Bad Bad Owner Displays the AppleTa...

Page 559: ...LI Web Agent Procedure To view AppleTalk route table statistics using the Web Agent 1 Select Route Table Statistics from the Routing AppleTalk Display group on the Web Agent window The AppleTalk Route...

Page 560: ...ppleTalk ARP Cache Table opens see Figure 19 24 Figure 19 24 AppleTalk ARP Cache Table 2 See Table 19 9 for a definition of the AppleTalk ARP Cache Table parameters Table 19 9 AppleTalk ARP Cache Tabl...

Page 561: ...all Viewing the AppleTalk Zone Table You can view the AppleTalk Zone table using either the Web Agent or the CLI Web Agent Procedure To view the AppleTalk zone table using the Web Agent 1 Select Zone...

Page 562: ...lk Zone Table Statistics using either the Web Agent or the CLI Web Agent Procedure To view AppleTalk zone table statistics using the Web Agent 1 Select Zone Table Statistics from the Routing AppleTalk...

Page 563: ...group on the Web Agent window The AppleTalk Zone Table opens Figure 19 25 2 See Table 19 12 for an explanation of the AppleTalk NBP Table parameters Table 19 11 AppleTalk Zone Table Statistical Parame...

Page 564: ...ser Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 19 CLI Command To view the AppleTalk NBP table using the CLI enter the following command from User mode show appletalk nbp cr n...

Page 565: ...ging the LGMP Client Managing CGMP Snooping For more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches...

Page 566: ...g All of the dynamic mechanisms are based on the assumption that the client host is running IGMP and is requesting membership in the IP multicast session Note If there is no multicast session created...

Page 567: ...also enables IGMP The Administration Process Management and Pruning At the core of all Intelligent Multicast functionality the Administration Process is manipulated by manual configuration and dynami...

Page 568: ...ssemination Process provides a method to dynamically configure multicast sessions on switches with VLANs that do not have IP interfaces See Figure 20 1 Figure 20 1 LGMP and CGMP Snooping Switch 1 will...

Page 569: ...Deleting an Intelligent Multicast Session Deleting a Multicast Session Client Port Creating a Static Multicast Session Deleting Static Multicast Sessions Creating Static Client Ports Deleting Static C...

Page 570: ...hes v6 0 Chapter 20 Figure 20 2 Intelligent Multicasting Global Configuration Dialog Box Note In order to route multicast traffic IP multicast forwarding must be enabled on the switch See Enabling IP...

Page 571: ...ue is Enable Time Enter the time in seconds after which quiet learned router ports can be pruned The valid range in seconds is 10 to 172800 48 hours The default value is 120 seconds Automatic Session...

Page 572: ...ter Ports You can display router ports using either the Web Agent or the CLI Web Agent Procedure To display router ports using the Web Agent 1 Select Global Configuration from the L2 Switching Intelli...

Page 573: ...l Configuration from the L2 Switching Intelligent Multicast group on the Web Agent window The Intelligent Multicast Global Configuration dialog box opens Figure 20 2 Note You must enable intelligent m...

Page 574: ...and VTP Snooping in Chapter 6 5 Click CREATE to save your changes CLI Command To configure a static router port using the CLI enter the following command from Configure mode configure set intelligent...

Page 575: ...arameter Search Value IP Subnet IP Address enter the IP address on which you want to perform a search IP Address Mask Enter the associated IP Address mask MAC Address Enter the MAC address on which yo...

Page 576: ...nation of the Multicast Sessions dialog box parameters Table 20 4 Multicast Sessions Dialog Box Parameters Parameter Definition Select Select the multicast session Session ID Displays the multicast se...

Page 577: ...o begin the search for the multicast session The Multicast Sessions dialog box opens with the search results Figure 20 5 3 Select the checkbox next to the multicast session that you want to delete and...

Page 578: ...t SEARCH to begin the search for the multicast session The Multicast sessions Dialog Box opens with the search results Figure 20 5 3 Select the client port number from the Client Ports column The Mult...

Page 579: ...a Static Multicast Session You can create a static multicast session using either the Web Agent or the CLI Web Agent Procedure To create a new static multicast session using the Web Agent 1 Select St...

Page 580: ...ettings Table 20 6 Static Multicast Session Configuration Dialog Box Parameters Parameter Definition IP Address Enter the IP address of the new static multicast session The range must be between 224 0...

Page 581: ...tic multicast session using the Web Agent 1 Select Static Sessions from L2 Intelligent Multicast group on the Web Agent window The Static Multicast Sessions dialog box opens Figure 20 9 2 See Table 20...

Page 582: ...ons on VLANs that the port is bound to or on sessions created for All VLANs Web Agent Procedure To create a static client port using the Web Agent 1 Select Static Sessions from L2 Intelligent Multicas...

Page 583: ...be deleted from either the Web or the CLI Web Agent Procedure To delete static client ports using the Web Agent 1 Select Static Sessions from L2 Intelligent Multicast group on the Web Agent window Th...

Page 584: ...ooping You can enable IGMP snooping using either the Web Agent or the CLI Web Agent Procedure To enable IGMP Snooping using the Web Agent 1 Select IGMP Snooping from the L2 Intelligent Multicast group...

