manualshive.com logo in svg

Ericsson EFN324, User Manual, Page: 68 / 176

Share
Download
Ericsson EFN324 User Manual Download Page 68

IndexIndex

attack, where high numbers of TCP SYN messages are sent towards a host in 
order to drain its execution capacity, is an example of attack that may be 

stopped. IP source address filtering immediately stops packets with false IP 
source addresses. 

The EFN324 gets information about valid IP addresses in two ways. Static IP 
addresses can be configured for each End­user by the operator. Alternatively, 

the EFN324 learns IP addresses dynamically by DHCP snooping. The two 
methods do not exclude each other, since it is possible to simultaneously have 

both static and dynamic addresses for an End­user. 

8.2.1

Configuration of IP Validation

Set ‘switching_rule’ to ‘ip_validation’ in ‘vlan’. Also set an ‘uplink’ and optionally 
a ‘gateway’

.

Valid IP addresses may be ‘static’ or ‘dynamic’. Static addresses are added to, 
or removed from, the connection object using 

add

 and 

remove

 commands. For 

example:

add connection vlan 1 ethernet_port 1 static_ip_addresses

 

<

IPv4­ADDRESS>

Dynamic addresses are learned by the EFN324 by snooping DHCP ACK 

messages on their way from the DHCP server to the End­user. It is possible to 
set a maximum number of dynamically learned IP addresses that can be set 

and saved per switching domain and End­user port.

Both static and learnt IP addresses may be read out from each connection 

object. 

Setting max_dynamic_ip_addresses to zero means that dynamic IP addresses 

are not allowed. In that case static IP addresses must be defined. Note that 
static IP addresses may be defined even though dynamic IP addresses are 

allowed.

8.2.2

IP Validation to Host Port

IP validation, and other forced forwarding mechanisms, are primarily intended 
for use on End­user connections. IP validation may also be applied on 

connections to the host port. This is, however, unnecessary. The host is an 
internal system function and must be considered ‘safe’. In addition, the use of 

a Management VLAN, see section 10.3 on page 79, eliminates the need for 
extra forced forwarding security mechanisms. 

Summary of Contents for EFN324

Page 1: ...EFN324 User Guide EDA 1200...

Page 2: ...t Trademark List Windows Windows is a registered trademark of Microsoft Corporation Apache Apache is a trademark of The Apache Software Foundation Extreme Networks Extreme Networks is a registered tra...

Page 3: ...n 6 4 Basic Concepts 8 5 Switching Functions 27 6 Topologies 48 7 Configuring Connections 54 8 Security Functions 60 9 Network Functions 72 10 System Functions 77 11 Maintenance 81 12 EFN324 Alarms 84...

Page 4: ...Error No text of specified style in document Glossary 168 Index 170...

Page 5: ...erwritten by the management system Throughout this guide the EFN324 is also referred to as the EFN and an Ethernet access switch These terms are interchangeable The guide can be printed on a monochrom...

Page 6: ...has been updated The illustrations and descriptions in section 5 5 on page 39 updated to make them easier to understand Connection Bandwidth limitation description added in section 4 10 1 on page 21...

Page 7: ...of the debugging commands including packet_logger and trace_logger commands included see section 13 10 on page 158 1 2 Conventions The following conventions apply to textual instructions not screen sh...

Page 8: ...ndexIndex argument1 argument2 the brackets and pipe indicate that either argument1 or argument 2 can be used as a value for this parameter Press CTRL X means hold down the Ctrl key and press the x key...

Page 9: ...Node but it may also when required interact with higher levels as a Layer 2 Ethernet switch Such interventions are broad ranging and include for example the following Snooping information from higher...

Page 10: ...324df and EFN324f have 24 FE optical interfaces and two combo optical electrical Gb ports The EFN324c has 24 FE electrical interfaces and two combo optical electrical Gb ports Figure 2 EFN324c Front P...

Page 11: ...ing operation major HW error Green Red ______ Normal operation Port LEDs Port Status The Gb ports indicators are O or E indicating whether the optical or electrical port is used Green ______ The port...

Page 12: ...host processor Network processor handles receiving of incoming packets from and sending of out going packets to the Ethernet links It handles most switching decisions independently of the host process...

Page 13: ...is required for it to happen Examples of this type of traffic are control messages from host processor to network processor and packets forwarded from the network processor to the host processor durin...

Page 14: ...nfiguration The initial configuration using CLI commands also defines the network mask and default gateway IP address See the EFN324 Installation Guide for the commands used during initial configurati...

