manualshive.com logo in svg

Nortel 2000, Using Manual

The LG 2000 User Manual is an essential guide for operating and troubleshooting your LG 2000 product. Download this manual for free from manualshive.com to ensure you maximize the full potential of your device. This comprehensive manual provides step-by-step instructions and valuable insights for a seamless user experience.

Share
Download
background image

Appendix B Interoperability in a mixed stack configuration 343

Using the Business Policy Switch 2000 Version 1.2

 

Temporary base unit

In a mixed stack containing only one Business Policy Switch

If there is only one Business Policy Switch in your mixed stack configuration and 
it fails, the next upstream BayStack 410 or BayStack 450 switch from the failed 
base unit will become the temporary base unit and will continue stack operation. 
The base unit change is indicated by the base LED on the temporary base unit’s 
LED display panel turning on (amber). 

If the stack’s base unit reverts to a BayStack 410 or BayStack 450 switch, the 
stack does not maintain Business Policy Switch features and will continue 
operation as a BayStack 410 or BayStack 450 stack.

In a mixed stack containing more than one Business Policy Switch

If the assigned Business Policy Switch base unit fails, the next Business Policy 
Switch unit in the stack order automatically becomes the new temporary base unit. 
All Business Policy Switch units in the stack will be exhausted as base units, 
successively, before assigning a BayStack 410 or BayStack 450 as base unit. The 
base unit change is indicated by the base LED on the temporary base unit’s LED 
display panel turning on (amber). 

If the stack’s base unit reverts to a BayStack 410 or BayStack 450 switch, the 
stack does not maintain Business Policy Switch features and will continue 
operation as a BayStack 410 or BayStack 450 stack.

Compatible software versions

Be sure to follow the instructions for the initial setup according to the Installing 
the Business Policy Switch 2000 guide. 

In a mixed stack, the BayStack 450 and BayStack 410 switches must use 
compatible, but device specific, software versions to operate with the Business 
Policy Switch. You must ensure that the Interoperability Software Version 
Numbers (ISVN) are identical. That is, the ISVN number for the BayStack 450 
switch and BayStack 410 switch must have the same ISVN as the Business Policy 
Switch. If they are not the same, the stack does not operate. 

Summary of Contents for 2000

Page 1: ...Part No 208700 B September 2001 4401 Great America Parkway Santa Clara CA 95054 Using the Business Policy Switch 2000 Version 1 2 ...

Page 2: ...d in this document without notice Nortel Networks NA Inc does not assume any liability that may occur due to the use or application of the product s or circuit layout s described herein USA Requirements Only Federal Communications Commission FCC Compliance Notice Radio Frequency Notice Note This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to ...

Page 3: ...is product conforms to the provisions of Council Directive 89 336 EEC and 73 23 EEC The Declaration of Conformity is available on the Nortel Networks World Wide Web site at http libra2 corpwest baynetworks com cgi bin ndCGI exe DocView Japan Nippon Requirements Only Voluntary Control Council for Interference VCCI Statement Taiwan Requirements Bureau of Standards Metrology and Inspection BSMI State...

Page 4: ...e des Communications Cet appareil numérique Business Policy Switch 2000 respecte les limites de bruits radioélectriques visant les appareils numériques de classe A prescrites dans le Règlement sur le brouillage radioélectrique du ministère des Communications du Canada ...

Page 5: ...t the operation design performance or implementation of the Software and user manuals that is confidential to Nortel Networks and its licensors however Licensee may grant permission to its consultants subcontractors and agents to use the Software at Licensee s facility provided they have agreed to use the Software only in accordance with the terms of this license 3 Limited warranty Nortel Networks...

Page 6: ...se and disclosure of Nortel Networks confidential information shall continue in effect Licensee may terminate this license at any time The license will automatically terminate if Licensee fails to comply with any of the terms and conditions of the license Upon termination for any reason Licensee will immediately destroy or return to Nortel Networks the Software user manuals and all copies Nortel N...