Page 585: ...2 See Table 20 8 for an explanation of the IGMP Snooping dialog box parameters 3 Click CLEAR to clear the statistics REFRESH to refresh the contents of the table Table 20 8 IGMP Snooping Dialog Box P...

Page 586: ...iewing the LGMP Server Statistics Viewing the LGMP Server Statistics per VLAN Configuring the LGMP Server You can configure the LGMP server using either the Web Agent or the CLI Web Agent Procedure To...

Page 587: ...Managing Intelligent Multicasting Figure 20 12 LGMP Server Configuration Dialog Box 2 See Table 20 9 to configure the LGMP Server Configuration dialog box parameters 3 Click APPLY to save your change...

Page 588: ...wer the number the more likely it will win the election The valid range is 0 to 255 The default value is 128 Router Report Time The time interval in seconds between router reports sent by the LGMP ser...

Page 589: ...e Transmission Statistics Report Displays the number of LGMP report messages transmitted Leave Displays the number of LGMP leave messages transmitted End Session Displays the number of LGMP end sessio...

Page 590: ...the LGMP server display per VLAN using the Web Agent 1 Select LGMP Server from the L2 Intelligent Multicast group on the Web Agent window The LGMP Server Select the number from the LGMP Servers column...

Page 591: ...ort Displays the number of LGMP report messages transmitted per VLAN Leave Displays the number of LGMP leave messages transmitted per VLAN End Session Displays the number of LGMP end session messages...

Page 592: ...atest information CLI Command To view the LGMP server statistics per VLAN using the CLI enter the following command from Configure mode configure show lgmp server statistics VLAN options Managing the...

Page 593: ...uration Dialog Box Table 20 11 LGMP Client Configuration Dialog Box Parameters Parameter Definition Enable State Select to enable or disable LGMP client The default value is Disabled LGMP Clients Disp...

Page 594: ...P leave messages received End Session Displays the number of LGMP end session messages received Router Report Displays the number of LGMP router report messages received Router Leave Displays the numb...

Page 595: ...nt Configuration dialog box opens Figure 20 14 2 See Table 20 11 for an explanation of the LGMP Client Configuration dialog box parameters 3 Click CLEAR to clear the statistics or REFRESH to refresh t...

Page 596: ...f the LGMP Client Display per VLAN dialog box parameters 4 Click CLEAR to reset selected row information CLEAR ALL to reset all statistics REFRESH to view the latest information Table 20 12 LGMP Clien...

Page 597: ...r of LGMP end session messages received per VLAN Router Report Displays the number of LGMP router report messages received per VLAN Router Leave Displays the number of LGMP router leaves messages rece...

Page 598: ...e CGMP Snooping using either the web agent or the CLI Web Agent Procedure To enable CGMP snooping using the Web Agent 1 Select CGMP Snooping from the L2 Intelligent Multicast group on the Web Agent wi...

Page 599: ...ed Displays the number of CGMP leave messages received Unknown Messages Received Displays the number of unknown CGMP messages received Intelligent Multicast Session Statistics New Sessions Created Dis...

Page 600: ...oping using the Web Agent 1 Select CGMP Snooping from the L2 Intelligent Multicast group on the Web Agent window The CGMP Snooping dialog box opens Figure 20 16 2 View the CGMP Snooping dialog box fie...

Page 601: ...more information about the CLI commands that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Interpreting Front Panel...

Page 602: ...t Procedure To view the Active Alarm Table using the Web Agent 1 Select Active Alarms from the Events group on the Web Agent window The Active Alarm Table opens Figure 21 1 Port Solid green Port enabl...

Page 603: ...can set the size of the table Because these events are stored in switch memory the list is cleared each time the switch reboots Shutdown Log stores the same information as the event Log but generally...

Page 604: ...re To configure event notification 1 In the navigation pane expand the Events folder and then click General Events The General Event Management Web page is displayed in the content pane See Figure 21...

Page 605: ...21 2 Event Classes Class Determines whether the switch sends a notification for Start Starts of the system System System events Configuration Each configuration change for example enabling and disabli...

Page 606: ...thorized SNMP activity Redundant CPU Changes in status of a redundant CPU Notification is sent if The status changes from standby to active or vice versa The active supervisor loses or establishes con...

Page 607: ...log ssl_ssh To forward events to syslog servers configure set syslog facility start system config temp resource fan service_port user_port power bridge_stat switch_fabric ospf rip ldap appletalk auth_...

Page 608: ...n the content pane See Figure 21 3 Figure 21 3 Protocol Event Management Web Page 2 Enable the categories of protocol events for which you want to generate notifications See Table 21 3 for an explanat...

Page 609: ...n the content pane See Figure 21 2 2 In the Max Log Entries field for the event log select the number of entries that you want the event log to store The default setting is 512 entries 3 In the Max Lo...

Page 610: ...r the Web Agent or the CLI Web Agent Procedure To view the event log or shutdown log using the Web Agent 1 In the navigation pane expand the Events folder and then click either Event Log or Shutdown L...

Page 611: ...event log or shutdown log is displayed Figure 21 5 Event Log Web page Table 21 4 Event Log Fields Entry Definition Log ID Displays the number of this event in the log FIFO First In First Out Event ID...