Page 15: ...f the system are expressed or modeled in the CLI as Resources The MIB interface uses a similar model The Resource concept resembles objects in object oriented programming Instead of resource words lik...

Page 16: ...and set by the system itself Info attributes Info parameters are set at the factory during production and are not supposed to be changed during the system lifetime The values of all types of parameter...

Page 17: ...ique used to logically separate several independent networks that share a common physical infrastructure The IEEE 802 1Q standard describes how a 4 byte tag is inserted into Ethernet packets between t...

Page 18: ...Type length field Frame check sequence Data 0 1500 bytes and Pad 46 0 bytes Original DIX type II Ethernet frame also called untagged Dest address Source address Type length field Frame check sequence...

Page 19: ...nconsistent in relating the terms Outer and Inner VLAN and the terms used in the CLI tag second_tag When one tag is present tag denotes the Outer VLAN but with two VLAN tags tag denotes the Inner VLAN...

Page 20: ...page 16 lists the possible ways to define the ingress configuration The outer VLAN ID is the only mandatory parameter Table 3 Ingress Connection Definitions Outer VLAN ID tags for single tagged frame...

Page 21: ...affic use this to send untagged traffic from the EFN with no regards to the format of the incoming packets 2 Single tagged frame in Single tagged frame out use this to send a single tagged frame out w...

Page 22: ...f incoming outer tag tagged Idy Ethertyp e or transparent tagged Idx Ethertype Idy Ethertyp e or Ethertype of incoming outer tag Idx Ethertyp e transparent Idy Etherty pe or Ethertype of incoming oute...

Page 23: ...hen there is only one VLAN tag in the outgoing packet Ethertype Ethertype The following types can be specified q_vlan 0x8100 s vlan 0x88A8 vman_vlan 0x9100 s_vlan 0x9200 Not applicable This value must...

Page 24: ...travel through the switch the following two connections must be defined The ingress connection the connection between the ingress port on which the packet arrived and a switching domain The egress co...

Page 25: ...nnection it will limit the following traffic types Applied on an Ingress connection unicast and broadcast packets Applied on an Egress connection unicast Multicast and broadcast packets Unless VLAN pe...

Page 26: ...ueue The reliability indicates whether the packet should be discarded if the EFN324 has insufficient empty buffers The higher the priority the faster the packets are sent out The higher the reliabilit...

Page 27: ...port Z output stream toward port Y output stream toward the port X output stream toward port X Figure 12 Flow Directions As illustrated flows within the connections between the switching domain and t...

Page 28: ...n command is defined as p bits in this case all frames belonging to the configured vlan and tagged with any p bit 0 7 will go through the corresponding flows 1 4 There is no configuration possible tha...

Page 29: ...traffic is forwarded to the default flow since non IP packets do not contain the DSCP field for example ARPs and PPPoE packets When p bit is the flow selection criteria on the connection the default...

Page 30: ...vent is generated 4 12 3 Fallback to restarting DHCP IPSec negotiation can be restarted by doing a new DHCP discover this implies that state will fallback to idle The fallback to idle is implemented b...

Page 31: ...d ending with options like IP validation Quality of Service and so on 5 1 Main Switching Steps When a packet arrives at an Ethernet port the main question is whether there is a matching ingress connec...

Page 32: ...cket is placed in one of four priority queues and sent in the order decided by the scheduling algorithm Capacity limits are checked at the egress ports and to a certain extent at the ingress port swit...

Page 33: ...s port the following actions are taken Arriving frame FCS error Discard Null DA PAUSE etc Discard Bridge and STP port state Depending on port state internal processing Connection to vlan exists Discar...

Page 34: ...PAUSE messages intended for Layer 2 flow control it is discarded 4 Port and Bridge States The processing at Layer 2 depends on the bridge state and the port state The states are determined based on ei...

Page 35: ...processing they are switched in the same way as other packets 8 Connection to Switching Domain After the introductory checks and classifications the actual switching work begins The ingress port swit...

Page 36: ...the measures specified at global_filter_1 are taken When matching gives a positive result the other global filters are skipped If the match is negative matching will continue with global_filter 2 If m...

Page 37: ...primarily to unicast packets Multicast and broadcast are described in sections 5 3 3 on page 36 and 5 3 4 on page 37 5 3 1 Internal Topology When a packet is switched through a switching domain connec...