Page 7: ...ck 450 switches 35 Physical description 36 Front panel 36 Console port 37 Uplink Expansion slot 38 Port connectors 38 LED display panel 39 Back panel 43 Cascade Module slot 43 Cooling fans 44 AC power receptacle 44 Redundant power supply unit RPSU and uninterruptible power supply UPS 46 Features 47 CLI management system 48 Increased VLANs 48 Multiple Spanning Tree Protocol groups 49 STG configurat...

Page 8: ...rtual Local Area Networks VLANs 63 Using 256 VLANs 65 Security 66 RADIUS based network security 70 MAC address based security 70 EAPOL based security 71 Flash memory storage 76 Switch software image storage 76 Configuration parameters storage 77 MultiLink Trunking 77 Port mirroring conversation steering 78 Autosensing and autonegotiation 78 BootP automatic IP configuration MAC address 79 Configura...

Page 9: ...95 Base unit 96 Initial installation 96 Stack MAC address 97 Temporary base unit 97 Removing a unit from the stack 98 Stack configurations 98 Stack up configurations 98 Stack down configurations 100 Redundant cascade stacking feature 102 IEEE 802 1Q VLAN workgroups 104 IEEE 802 1Q tagging 105 VLANs spanning multiple switches 111 VLANs spanning multiple 802 1Q tagged switches 112 VLANS spanning mul...

Page 10: ...s and screens 149 Navigating the CI menus and screens 149 Screen fields and descriptions 150 Main Menu 151 IP Configuration Setup screen 155 Choosing a BootP request mode 157 SNMP Configuration screen 160 System Characteristics screen 162 Switch Configuration Menu screen 164 MAC Address Table screen 167 MAC Address Security Configuration Menu screen 169 MAC Address Security Configuration screen 17...

Page 11: ...screen 221 Multicast Group Membership screen 224 Port Statistics screen 226 Stack Operational Mode screen 230 Console Comm Port Configuration screen 231 Identify Unit Numbers 237 Renumber Stack Units screen 238 Hardware Unit Information screen 239 Spanning Tree Configuration Menu screen 240 Spanning Tree Group Configuration screen 242 Spanning Tree Port Configuration screen 245 Spanning Tree Switc...

Page 12: ...licing overview 287 Policy overview 288 Packet flow using QoS 289 Default QoS settings 290 QoS configuration guidelines 290 COPS overview 291 Chapter 5 Sample QoS configuration 293 Creating interface groups 294 Accepting default mapping values 298 Setting up filters and filter groups 298 Defining an IP filter 299 Creating an IP Filter Group Table entry 301 Defining a layer 2 filter 305 Creating a ...

Page 13: ... Technical specifications 335 Environmental 335 Electrical 335 Physical dimensions 336 Performance specifications 336 Data rate 337 Interface options 337 Safety agency certification 337 Electromagnetic emissions 338 Electromagnetic immunity 338 Declaration of Conformity 338 Appendix B Interoperability in a mixed stack configuration 339 Compatibility with BayStack 450 switches 339 Setting up your m...

Page 14: ...lled GBIC 362 Cabling Specifications for GBICs 363 Installing an MDA 363 Replacing an MDA with a different model 366 1000BASE LX multimode applications 367 Appendix D Quick steps to features 369 Configuring 802 1Q VLANs 369 Configuring MultiLink Trunks 373 Configuring Port Mirroring 374 Configuring IGMP Snooping 375 Configuring authentication process for EAPOL based security 378 Appendix E Connect...

Page 15: ...Contents 15 Using the Business Policy Switch 2000 Version 1 2 Appendix F Default Settings 387 Appendix G Sample BootP Configuration File 395 Index 397 ...

Page 16: ...16 Contents 208700 B ...