Page 612: ...on pane expand the Events folder and then click Event Log The Event Log Search Web page is displayed in the content pane See Figure 21 4 2 Click CLEAR EVENT LOG CLI Command To clear the event log use...

Page 613: ...you set the severity to Warning error messages of severities Warning Error Alert and Emergency are logged Table 21 5 Event Statistics Window Parameters Parameter Definition Event Log wraps Displays t...

Page 614: ...remote syslog servers For information on SNTP see Enabling the Simple Network Time Protocol in Chapter 3 Configuring System Information You can also set the event types also called facilities for whic...

Page 615: ...rs 5 In the Severity field select a severity level See Table 21 6 for more information about each severity level The default setting for this field is error The switch logs error messages of the sever...

Page 616: ...hat the 80 series forwarding engines route This statistic includes packets routed by the forwarding engines on 80 series media modules FIRE and on the supervisor module FORE For more information about...

Page 617: ...iguration mode and use the following command set utilization threshold event cpu forwarding engine The default setting for event logging of utilization is disabled If you enable event logging of utili...

Page 618: ...pacity of the supervisor module to forward slow path traffic When 100 utilization is reached the performance of the switch may degrade FIRE Sets the high threshold for utilization of the forwarding en...

Page 619: ...ing is disabled Forwarding Engine monitoring is disabled CPU threshold level is 95 percent Forwarding Engines FIRE threshold level is 95 percent FORE threshold level is 95 percent CPU threshold event...

Page 620: ...isplay the statistics for forwarding engine utilization use the following command show utilization results forwarding engine chip fabport chip index You can enter this command from user mode Note For...

Page 621: ...ine Total Packet Rate 28843 PPS Routing Component IPU Packet Rate 28835 PPS Routing Component IPM Packet Rate 0 PPS Routing Component IPX Packet Rate 0 PPS Statistic History sorted from most recent to...

Page 622: ...21 22 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 21...

Page 623: ...he volume of traffic that the 10 Gigabit module can process and its internal architecture the module can cause the number of entries in the Layer 3 forwarding cache to reach the default maximum of 130...

Page 624: ...system entries as necessary You may need to adjust the setting initially to accommodate peaks in network demand Configuring the Forwarding Cache You can configure the forwarding cache using the Web A...

Page 625: ...cast and IPX protocols The options are DA only Forwarding entries input to the forwarding table are limited to using protocol destination address only SA DA Forwarding entries input to the forwarding...

Page 626: ...isplaying Frame Forwarding Statistics Displaying and Searching the L3 Forwarding Cache for an Entry Displaying Frame Forwarding Statistics The frame forwarding statistics indicate the performance of e...

Page 627: ...ess cache entries L3 Slow Path Frames Number of frames received on a fabric port that were not successfully matched against existing forwarding entries in the layer 3 L3 address cache Subsequently the...

Page 628: ...all options by not selecting any options and clicking on the search button Note Layer 3 Active Forwarding Cache entry Search is available with the Web Agent only no CLI version To search the L3 addre...

Page 629: ...P address or IPX network number Protocol By protocol identifier By default this field is 0 for IP Destination Port Within the routing cache that match the specified destination port IPU IPM IPX Source...

Page 630: ...he specific routing cache configure show ip unicast cache configure show ip multicast cache configure show ipx cache Displaying the Forwarding Cache You can display the Forwarding cache information us...

Page 631: ...the following Select the entry and click Flush Entry to delete one or more entries Click Flush Table to clear the entire table Note Flushing the table will disrupt traffic flow and clear all Forwardin...

Page 632: ...this number reaches the Maximum Entries setting for the protocol you may want to enable a short lived protocol filter to conserve the forwarding engine resources For information on how to enable a sho...

Page 633: ...ds that are mentioned in this chapter see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6 0 Viewing Network Statistics You can view a variety of statistics...

Page 634: ...Counters to get a fresh view of the statistics being gathered This resets all of the counters to zero so that you can track the counters from a specific point forward 3 Select a module from the Module...

Page 635: ...track the counters from a particular point forward 5 Select a port from the Name column to view statistics for that specific port The Ethernet Interface Statistics Web page opens Figure 23 3 Figure 23...

Page 636: ...e interface A sharp increase could indicate a need to reconfigure the network However octets are a better indication of bandwidth utilization Broadcasts Broadcast packets are a normal part of network...

Page 637: ...rs represent transit and receive bit errors The Ethernet standard allows 1 in 108 bit error rate but you should expect performance to be less than 1 in 1012 packets Rates in excess of one error per on...

Page 638: ...rence on network cabling A Transceiver attached to the Repeater is generating Signal Quality Errors SQE Possible actions respectively Inspect cable runs to see if they are too close to noisy devices a...

Page 639: ...d on the network Collisions increase as network use of shared segments increases Therefore if the collision rate increases without an increase of network use it might indicate a problem Guidelines for...

Page 640: ...mirroring works with 50 series modules Fabric mode 2 port mirroring works with 80 series modules Note If you use port mirroring the Frame Tags field on the Switch Port Configuration Web page for the...

Page 641: ...er Definition Configure Source Select the configuration source port Provides a link to the Port Mirroring Configuration Web page Source Port Displays the port under investigation Mirror Port Displays...