Page 38: ...nnects to an underlying EFN324 is designated as transit link Figure 17 Daisy Chained EFN324 When transit links are defined the switching domain switching rules are slightly modified When no ordinary p...

Page 39: ...lso be defined This is discussed further in section 8 1 on page 60 When a gateway is defined all packets not originating from the uplink will have their destination MAC addresses rewritten as the MAC...

Page 40: ...r links If PPPoE is selected the Ethertype of the packets is checked Packets without Ethertype 0x8863 or 0x8864 are discarded 5 3 3 Switching Domain Multicast There are four options for handling multi...

Page 41: ...s add connection vlan vlan ethernet_port port valid_multicast_groups IP_address which is used to set the multicast addresses that the user is allowed to subscribe to For detailed information on these...

Page 42: ...Service Quality of Service functions are performed as described in section 5 5 2 on page 43 2 VLAN Tagging The packet is provided with the VLAN Tag or tags defined for the egress connection Note that...

Page 43: ...the basis of the flow_selector parameter of the connect command which can assume the values p bit dscp or none In the following is described the mapping in case of p bit or dscp Flow 1 flow id values...

Page 44: ...pstream Downstream output stream toward the network port output stream toward the network port output stream toward the user port output stream toward the user port Fi gure 20 VLANs and Flows The Qual...

Page 45: ...w 1 Switching domain Flow selection Egress Port Overflow handling Q Highest Q High Q Medium Q Low Scheduler Port traffic handling Flow 2 Discard Discard Discard Ingress Connection Egress Connection Ba...

Page 46: ...er Flow For QoS processing each packet is processed in the flow to which it belongs For each flow the following actions are performed The out queue buffer memory is checked If for the flow reliability...

Page 47: ...hat is to be sent out of the port traffic from all VLANs and all flows Overflow handling As has already been described under ingress quality of service if the memory buffers are filled over certain li...

Page 48: ...t in first out Strict priority the waiting packet with the highest priority is sent first using first in first out within each priority group Weighted fair queuing Deficit Round Robin packets with low...

Page 49: ...rking transparent set connection_flow node_level flow 3 priority high reliability high marking 4 set connection_flow node_level flow 4 priority highest reliability highest marking 6 Business customers...

Page 50: ...p bit 3 frames tagged with p bit 4 5 will be headed to flow 3 the marking in QoS Flow_3 is defined marking 4 so frames will exit with the modified p bit 4 frames tagged with p bit 6 7 will be headed t...

Page 51: ...an 101 ethernet_port 25 egress tag transparent p_tag transparent second_tag 1001 second_p_tag transparent ingress tags second_tags 1001 flow_selector p_bits default_flow 1 flows 1 4 set vlan 101 uplin...

Page 52: ...the topologies For consistency port 25 is used as the transit port and port 26 as the uplink port in this section 6 1 Stand alone Topologies EFN324 may be used as a stand alone node In other words th...

Page 53: ...topology To enable traffic the operator must configure the chain using the following CLI command in each EFN324 set vlan 1 transit_link ethernet_port 25 uplink ethernet_port 26 Note that this example...

Page 54: ...for information on using Rapid Spanning Tree 6 2 Embedded Topologies EFN324 may also be used as an embedded node In other words the EFN324 is part of an Ethernet Access Node EAN and is managed via an...

Page 55: ...ese nodes 6 2 2 Using an ESN212 Flexible Block Uplink EFN324 embedded flexible blocks can be connected directly to an ESN212 flexible block as shown in Figure 24 on page 51 In addition to the basic re...

Page 56: ...tches traffic is forwarded as best effort in other words with the lowest of each QoS parameter A transit switching domain must be configured manually in the Ethernet access switches VLAN 2 is reserved...

Page 57: ...T are configured as transit link ports while ports marked U are configured as uplinks The figure also shows the service switching domains labeled x and y configured automatically by PEM ECN330 or 430...

Page 58: ...Switching Domain Objects Defining Connections By default the CLI connect command creates the following two way connection An ingress connection from the port to the switching domain An egress connect...

Page 59: ...efore the packet is switched out on an egress port Otherwise the packet is discarded at the switching domain 7 1 Connection Configuration Example The following example has five connections Ingress con...

Page 60: ...xamples of Switching Behavior Incoming packet Switch decisions Untagged Forwarded to switching domain 2 from switching domain 2 forwarded to port 5 A VLAN Tag with VLAN ID 22 is inserted in the packet...