Page 17: ...ure 14 Stack up configuration example 99 Figure 15 Stack down configuration example 100 Figure 16 Redundant cascade stacking feature 103 Figure 17 Port based VLAN example 105 Figure 18 Default VLAN settings 107 Figure 19 Port based VLAN assignment 108 Figure 20 802 1Q tagging after port based VLAN assignment 108 Figure 21 Policy based VLAN assignment 109 Figure 22 802 1Q tagging after policy based...

Page 18: ...ort based screen example 142 Figure 48 Address based mirroring configuration example 143 Figure 49 Port Mirroring Configuration address based screen example 145 Figure 50 Map of console interface screens 150 Figure 51 Console interface main menu 152 Figure 52 IP Configuration Setup screen 155 Figure 53 SNMP Configuration screen 160 Figure 54 System Characteristics screen 162 Figure 55 Switch Confi...

Page 19: ...IGMP Configuration screen 222 Figure 83 Multicast Group Membership screen 225 Figure 84 Port Statistics screen 227 Figure 85 Stack Operational Mode screen 230 Figure 86 Console Comm Port Configuration screen 232 Figure 87 Renumber Stack Units screen 238 Figure 88 Hardware Unit Information screen 240 Figure 89 Spanning Tree Configuration Menu 241 Figure 90 Spanning Tree Group Configuration 243 Figu...

Page 20: ...gure 117 Actions page 312 Figure 118 Action page with new entry in Action Table 313 Figure 119 Meters page 314 Figure 120 Meter page with new entry in Meter Table 315 Figure 121 Policies page 316 Figure 122 Policies page with new entry 318 Figure 123 802 1p Priority Queue Assignment page 320 Figure 124 DSCP Mapping page 321 Figure 125 DSCP Mapping page 322 Figure 126 DSCP Mapping page 323 Figure 1...

Page 21: ...373 Figure 145 Configuring Port Mirroring 1 of 2 374 Figure 146 Configuring Port Mirroring 2 of 2 375 Figure 147 Configuring IGMP Snooping 1 of 3 376 Figure 148 Configuring IGMP Snooping 2 of 3 377 Figure 149 Configuring IGMP Snooping 3 of 3 378 Figure 150 Authenticaton process flowchart 1 of 2 379 Figure 151 Authenticaton process flowchart 2 of 2 380 Figure 152 RJ 45 8 Pin Modular port connector ...

Page 22: ...22 Figures 208700 B ...

Page 23: ...acteristics screen fields 163 Table 14 Switch Configuration Menu screen options 165 Table 15 MAC Address Table screen fields 168 Table 16 MAC Address Security Configuration Menu Options 170 Table 17 MAC Address Security Configuration fields 172 Table 18 MAC Security Port Configuration screen fields 176 Table 19 MAC Address Security Port Lists screen fields 178 Table 20 MAC Address Security Table S...

Page 24: ...ons 241 Table 45 Spanning Tree Group Configuration parameters 243 Table 46 Spanning Tree Port Configuration screen fields 247 Table 47 Spanning Tree Switch Settings parameters 250 Table 48 Spanning Tree VLAN Membership parameters 253 Table 49 TELNET SNMP Web Access Configuration screen fields 255 Table 50 Software Download screen fields 260 Table 51 Configuration File Menu screen options 262 Table...

Page 25: ...000BASE SX MDA components 350 Table 68 1000BASE LX MDA components 353 Table 69 100BASE FX MDA components 357 Table 70 450 1GBIc MDA description 360 Table 71 Available GBIC models 360 Table 72 RJ 45 port connector pin assignments 382 Table 73 DB 9 Console port connector pin assignments 385 Table 74 Factory default settings 387 ...

Page 26: ...26 Tables 208700 B ...

Page 27: ... Policy enabled networks The Business Policy Switch includes a dedicated Uplink Module slot for attaching optional media dependent adapters MDAs that support a range of media types including Gigabit Ethernet Installation instructions are included with each MDA see your Nortel Networks sales representative for ordering information For more information about the MDAs see Appendix C Media dependent a...