Page 642: ...ct a particular source port associated with the selected fabric port You can also select all ports Note To mirror inbound traffic only select a source port and a mirror port not a piggyback port Mirro...

Page 643: ...do not support piggyback ports Fabric mode 1 port mirroring works with 50 series modules Fabric mode 2 port mirroring works with 80 series modules If you set up a piggyback port multicast traffic that...

Page 644: ...set up port mirroring on a port that is administratively disabled and you configure the disabled port as a source or mirror port note the following Traffic sent to a disabled source port will be lost...

Page 645: ...kets are dropped at random if packets are dropped from either the source or the mirror traffic or both there is no guarantee that the mirror traffic will match the source traffic Note Fabric mode 2 po...

Page 646: ...rough 2 on channel 1 and port 2 on channel 2 simultaneously 8 port gigabit modules 1 4 5 8 Any single port You can mirror any four single ports simultaneously one port per channel However you cannot m...

Page 647: ...to monitor only traffic with a specific source MAC address or destination MAC address Note Do not set the source MAC address in the Destination Filter field Setting a Source MAC address in the Destin...

Page 648: ...Type column In the Max Packets per Second column enter the maximum number of packets per second that you want the mirror port to receive Disable or Always in the Sampler Type column Go to step 8 Tabl...

Page 649: ...eld Sampler Type Specifies how often you want the mirror port to receive traffic samples Options are Disable Always Periodic Max Packets per Second The maximum number of packets per second that you wa...

Page 650: ...or Web Agent Procedure To remove a port mirror on a switch in Fabric mode 2 by using the Web Agent 1 Expand the Modules Ports folder 2 Click Port Mirroring The Port Mirroring Information page opens 3...

Page 651: ...CLI Command To view information about a Fabric mode 2 port mirror use the following CLI command configure show port mirror Fabric_mode2 This command displays the source ports mirror port direction be...

Page 652: ...23 20 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 23...

Page 653: ...hold 256K bytes Architecturally they can support up to 1 MB each Each buffer is divided into two queues one for High priority Traffic and one for Normal priority Traffic The factory default is for the...

Page 654: ...frames destined for a particular buffer will be dropped This should only occur in a case where the output port is very congested However there is an optional mode in which normal priority frames are n...

Page 655: ...Figure 24 1 Module Information Dialog Box 2 Select the module whose buffers you want to manage from the Select column 3 Select the Module number for that module from the Buffer Management column The B...

Page 656: ...bric port opens Figure 24 3 Table 24 1 Buffer Management Dialog Box Parameters Parameter Definition Fabric Port Buffers Displays the port s fabric port buffers and allows you to open the Buffer Detail...

Page 657: ...e 24 2 Buffer Detail Configuration Dialog Box Parameters Parameter Definition Memory Displays the amount of physical memory associated with this buffer Age Timer Displays the amount of time a packet r...

Page 658: ...rity Service Ratio Allows you to set how many times the high priority queue is serviced for each time the low priority queue is serviced The ideal value changes from queue to queue but the goal is to...

Page 659: ...t Fast Ethernet buffers Physical Port ports have additional buffers on both the input and output ports 8 Click APPLY to save your changes or CANCEL to restore previous settings CLI Command To manage b...

Page 660: ...24 8 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 24...

Page 661: ...receives the priority it requires while also ensuring that the switch services other low priority data The QoS features are supported only on 80 series modules Fifty series modules do not support the...

Page 662: ...mplement QoS you must have a thorough knowledge of the traffic patterns in the network You need this information to Classify traffic and assign it the required priority and bandwidth Identify the area...

Page 663: ...or destination MAC address The DiffServ code point The IP protocol assigned by means of an ACL rule The source or destination IP address assigned by means of an ACL rule The source or destination TCP...

Page 664: ...ores packets in the queue that matches their priority 4 The switch forwards the VoIP traffic in queue 5 as long as its bit rate does not exceed 5 Mbps If the bit rate of the queue exceeds 5 Mbps the s...

Page 665: ...ss of the VoIP flow VoIP traffic cannot tolerate latency or frame loss so it needs a high priority to ensure its timely delivery Note Priority 5 serves as an example only Actual implementations may va...

Page 666: ...ess port NOTE If policing is enabled the switch forwards traffic that falls within the maximum bit rate and drops traffic that exceeds the maximum bit rate Frame is stored in 1 of 8 egress priority qu...

Page 667: ...his new DSCP IP protocol assigned by means of an ACL rule Destination IP address assigned by means of an ACL rule Source IP address assigned by means of an ACL rule Layer 4 characteristics Destination...

Page 668: ...e to the 8 level priority system that 80 series modules use Classifying Traffic by Layer 2 Characteristics In addition to Cisco ISL tag 802 1p tag and physical port priority the switch can classify tr...

Page 669: ...ociated with the ACL replaces the current priority of the frame For information on how to set a rule in an ACL see Setting Up an ACL Rule later in this chapter Using a Default ACL Rule By default the...

Page 670: ...appropriate DSCP The switch then uses the DSCP to classify packets You can alternately set the switch to replace the DSCP in a packet with a different DSCP The switch then uses the new DSCP to classif...