Page 61: ...actual configuration is always correct from the switching logic point of view It is up to the operator to ensure that it is also correct from a traffic point of view 7 2 The Connect Command The previ...

Page 62: ...es whether broadcast packets are forwarded description Optional text first_ethertype second_ethertype The ethertype used on the outgoing frame It can be transparent thus using the value from the recei...

Page 63: ...x 1 200 tags second_tags VLAN ID IP Destination bw_limit filter_profile flow_selector set connection option_82_circuitID option_82_remoteID multicastgrouplimit add connection static_IP_Addresses valid...

Page 64: ...hance security In an access network one such measure is to force uplink packets up to an edge node instead of switching the packets directly to another End user using the shortest path This way there...

Page 65: ...d Note that the Layer 2 MAC addresses are checked here The Layer 3 IP addresses are not checked here If these checks are not made a packet sent from one End user directed to a neighbor connected to th...

Page 66: ...f the ARPs from the Gateway and then forwards them to the Host for more processing The Host load of unnecessary ARPs is thus reduced This feature is enabled by default when the switching rule of the s...

Page 67: ...n provide the EFN324 with the switching domain specific address to be used as sender in the ARP request By default these attributes are auto At auto the IP or MAC address is snooped from the first ava...

Page 68: ...connection vlan 1 ethernet_port 1 static_ip_addresses IPv4 ADDRESS Dynamic addresses are learned by the EFN324 by snooping DHCP ACK messages on their way from the DHCP server to the End user It is po...

Page 69: ...to trick the self learning Layer 2 address mechanism in the switch in order to access information sent to the other End user or to hinder that End user s access to the network The VMAC also makes the...

Page 70: ...the EFN324 to which the End user is connected range 1 to 26 Switching Domain number is the logical number assigned to the switching domain used for the connection range 1 to 200 EFN324 ID is the last...

Page 71: ...nge 0 to 255 Network ID is a number uniquely identifying the network element forming the virtual MAC address in the access network It is generated automatically by PEM taking the next free number rang...

Page 72: ...Forwarding 2 X X X Explanation 3 see below 1 2 3 4 5 6 7 1 Forced forwarding is enabled when an uplink is defined for a switching domain 2 MAC forced forwarding is enabled when in addition to an upli...

Page 73: ...unique within the EFN and not within a switching domain so this configuration does not allow duplicated IP addresses All packets received on the downlink ports are sent out on the uplink with no dest...

Page 74: ...sing the TR101 format The Remote ID is not automatically inserted but can be specified vlan option_82 configurable the Circuit ID and Remote ID defined in the connection data table are used Each ID ca...

Page 75: ...l all connections in this domain would have this feature If the option is set to yes then all connections in this domain would send the real MAC in DHCP negotiation to DHCP server If it is set to no t...

Page 76: ...here there is no RSTP support RSTP or STP is primarily used in the following two cases To select one of two redundant uplinks To select the uplink ports in a daisy chain where each end node has an upl...

Page 77: ...onfigured for each switching domain It does not matter which of the uplink ports is configured as uplink and which is configured as transit link For easier understanding configure the same uplink port...

Page 78: ...figured in all Ethernet access switches If PEM is used and the services are defined as configured automatically all services will be configured correctly provided that the connected Ethernet access sw...

Page 79: ...e used on both ports of the same node 9 2 ARP and DHCP tag The arp_and_dhcp_tag attribute is used to define a parallel VLAN ID for the uplink traffic to or from a switching domain This facility is int...

Page 80: ...ID Note When configured from PEM this feature is only available when Peer to Peer allowed is selected as the Access Method In this case two VLANs are configured for the Service Downstream VLAN and Up...

Page 81: ...s of the program code in a CLI context these are referred to as releases EFN324 is delivered from the factory with one version of the program code loaded EFN324 may simultaneously host two different S...

Page 82: ...attribute values also known as configuration parameter values in all resources in the system Such a set of parameters may be saved under an arbitrary name The system may host one or several configura...

Page 83: ...run Telnet SSH sessions or to communicate through SNMP 10 3 3 IP Addresses for an EFN324 Node Management of the EFN324 is normally carried out remotely from operation and maintenance sites located els...

Page 84: ...logs 10 4 Supervision 10 4 1 Link Quality The number of packets discarded due to checksum errors offers an indication of link quality The statistics object keeps counters for the total number of rece...