Page 28: ... 2000 refer to the following publications Release Notes for the Business Policy Switch 2000 Version 1 2 part number 210676 D Documents important changes about the software and hardware that are not covered in other related publications Installing the Business Policy Switch 2000 part number 209319 A Describes how to install the Business Policy Switch 2000 Getting Started with the Business Policy Sw...

Page 29: ...nal MDA in your Business Policy Switch 2000 Installing the BayStack 400 ST1 Cascade Module part number 304433 B Describes how to connect up to eight switches into a stack configuration by installing optional BayStack 400 ST1 Cascade Modules BayStack 10 Power Supply Unit Installation Instructions part number 208558 B Describes installation power up power down and fan replacement procedures Release ...

Page 30: ...ribes how to install Quick2Config You can print selected technical manuals and release notes free directly from the Internet Go to the www nortelnetworks com documentation URL The product family for the BPS 2000 is Data and Internet Find the product for which you need documentation Then locate the specific category and model or version for your hardware or software product Use Adobe Acrobat Reader...

Page 31: ...works products and services When you use an ERC your call is routed to a technical support person who specializes in supporting that product or service To locate an ERC for your product or service go to the www12 nortelnetworks com URL and click ERC at the bottom of the page Technical Solutions Center Telephone Europe Middle East and Africa 33 4 92 966 968 North America 800 4NORTEL or 800 466 7835...

Page 32: ...32 Preface 208700 B ...

Page 33: ...page 83 General description The Business Policy Switch introduces policy enabled networking features to optimize consistent performance and behavior for your network traffic The Differentiated Services DiffServ network architecture offers varied levels of service for different types of data traffic DiffServ lets you designate a specific level of performance on a per packet basis Stacking compatibi...

Page 34: ... that the Interoperability Software Version Numbers ISVN are identical That is the ISVN number for the BayStack 450 switch and BayStack 410 switch must have the same ISVN as the BPS 2000 If the ISVNs are not the same the stack does not operate In sum the stacking software compatibility requirements are as follows Pure BPS 2000 stack All units must be running the same software version Pure BayStack...

Page 35: ... management system Open the System Information page which is under Administration on the main menu The software currently running is displayed in the sysDescription field You can use 256 port protocol and MAC SA based VLANs for the stack with a Pure BPS 2000 stack running software version 1 2 The maximum number of MAC SA based VLANs available is 48 If you are working with a mixed or hybrid stack y...

Page 36: ... the Business Policy Switch Figure 1 Business Policy Switch 2000 Front panel Figure 2 shows the front panel configuration for the Business Policy Switch 2000 Descriptions of the front panel components follow the figure For descriptions of the back panel Business Policy Switch components see Back panel on page 43 9713FA ...

Page 37: ...r control and to enable cursor and functions keys to use the console port See Installing the Business Policy Switch 2000 for more information Table 1 Business Policy Switch 2000 front panel description 1 Console port 2 Uplink expansion slot 3 Port connectors 4 LED display panel Note The console port is configured as a data communications equipment DCE connector Ensure that your RS 232 cable pinout...

Page 38: ...o a conventional Ethernet repeater hub If you are connecting to an Ethernet hub or Ethernet switch use a crossover cable unless an MDI connection exists on the associated port of the attached device see Appendixes The Business Policy Switch uses autosensing ports designed to operate at 10 Mb s megabits per second or at 100 Mb s depending on the connecting device These ports support the IEEE 802 3u...

Page 39: ...riptions Label Type Color State Meaning Pwr Power status Green On DC power is available to the switch s internal circuitry Off No AC power to switch or power supply failed Status System status Green On Self test passed successfully and switch is operational Blinking A nonfatal error occurred during the self test This includes nonworking fans Off The switch failed the self test 9714EA Business Poli...