Page 671: ...s the number of ingress and egress queues that are available on each module Table 25 2 Precedence of Priorities Layer Precedence of Priority Priority Used for Classification Layer 3 High ACL rule prio...

Page 672: ...8 sets of 8 queues 24 port 10 100 modules 1 set of 8 queues for ports 1 12 1 set of 8 queues for ports 13 24 Total 2 sets of 8 queues 1 set of 8 queues per port Total 24 sets of 8 queues 48 port 10 1...

Page 673: ...the chassis are set with the same priority priority The priority that you want to assign to the port or port range Enter a number between 0 and 7 The highest priority is 7 Each physical port has a def...

Page 674: ...m the switch ignores tag priorities on all ports of the module mod swport range The slot number of a module and either a port number or a range of port numbers having the format Px Py For example To s...

Page 675: ...nore tag priority 3 on Set ports 1 through 5 on the module in slot 3 to not ignore the 802 1p tag priority set port ignore tag priority 3 1 5 off Set ports 1 through 5 on the module in slot 3 and port...

Page 676: ...estination MAC address in the AFT to determine the priority of the frame entry priority The priority that you want to assign to the destination MAC address Enter a number between 0 and 7 da priority m...

Page 677: ...ith VLAN 50 Forward frames that have a source or destination MAC address of 00 00 00 00 00 55 Assign a priority of 7 to packets that have a destination MAC address of 00 00 00 00 00 55 set aft entry 0...

Page 678: ...rt range all ports on off Table 25 10 Keywords Arguments and Options Keyword Argument or Option Definition mod num The slot number of a module If you specify mod num all ports on the module are set to...

Page 679: ...rt mask diffserv mod num mod swport range mod num mod swport range all ports on off Table 25 11 Keywords Arguments and Options Keyword Argument or Option Definition mod num The slot number of a module...

Page 680: ...to DSCPs 15 through 63 enter set diffserv priority 7 dscp 15 63 on off Indicates whether the switch masks the three least significant bits of the DSCP Enter on to mask the bits Enter off to not mask...

Page 681: ...ag priority and if the port is set to use the DSCP for bridged IP traffic The syntax of the command is show port mod num mod swport range mod num mod swport range Table 25 13 Keywords Arguments and Op...

Page 682: ...addr Extended ACL configure access list access list name access list index permit use priority priority use diffserv mask remark diffserv dscp mask use l2 deny fwd1 fwd2 fwd3 fwd4 fwd5 fwd6 fwd7 fwd8...

Page 683: ...ignores the ACL rule priority and DiffServ priority deny Blocks the packet fwd1 fwd2 fwd3 fwd4 fwd5 fwd6 fwd7 fwd8 The priority that you want to set The number following the fwd specifies the priority...

Page 684: ...e l2 the switch ignores the ACL rule priority and DiffServ priority deny Blocks the packet fwd1 fwd2 fwd3 fwd4 fwd5 fwd6 fwd7 fwd8 The priority that you want to set The number following the fwd specif...

Page 685: ...he destination IP address of the subnet that you want to assign a priority to dest wildcard The inverse of a network mask Enter a 32 bit number in four part dotted decimal format Place ones in the bit...

Page 686: ...source IP address in the 10 10 80 subnet Mask the three least significant bits of the DSCP access list MyAccessList1 6 permit remark diffserv 5 mask 10 10 80 0 0 0 0 255 Use the layer 2 priority of t...

Page 687: ...rt that is greater than 24 Destination IP address in the 6 6 subnet Destination port of 23 access list MyAccessList2 3 permit use priority 2 tcp 1 1 0 0 0 0 255 255 gt 24 6 6 0 0 0 0 255 255 eq 23 Rep...

Page 688: ...0 0 0 255 6 6 6 0 0 0 0 255 lt 2 established Use the DSCP to classify all UDP traffic that has a Source IP address of 7 7 7 7 Destination IP address of 8 8 8 8 Destination port between 33 and 44 Mask...

Page 689: ...of 512 for the default ACL rule For more information about how default ACL rules work see Classifying Traffic by Layer 3 or Layer 4 Characteristics earlier in this chapter Examples Table 25 17 Default...

Page 690: ...d This threshold sets the size of bursts that is guaranteed transfer The switch uses queue 0 to forward protocol packets ARP VRRP OSPF and so on to the supervisor module If you enable policing on queu...

Page 691: ...n Definition mod num The slot number of a module If you specify mod num policing is enabled for all ports on the module in the slot that you specify mod swport range The slot number of a module and ei...

Page 692: ...ble the queue Or 220 Kbps to 1 5 Gbps For Fabric mode 2 enter 0 to disable the queue Or 270 Kbps to 1 5 Gbps normal burst This threshold sets the maximum size of burst that is guaranteed transfer The...

Page 693: ...Argument or Option Definition mod num The slot number of a module If you specify mod num the switch displays the policing settings for all ports on the module in the slot that you specify mod swport...

Page 694: ...ng feature WFQ How WFQ Works WFQ is the default queue servicing algorithm When a port is set to use the WFQ algorithm each queue Is assigned a weight increment This value never changes Maintains an ac...

Page 695: ...es is increased by their weight increment Now queue 6 has an accumulated weight of 192 and queue 7 has an accumulated weight of 128 5 The switch services queue 6 because it has the higher accumulated...