Page 85: ...y to replace an EFN324 follow the procedure in section 11 2 on page 82 11 1 Replacing the Fans The fans are located in a tray on the right side of the EFN324 and can be replaced while the EFN324 is ru...

Page 86: ...ccepts the replacement of EFN324 if the EFN324 is replaced with exactly the same type of EFN324 For example a stand alone EFN324f cannot be replaced by an EFN324df Stand alone EFN324 Ethernet access s...

Page 87: ...ing 1 Remove the power supply from the old EFN324 2 Remove the EFN324 from the network 3 Do the initial configuration for an embedded EFN324 using the same flexible block ID also known as Switch ID ma...

Page 88: ...m the EFN324 adheres to the ITU T X 733 standard which specifies alarm handling in telecommunication networks The following parameters are mandatory in all alarms Table 8 Additional Alarm Parameters a...

Page 89: ...s and outlets for the fans are not blocked Valid from EDA 2 2 R3A Parameters No Parameter Parameter Value 1 Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220...

Page 90: ...cal for damage and replace if necessary Valid from EDA 2 2 R3A Parameters No Parameter Parameter Value 1 Managed object class EFN324fport or ELN220port 2 Managed object Instance EFN324 IP address port...

Page 91: ...arameter Value 1 Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220 IP address 3 Sequence number Alarm sequence number 4 Perceived severity Warning 5 Event ti...

Page 92: ...4 Valid from EDA 2 2 R3A Parameters No Parameter Parameter Value 1 Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220 IP address 3 Sequence number Alarm seque...

Page 93: ...id from EDA 2 2 R3A Parameters No Parameter Parameter Value 1 Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220 IP address 3 Sequence number Alarm sequence n...

Page 94: ...R3A Parameters No Parameter Parameter Value 1 Managed object class EFN324fport or ELN220port 2 Managed object Instance EFN324 IP address port no or ELN220 IP address port no 3 Sequence number Alarm s...

Page 95: ...Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220 IP address 3 Sequence number Alarm sequence number 4 Perceived severity Cleared 5 Event time Time stamp fr...

Page 96: ...eters No Parameter Parameter Value 1 Managed object class EFN324f or ELN220 2 Managed object Instance EFN324 IP address or ELN220 IP address 3 Sequence number Alarm sequence number 4 Perceived severit...

Page 97: ...e RS232 console port SSH offers a more secure connection than Telnet SSH is not described further in this guide 13 2 Using the Console Connector Prerequisites To be able to connect to the switch local...

Page 98: ...ta bits 8 Parity None Stop bits 1 Flow control none 1 Press ENTER to start a CLI session 13 3 Using Telnet Prerequisites To be able to connect to the switch remotely the switch has to have the followi...

Page 99: ...to the EFN324 13 4 Starting and Exiting the CLI 13 4 1 Logging In A normal operator logs in as user admin There is also the root operator type The root operator may see and use all type of commands f...

Page 100: ...e CLI use the command exit 13 5 Entering Commands This section describes how to enter CLI commands 13 5 1 Keywords and Arguments A CLI command is a series of keywords arguments and parameters separate...

Page 101: ...xample 1 At the CLI prompt press TAB to get all valid commands efn Type add config connect disconnect execute_file exit get help history passwd ping release remove reset set statistics telnet unset Ex...

Page 102: ...from the CLI window and pasted into a text command file In Windows mark the field in the CLI window while holding down the left mouse button then right click to copy the text to the clipboard and go...

Page 103: ...ore the cursor CTRL w Delete the word before the cursor Advanced features CTRL t Replace the character under with one before that one Esc t Replace the word under with one before that one CTRL x CTRL...

Page 104: ...ubleshooting inspection and help exit help history passwd ping 101 Display These commands are used to obtain information about parameters and values in the configuration and the system 161 Configurati...

Page 105: ...istory Show a list of executed commands 102 passwd Change the password 103 ping Test the IP connection 103 telnet Start a telnet session 104 reset Reset an object configuration to its default value or...

Page 106: ...ist form range Explains the notation of range in the CLI usage editing Explains navigation and editing in the CLI during operation usage history Describes how to reuse CLI commands that have already b...

Page 107: ...rompt The command help usage history will display information about how to use the history list Example efn history 13 7 4 passwd Use this command to change the password for the current user of the EF...

Page 108: ...ommand is used to communicate remotely A telnet session from an EFN may be used when an operator is locally connected via the serial port and wants to connect to another EFN possibly daisy chained wit...