Page 40: ...patible software revision or unable to obtain a unit ID Renumber Stack Unit table full The unit is on the ring but cannot participate in the stack configuration Cas Dwn Stack mode Off The switch is in standalone mode Green On The switch is connected to the downstream unit s Cascade A Out connector Amber On This unit has detected a problem with the switch connected to the cascade down connector In ...

Page 41: ... fails the next unit directly downstream from this unit becomes the new temporary base unit This process can continue until there are only two units left in the stack configuration This automatic failover is a temporary safeguard only If the stack configuration loses power the temporary base unit will not power up as the base unit when power is restored For this reason you should always assign the...

Page 42: ... or there is no connection to this port Blinking The corresponding port is management disabled Activity Port activity Green Blinking Indicates network activity for the corresponding port A high level of network activity can cause the LEDs to appear to be on continuously Table 2 Business Policy Switch 2000 LED descriptions continued Label Type Color State Meaning ...

Page 43: ...nt stack configuration Installation instructions are provided with each BayStack 400 ST1 Cascade Module see Installing the BayStack 400 ST1 Cascade Module Use a flathead screwdriver to remove the filler panel that covers the Cascade Module slot Figure 5 For more information about cascade modules see Installing the Cascade 400 ST1 Cascade Module See your Nortel Networks sales representative for cas...

Page 44: ...ow enough space on both sides of the switch for adequate air flow See Installing the Business Policy Switch 2000 for detailed information AC power receptacle The AC power receptacle accepts the AC power cord supplied For installation outside of North America make sure that you have the proper power cord for your region Any cord used must have a CEE 22 standard V female connector on one end and mus...

Page 45: ...utside of the cord jacket to comply with the CENELEC Harmonized Document HD 21 220 or 230 VAC 50 Hz Single phase U S Canada Japan NEMA5 15P male plug UL recognized UL stamped on cord jacket CSA certified CSA label secured to the cord 100 or 120 VAC 50 60 Hz Single phase United Kingdom BS1363 male plug with fuse Harmonized cord 240 VAC 50 Hz Single phase Australia AS3112 1981 Male plug 240 VAC 50 H...

Page 46: ...s fit into the right hand side of the rear of the chassis The UPS and associated battery pack module fit into the front of the chassis For further information refer to Installation and Reference for the BayStack 10 Power Supply Unit part number 208296 C Contact your Nortel Networks sales representative for more information 100 Watt DC DC Converter The 100 Watt DC DC Converter operates in conjuncti...

Page 47: ... manager list on page 56 Introduced with software version 1 1 Policy enabled networks with QoS metering on page 57 Support for the GBIC MDA on page 57 EAPOL based security on page 58 Automatic PVID on page 59 Tabular port statistics on page 61 Ability to ping on page 61 Improved STP Fast Learning Mode on page 61 BootP menu item for a stack of only BPS 2000 switches on page 62 Introduced with softw...

Page 48: ...eference for the Business Policy Switch 2000 Command Line Interface Software Version 1 2 for complete information on accessing the CLI and all commands Increased VLANs The BPS 2000 software version 1 2 provides support for 256 virtual local area networks VLANs These 256 VLANs can be spread among port based protocol based and MAC source address based VLANs maximum of 48 MAC source address based VLA...

Page 49: ...her path become active thus sustaining network operations Starting with software version 1 2 the BPS 2000 supports multiple spanning tree groups STGs The BPS 2000 supports a maximum of 8 STGs either all in one standalone switch or across a stack consisting of only BPS 2000 switches Pure BPS 2000 Stack mode Multiple STGs provide multiple data paths which can be used for load balancing and redundanc...

Page 50: ...he BPDUs from STG1 or the default STG is user configurable as are tagging settings for all STGs However by default STG1 sends out only untagged BPDUs in order to operate with all devices that support only one instance of STP The default tagging of STG2 through STG8 is tagged All other STGs except the Default STG must be created by the user To become active each STG must be enabled by the user afte...