Page 696: ...ort or mirror port are dropped the mirror traffic may not match the source traffic CBWFQ The class based weighted fair queueing CBWFQ algorithm is a combination of the CBQ and WFQ algorithms CBWFQ mak...

Page 697: ...e maximum size burst that is serviced by WFQ once the normal burst has been exceeded Bursts that are smaller than this size are serviced by WFQ Bursts that are larger than this size are dropped If you...

Page 698: ...m The slot number of a module If you specify mod num all ports on the module are set to use WFQ mod swport range The slot number of a module and either a port number or a range of port numbers having...

Page 699: ...t queue service 5 1 12 strict priority Table 25 22 Keywords Arguments and Options Keyword Argument or Option Definition mod num The slot number of a module If you specify mod num all ports on the modu...

Page 700: ...he module are set to use CBQ mod swport range The slot number of a module and either a port number or a range of port numbers having the format Px Py For example To specify port 1 on the module in slo...

Page 701: ...use CBQ mod swport range The slot number of a module and either a port number or a range of port numbers having the format Px Py For example To specify port 1 on the module in slot 3 enter 3 1 To spec...

Page 702: ...r If you do not enter a multiple of four the switch rounds down the number that you enter to a multiple of four For example if you enter a normal burst size of 43 byes the switch converts the setting...

Page 703: ...this size are serviced by WFQ Bursts that are larger than this size are dropped If you set this threshold to the same value as normal burst the maximum burst capability is disabled The maximum burst...

Page 704: ...ice 3 1 Table 25 25 Keywords Arguments and Options Keyword Argument or Option Definition mod num The slot number of a module If you specify mod num the switch displays queue service settings for all p...

Page 705: ...ess ports And Table 25 29 lists the statistics that are displayed for egress queues For information on how to display the QoS Statistics see Displaying QoS Statistics later in this chapter Queue Stati...

Page 706: ...Frames Enqueued Above Threshold The total number of frames that were added to the queue when the number of frames in the queue exceeded the Threshold Full This number is cumulative since the last res...

Page 707: ...is cumulative since the last reset of the statistics The total number of frames that were forwarded from the queue The total number of frames that were removed from the queue and Bytes Dequeued The t...

Page 708: ...cs Frames Dropped Parity Error The number of frames that the port range dropped because they had a parity error This number is cumulative since the last reset of the statistics Frames Dropped Flood Ra...

Page 709: ...cumulative since the last reset of the statistics Frames Dropped Parity Error The number of frames that the port dropped because they had a parity error This number is cumulative since the last reset...

Page 710: ...ocation buffers The number of buffers that are allocated to a specific queue These buffers are dedicated to the queue and cannot be used by another queue Reserved Allocation bytes The number of bytes...

Page 711: ...pecify mod swport range The slot number of a module and either a port number or a range of port numbers having the format Px Py For example To specify port 1 on the module in slot 3 enter 3 1 To speci...

Page 712: ...mber of a module and either a port number or a range of port numbers having the format Px Py For example To specify port 1 on the module in slot 3 enter 3 1 To specify ports 1 through 5 on the module...

Page 713: ...of packet buffers that are allocated to the egress queues on all ports on the module that you specify mod swport range The slot number of a module and either a port number or a range of port numbers h...

Page 714: ...25 54 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0 Chapter 25...

Page 715: ...witch from v6 0 application software to an earlier version of software you must initialize NVRAM nvram initialize command If you do not initialize NVRAM before downgrading the application software the...

Page 716: ...counter any problem with the new downloaded software When upgrading the switch to v6 0 application software you must download v6 0 to the APP2 memory location If you download v6 0 to APP1 and store an...

Page 717: ...se the following command show flash This command displays information about the application software that is currently stored in APP1 and APP2 Backing Up the Previous Configuration Before you upgrade...

Page 718: ...page 3 In the Save Running Config to Startup Config field select Save 4 In the Copy Source field select Startup Config Note The Source File name may be left unspecified 5 In the Copy Destination field...

Page 719: ...application software you must download v6 0 to the APP2 memory location If you download v6 0 to APP1 and store an earlier version software in APP2 the 6 0 software is corrupted Once v6 0 software is...

Page 720: ...rget Section field select the memory location to which you want to download the new application software 6 In the Perform Update Now field select Update 7 In the Get Status of Most Recent Update field...

Page 721: ...rtup use the following CLI command configure boot system flash app1 app2 cardapp1 cardapp2 Synchronizing the Active and Standby Supervisor Modules If the switch has a redundant supervisor module you m...

Page 722: ...ules after upgrading the active supervisor to v6 0 from an earlier version of software you must manually reset the standby supervisor Resetting the Active Supervisor After setting the switch to load t...

Page 723: ...upervisor The previous procedure Resetting the Active Supervisor forces the Active Supervisor to Standby mode and the Standby Supervisor to the Active Supervisor mode To recover back to the original s...

Page 724: ...Bound to Hunt Group Ports If the switch has multiple VLANs statically bound to hunt group ports and you want to upgrade from application software earlier than v5 3 you must 1 Download the application...

Page 725: ...nnect a console to the supervisor Module See Chapter 2 Initial Configuration of the Installation Guide for the Avaya P550R P580 P880 and P882 Multiservice Switches Software Version 5 3 3 Press and Hol...