Page 109: ...ers that are needed for the object Default Setting none Command Usage This command will restore all or one of the default values of an object or resource The following objects and resources can be res...

Page 110: ...ement interfaces 108 Remove network_processor Remove entries in the MAC or bridging table based on MAC address port and IP address 109 add remove rapid spanning_tree Add or remove the Rapid Spanning T...

Page 111: ...rying to upload a software release 139 spanning_tree Define the Spanning Tree STP function 140 vlan Configure parameters for the switching domains 141 13 8 1 add remove connection Use this command to...

Page 112: ...ll addresses are allowed static_multicast_groups IPv4 address add or remove a multicast address permanently for a connection Default Setting None Example efn add connection vlan 100 ethernet_port 4 st...

Page 113: ...and so the control of IP source addresses for management traffic is disabled Example efn add host_accesslist permit ip_address 192 75 11 6 net_mask 255 255 0 0 13 8 3 remove network_processor Use this...

Page 114: ...00 d0 b7 19 b4 7c Remove the bridging table when the switching rule is virtual_mac 10 10 10 102 remove network_processor bridging_table mac_address 00 d0 b7 19 b4 7c ethernet_port 1 Remove the bridgi...

Page 115: ...is based on link speed and priority see below Alternatively the path cost may be given directly in the form of an integer admin_point_to_point auto no yes yes indicates that the port is on a point to...

Page 116: ...chain Use the same RSTP instance selected using instance id for both uplink and transit ports in the same node The function is then activated on the relevant ports by using add commands Use the remove...

Page 117: ...e older of STP and RSTP and should only be used if the EFN is used where collaborating nodes lack RSTP support The Spanning Tree STP function is relevant only when the EFN is located in a network with...

Page 118: ...ult_flow default_flow second_p_tag tag transparent second_ethertype q_vlan s_vlan s_vlan_9200 vman_vlan transparent second_tag VLAN ID transparent untagged tag VLAN ID transparent untagged connect vla...

Page 119: ...his value In the alternative transparent mode the p tag in incoming packets is used unchanged The range is 0 to 7 and transparent flow_selector flow_selection_criteria flows flows default_flow default...

Page 120: ...ip_destinations IP destination can be used as a traffic mapping mechanism in order to identify a service by its IP destination for example a multicast group address or a BRAS address This way it is p...

Page 121: ...bandwidth It is possible to configure the switching domains in the EFN324 to have one or two VLAN tags QinQ attached The QoS type for the individual flows of a switching domain may be specified using...

Page 122: ...and the host processor working at layer 3 and higher layers Default Setting None Example efn disconnect vlan 2 ethernet_port 2 efn disconnect ethernet_port 2 13 8 8 set bandwidth_limitation Use this...

Page 123: ...400 bandwidth_limitation 8 100 000 200 Bandwidth_limitation 9 32 0 auto Command Usage The command is used to define a bandwidth limitation profile that is used when connecting a port to a switching d...

Page 124: ...o undefined values Syntax set connection vlan vlan ethernet_port port multicast_group_limit groups option_82_remote_id remote id option_82_circuit_id circuit id unset connection vlan vlan ethernet_por...

Page 125: ...multicast_groups Default Settings option_82_circuit_id undefined option_82_remote_id undefined multicast group limit undefined Example efn set connection vlan 100 ethernet_port 4 option_82_ remote_id...

Page 126: ...priority Values highest high medium and low The priority selects the queue that the packet is placed in at the egress port marking marking Specify the p bits to overwrite the p bits in the outer VLAN...

Page 127: ...Insert priority on the exit queue Default is medium reliability lowest low medium high highest Insert the reliability Default is medium marking none 0 1 2 3 4 5 6 7 transparent Insert the outgoing p...

Page 128: ...reset to undefined values Syntax set cpu broadcast_address IP address default_gateway IP address dns_primary_nameserver IP address dns_search_domain string dns_secondary_nameserver IP address ip_addr...

Page 129: ...247 For example vlan 1 in EFN324 is connected with 25 26 host and ingress and egress tag as 247 for ethernet_ports 25 and 26 Note When the method is dhcp and automatic_configuration is yes the EFN 324...

Page 130: ...ss to indicate DHCP restart success start to restart DHCP failed to indicate DHCP restart failure Only a value of 1 start can be used for the set cpu restart_dhcp command On setting it to 1 start DHCP...

Page 131: ...success ipsec_status disabled automatic_configuration no broadcast_address dns_primary_nameserver dns_search_domain dns_secondary_nameserver syslog_server uptime 99 days users 13 8 14 set ethernet_po...

Page 132: ...the port are sent as SNMP traps scheduling none sfq sp wfq Scheduling algorithm deciding the order between packets sent over the egress port none first in first out sfq a combination of sp wfq Modifie...

Page 133: ...command to define filters and actions that optionally may be added to the switching rule collection in the network processor Use the command reset filter_profile to reset to default values Syntax set...

Page 134: ..._filter objects global_filter 1 global_filter 8 Matching starts with global_filter_1 if the matching result is positive that is the packet header content is consistent with the global_filter 1 then ac...

Page 135: ...e all corresponding mask is set to all zeros broadcast both da and da_mask are set to all ones local second bit in da and da_mask are set to ones all others to zeros multicast first bit in da and da_m...

Page 136: ...e items a corresponding mask may also be defined A mask defines which bits are considered at matching Furthermore each filter may individually be enabled or disabled by an operator When it is disabled...

Page 137: ...stand alone EFN324 VMAC address format and yes selects embedded EFN324 VMAC address format flexible_block_id switch_id The flexible block identification number for an embedded node switch_id is a numb...

Page 138: ...d configures the password for the user that is going to do the Software upload download upload download configuration and mainly used for automatic configuration download and backup using SFTP FTPS pr...

Page 139: ...rotocol_version ieee8021d_1998 ieee8021w_2001 Arguments id 10 different RSTP instances can be defined The range is 1 to 10 forward_delay delay Delay before forwarding RSTP state changes Used only in S...

Page 140: ...nt links For example when there are two redundant uplinks or when the EFN324 is one of several daisy chained switches with an uplink at each end of the chain Up to ten different RSTP configurations ma...

Page 141: ...work Time Protocol Thereby information about date and time hours minutes seconds is available Example efn set real_time_clock time 12 10 01 date 2005 11 02 ntp_version 4 ntp_client multicast 13 8 20 s...

Page 142: ...2 SNMP version with which the EFN324 is configured There is three options snmpv3 SNMPv3 version on the EFN324 snmpv2 default SNMP version value on the EFN324 snmpv3_v2 V3 in read get and write set mod...

Page 143: ...ured with SNMPv3 Successfully efn set snmp read_community public sys_location Ericsson trap_community standard_trap trap_receiver1 192 168 106 72 version snmpv3_v2 EFN will be configured with SNMPv3_v...

Page 144: ...and see section 13 8 5 on page 112 Use the command reset spanning_tree to reset to default values and unset spanning_tree to reset to undefined values Syntax set spanning_tree tree forward_delay delay...

Page 145: ...although usually only one or two are needed The function is then activated or deactivated on relevant ports using the add or remove commands specified below Setting of priority might in exceptional c...

Page 146: ...ing_rule is configured to ip_validation or virtual_mac and multicast is configured to yes igmp_snooping or igmp_proxy then this setting determines whether EFN324 will validate source IP address in mul...

Page 147: ...ing the MAC address of the gateway is borrowed from the client Note This configuration requires at least one active DHCP Client Auto IP address MAC address The IP address of the gateway is snooped fro...

Page 148: ...ress_learning no yes Defines whether MAC address learning is active max_dynamic_ip_addresses max dyn ip Maximum number of dynamic IP addresses per port Range 0 to 65535 max_virtual_mac_addresses max v...

Page 149: ...te_id_tr101 configurable vlan_port_mac See section 8 5 on page 70 for details on DHCP option 82 header formats no DHCP option 82 is not used circuit_id_eda the EDA format used in the Circuit ID field...

Page 150: ...ress yes gateway undefined uplink undefined transit_link undefined ip_address auto mac_address auto arp_and_dhcp_tag undefined mac_address_learning yes max_dynamic_ip_addresses 65535 max_virtual_mac_a...

Page 151: ...uggested that max_virtual_mac_addresses is set to max_dynamic_ip_addresses plus the number of static IP addresses that are defined The arp_and_dhcp_tag attribute is used to define a parallel VLAN ID f...

Page 152: ...ore Restore a saved configuration file 154 save Save the current attributes as a configuration file 157 13 9 1 set cli Use this command to set parameters for autologout heartbeat and prompt Use the co...

Page 153: ...ring execution of commands The prompt command is used to set the prompt and for example make it easier to identify a node Example efn set cli autologout 60 efn set cli heartbeat no efn set cli prompt...