Page 726: ...s Restore default passwords ip IP Configuration manuf Get Set MAC address nvram Initializes NV RAM diags run upon reboot peek Read from memory ping Ping host tries delay poke Write to memory reset Res...

Page 727: ...Ensure the ethernet console port is connected to the network for a TFTP transfer 2 Enter the following command to assign an IP address to the ethernet console port Boot ip address ip address ip mask 3...

Page 728: ...Appendix B B 4 User Guide for the Avaya P580 and P882 Multiservice Switches v6 0...

Page 729: ...ce switches MIBs are categorized as follows AppleTalk Application Software Management ATM Uplink Bridging DVMRP General Private MIBs IGMP IP IPX Monitoring SNMP AppleTalk Standard MIB rfc1243 mib Appl...

Page 730: ...ing Tree Protocol DVMRP Private MIB cjndvmrp mib DVMRP MIB General Private MIBs avayagen mib Avaya top level MIB definitions aveisprod mib Product OIDs for the Avaya EIS division cjnroot mib Avaya P58...

Page 731: ...l Private MIBs l3fwd mib Layer 3 switching group added to Prominet txt cjnipifmgmt mib IP Interface Management MIB cjnipv4 mib IP version 4 mib extensions cjnipv4serv mib IP version 4 services MIB cjn...

Page 732: ...ort Copy Definitions genutil mib Avaya generic utilization MIB which includes CPU utilization and memory utilization cjnutil mib Avaya specific utilization mib which includes forwarding engine utiliza...

Page 733: ...les VCCI Notice Class A Computing Device This equipment is in the Class A category information equipment to be used in commercial and or industrial areas and conforms to the standards set by the Volun...

Page 734: ...ultiservice Switches v6 0 Avertissement Cet appareil est un appareil de Classe A Dans un environnement r sidentiel cet appareil peut provoquer des brouillages radio lectriques Dans ce cas il peut tre...

Page 735: ...cess list rules IP interface 13 5 access lists IP interface 13 1 access rule index IP access list parameters 13 7 13 10 access type IP access list parameters 13 8 13 10 Accessing BOOT Mode B 1 active...

Page 736: ...s 24 5 aged entries forwarding cache FE parameters 22 10 ageout persistence entry 9 18 aggregating bandwidth 6 12 aging Layer 3 cache configuration 22 3 aging interval multiplier IPX SAP interface par...

Page 737: ...pleTalk NBP table parameters index 19 33 interface 19 33 name 19 33 type 19 33 zone 19 33 AppleTalk overview 19 1 AppleTalk protocols supported 19 2 AppleTalk route table viewing 19 27 AppleTalk route...

Page 738: ...15 4 automatic client pruning automatic client pruning 20 7 automatic router pruning automatic router pruning 20 7 automatic session pruning automatic session pruning 20 7 automatic VLAN creation 6 4...

Page 739: ...tegory 10 100 port parameter 8 27 gigabit port parameters 8 16 8 20 CGMP packet reception statistics CGMP snooping parameters 20 35 CGMP snooper configuring viewing configuring CGMP snooper 20 34 20 3...

Page 740: ...guring the address table super age timer 9 9 Configuring the Age Timer and Super Age Timer Us ing the Web Agent 9 10 Configuring the IP Interface for the PPP Console 12 94 configuring the LGMP server...

Page 741: ...utes AppleTalk route table statistics 19 29 DVMRP routing statistical parameters 12 66 IP routing table statistical parameters 12 52 current number of zones AppleTalk zone table statistics 19 33 curre...

Page 742: ...aying global IP routing statistics 12 43 12 52 displaying IGMP global statistics 12 54 displaying IGMP local multicast forwarding cache 12 59 displaying IPX RIP interface statistics 10 1 displaying La...

Page 743: ...2 63 neighbor DVMRP routers 12 64 network address 12 63 next probe message in sec 12 63 state 12 63 type 12 63 unrecognized packets received 12 63 DVMRP interface statistics examining 12 62 DVMRP mult...

Page 744: ...e LGMP Server 20 22 enabling the rate limit mode Fast Ethernet module 8 26 enabling VRRP 12 75 encapsulation type AppleTalk interface parameters 19 6 end one time summer time hours configuration 3 9 s...

Page 745: ...Ethernet module configuring pace priority mode 8 26 rate limit rate 8 26 Fast Ethernet Modules 1 11 fault protocol event log settings 21 8 files copying 2 40 startup txt 2 36 filter suppress IPX RIP...

Page 746: ...e ports 8 13 8 17 8 18 8 22 8 28 gigabit module configuring flow control mode 8 15 8 19 8 25 port name 8 14 8 18 8 23 ports 8 14 8 18 8 23 service port 8 15 8 19 8 24 user port 8 15 8 19 8 24 gigabit...

Page 747: ...n parameters 8 33 switch port parameter 8 42 hunt group members viewing details 6 25 hunt groups 1 17 aggregate bandwidth 6 12 before configuring 6 12 I ICMP in address mask reply IP routing global st...

Page 748: ...t groups 12 57 query messages received 12 57 query messages transmitted 12 57 robustness variable 12 56 state 12 56 this router is group membership querier 12 56 unknown messages received 12 57 IGMP i...