Page 154: ...ername password 192 168 106 72 EFN_images primary efn config copy primary sftp username password 192 168 106 72 EFN_images primary efn config copy ftps username password 192 168 106 72 EFN_images seco...

Page 155: ...s later when the new version is found to work all right to install the new version as permanent Example efn execute_file tftp 108 112 260 278 File_1 efn execute_file tftp www ericsson dk File_2 efn ex...

Page 156: ...ll lose its status of being permanent Example efn config make_permanent test 13 9 6 set main_board Use this command to set the alarm limit for the temperature of the main board Use the command reset m...

Page 157: ...nd is used to remove a configuration file that has been saved The file appointed as permanent cannot be removed using this command To remove this file use the command remove_permanent see section 13 9...

Page 158: ...page 151 The command get configuration permanent will display the boot file see section 13 11 1 on page 161 Example efn config remove_permanent 13 9 9 restore Use this command to restore configuratio...

Page 159: ...sing the command config restore cancel Example efn config copy tftp www server conf_file new_conf efn config restore existing_conf after 100 efn config restore new_conf efn config restore cancel efn c...

Page 160: ...iguration file that is designated as permanent if any will keep its status as permanent configuration file in its new location too Default Setting None Command Usage The switch may simultaneously hold...

Page 161: ...11 save Use this command to save the current configuration parameters as a configuration file Syntax config save file Arguments file Insert the file name to save the present configuration under Defaul...

Page 162: ...logging by setting all the packet logger parameters to default values It also deletes all entries in the packet log Syntax set log packet_logger ports ethernet_port ports vlans vlan vlans protocols p...

Page 163: ...specified logging is enabled for all ports switching domains and protocols no this command disables logging on the specified ports switching domains and protocols If no ports switching domains or prot...

Page 164: ...for the specified log including packet fields header contents and packet itself Example efn set log packet_logger protocol arp enabled yes capture start 13 10 2 set log trace_logger Use this command...

Page 165: ...ere they are configured are explained in the table below Table 16 Configuration commands Command Description Page bandwidth_limi tation Display bandwidth limitation in connections 118 Cli Display para...

Page 166: ...port is disabled by spanning tree egress_connections All switching domains connected for outgoing traffic ingress_connections Switching domains connected for incoming traffic ip_destinations IP addres...

Page 167: ...s node_control Displays the global parameters set in set node_control network_element_id relay_agent_eda_ip relay_agent_eda_sid vmac_address_node_id 132 rapid_span ning_tree Display the defined Rapid...

Page 168: ...6 12 01 12 16 load_timer min For example 20 loaded For example CXP_901_0022_R3K03 CXP_901_0022_R3D permanent For example CXP_901_0022_R3K03 disk 0 or 1 disk partition disks For example 0 1 139 spannin...

Page 169: ...64 bytes mac_oversize Number of received and discarded frames with oversize error 1530 bytes phy_in_error Number of received and discarded frames due to errors in symbol or delimiter both relate to er...

Page 170: ...the following Ericsson FTP server ftp hotel ericsson net username eda gpl password q5prst The boot loader is free software under the terms of the GNU General Public License Version 2 14 2 Linux Distr...

Page 171: ...EFN324 Application The EFN324 core application is built on Erlang s Open Source Distribution R11B 2 available at http www erlang org download html The Erlang component is distributed under the Erlang...

Page 172: ...s includes ECN330 and ECN430 EMP EDA Management Proxy This is part of the ECN330 and ECN430 FE Fast Ethernet Up to 100 Mbits per second GE Gigabit Ethernet Up to 1000 Mbit per second GUI Graphical Use...

Page 173: ...s and methods applying to Internet technologies RSTP Rapid Spanning Tree Protocol SID Switch ID SNMP Simple Network Management Protocol SNTP Simple Network Time Protocol SP Service Provider SSH Secure...

Page 174: ...D default gateway 79 DHCP snooping 64 65 Disclaimer i E egress connection 20 27 egress port 33 Ethernet port 8 21 54 F fiber Cat5 multicast 36 filtering 31 flooding 57 flows 22 forced forwarding 28 60...

Page 175: ...TP 72 S scheduling 44 security 5 60 set 78 SNMP 79 SNMP traps 84 statistics 80 switch domain 20 33 switching 27 28 33 60 switching rule 34 35 T temperature 80 topology 33 transit link 34 transparent 3...

Page 176: ......

Reviews:

No comments