Page 749: ...ce is pruned DVMRP downstream link parameters 12 74 upstream prune information 12 73 interface metric DVMRP interface parameters 12 42 interface scope DVMRP interface parameters 12 42 interface type D...

Page 750: ...uting 12 13 IP source routing 12 13 limit proxy ARP to same network 12 13 local routes 12 14 low preference static routes 12 14 maximum number of ARP cache entries 12 14 maximum number of routes 12 13...

Page 751: ...46 IP fragmentation OKs 12 46 IP in address errors 12 45 IP in delivers 12 45 IP in discards 12 45 IP in header errors 12 44 IP in receives 12 44 IP in unknown protocols 12 45 IP multicast forward dat...

Page 752: ...ies 16 18 IPX out ping requests 16 18 IPX out requests 16 18 maximum number of services 16 5 IPX in checksum errors IPX global parameters 16 18 IPX in delivery IPX global parameters 16 17 IPX in disca...

Page 753: ...dates 18 3 use interpacket gap 18 2 use max packet size 18 2 IPX SAP interface statistical parameters bad packets received 17 8 18 12 GNS requests received 18 12 GNS responses sent 18 12 interface 17...

Page 754: ...2 5 L3 total T2 frame forwarding statistical parameters 22 5 LAN router configuration 12 4 last change LDAP statistics 12 92 Layer 2 event log 21 3 redundant switch matrix and controller module 1 18 s...

Page 755: ...transmission statistics LGMP server display per VLAN parameters 20 27 LGMP server 20 25 LGMP server configuration 20 22 20 25 20 26 20 28 LGMP server configuration parameters enable state 20 24 intel...

Page 756: ...bal configuration parameters 12 14 maximum number of paths OSPF global configuration parameters 15 4 maximum number of routes DVMRP parameters 12 40 IP global configuration parameters 12 13 maximum nu...

Page 757: ...lter parameters 18 5 IPX service table parameter 16 23 spanning tree bridge port parameters 7 15 switch port parameter 8 42 NBP filter adding interfaces 19 18 19 19 19 23 deleting interfaces 19 18 19...

Page 758: ...rameter 16 14 node address IPX interface 16 8 non tagged access mode definition 1 10 non triggered updates sent IPX SAP interface statistical parameters 17 8 18 12 RIP statistical parameters 14 9 14 1...

Page 759: ...D 15 26 checksum 15 26 detail link 15 26 LS ID 15 26 router ID 15 26 sequence 15 26 type 15 26 OSPF link state database search parameters area ID 15 25 router ID 15 25 type 15 25 OSPF neighbors parame...

Page 760: ...ing statistical parameters 22 5 percent slow path frame forwarding statistical parameters 22 5 performing a system reset 3 16 periodic update interval IPX SAP interface parameters 18 2 permanent inval...

Page 761: ...er management table parameters 24 6 probe message received DVMRP global statistical parameters 12 61 probe messages transmitted DVMRP global statistical parameters 12 62 process leave packets IGMP int...

Page 762: ...t A 8 resource event class parameters 21 5 retransmit interval OSPF interface parameters 15 10 OSPF virtual link parameters 15 13 retry number RADIUS configuration parameters 4 26 retry time RADIUS co...

Page 763: ...router 12 70 router supports prune function DVMRP downstream dependent router 12 70 routing hardware requirements 12 3 16 3 Layer 2 overview 1 22 Layer 3 learned overview 1 22 Layer 3 not learned over...

Page 764: ...rameter 9 12 SNMP Administration 2 25 2 28 SNTP enabling 3 3 3 4 socket IPX service table parameter 16 24 IPX static service parameter 16 14 source IP routing table search parameters 12 50 IPX route t...

Page 765: ...r display per VLAN parameters 20 27 OSPF link parameters 15 21 OSPF neighbors parameters 15 22 RIP statistical parameters 14 11 spanning tree bridge port parameters 7 16 VRRP statistical parameters 12...

Page 766: ...erforming 3 16 T TblInst address forwarding table parameters 9 17 TCP established IP access list parameters 13 11 TCP UDP destination port IP access list parameters 13 11 TCP UDP source port IP access...

Page 767: ...table parameter 16 24 IPX static service parameter 16 14 LSA detail 15 27 multicast session parameters 20 12 OSPF link parameters 15 21 OSPF link state database parameter 15 26 OSPF link state databa...

Page 768: ...64 viewing DVMRP upstream routers 12 68 viewing Ethernet statistics 23 1 23 7 viewing event and shutdown logs 21 10 21 12 viewing event statistics 21 7 21 10 21 12 viewing IGMP interface statistics 1...

Page 769: ...r owner override 12 81 advertisement timer 12 80 auth key 12 80 interface 12 79 IP address 12 79 priority 12 79 VR ID 12 79 VRRP overview configuring 12 75 VRRP router creating 12 77 VRRP statistical...

Page 770: ...istics 19 25 Zip Reply Rx AppleTalk global statistics 19 26 Zip Reply Tx AppleTalk global statistics 19 26 zone AppleTalk interface parameters 19 6 AppleTalk NBP table parameters 19 33 AppleTalk stati...

Reviews:

No comments