Page 51: ...not span multiple STGs By confining VLANs within a single STG you avoid problems with spanning tree blocking ports and causing a loss of connectivity within the VLAN When a VLAN spans multiple switches the VLAN must be within the same spanning tree group have the same STG ID across all the switches All VLANs in the same shared database SVL must be assigned to the same STG All members of a particul...

Page 52: ...rt port 1 that does not belong to any STG to VLAN1 and port 1 will become part of STG1 However if in the example explained above the untagged port 1 already belongs to STG2 then port will not become a member of STG1 When you remove a port from VLAN that belongs to an STG that port will also be removed from the STG However if that port belongs to another VLAN in the same STG the port remains in the...

Page 53: ...es It may not be desirable to wait the usual 30 to 35 seconds for spanning tree initialization and bridge learning ASCII configuration file Beginning with software version 1 2 the BPS 2000 can download a user editable ASCII configuration file from a TFTP server You can load the ASCII configuration file automatically at boot time or on demand using the management systems console menus or CLI Once d...

Page 54: ...ant that you review the commands in the file to ensure accuracy and completeness For information on setting the parameters for the ASCII configuration file feature refer to Chapter 3 Sample ASCII configuration file This section shows a sample ASCII configuration file This file is an example only and shows a basic configuration for a standalone BPS 2000 that includes Multi Link Trunking VLANs port ...

Page 55: ...dd ports to this VLAN in this case all ports vlan members add 150 ALL vlan ports ALL priority 3 create vlan MACSA based vlan create 90 name MAC90 type macsa add ports to this VLAN in this case all ports vlan members add 90 ALL igmp you could disable proxy on vlan 100 vlan igmp 100 proxy disable Examples of changing interface parameters change speed of port 3 interface Fastethernet 3 speed 10 duple...

Page 56: ...ion on using the CLI commands IP manager list With software version 1 2 you can limit access to the management features of the BPS 2000 by defining the IP addresses allowed access to the switch The features provided by the IP manager list are Definitions of up to 10 allowed IP addresses and masks Options to enable or disable access for Telnet SNMP and the Web based management system Note To add co...

Page 57: ...iated Services DiffServ Quality of Service QoS architecture Refer to Policy enabled networking on page 62 for a more complete description of policy enabled networks and refer to Chapter 4 for a complete discussion of policy enabled networks Differentiated Services DiffServ and Quality of Service QoS For information on configuring policy enabled networks DiffServ and QoS refer to Using Web based Ma...

Page 58: ... installation and cabling instructions refer to Installing Media Dependent Adapters MDAs EAPOL based security BPS 2000 software version 1 1 provides support for security based on the Extensible Authentication Protocol over LAN EAPOL which uses the EAP as described in the IEEE Draft P802 1X to allow you to set up network access control on internal LANs Refer to Security on page 66 for complete info...

Page 59: ...for the Business Policy Switch 2000 Software Version 1 2 for information on configuring this feature using the Web based management system And refer to Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1 2 for information on configuring Automatic PVID with CLI commands Finally refer to Reference for the Business Policy Switch 2000 Management Software Version 1 2...

Page 60: ...PVID VLAN association for ports 6 and 11 is PVID 1 Ports 2 4 10 and 8 are untagged members of VLAN 2 The PVID VLAN association for ports 2 4 and 10 is PVID 2 Ports 2 4 10 8 6 and 11 are untagged members of VLAN 3 The PVID VLAN association for port 8 is PVID 3 Port 2 BS45019A Port 4 Port 10 Port 8 VLAN 3 V2 V2 V2 V1 V2 VLAN 2 VLAN 1 S1 Key VLAN 1 PVID 1 VLAN 2 PVID 2 VLAN 3 PVID 3 PVID 2 PVID 3 V3 ...

Page 61: ...00 software version 1 1 you can view all ports in an entire stack that have an error If a particular port has no errors it will not be displayed Refer to Using Web based Management for the Business Policy Switch 2000 Software Version 1 2 to display tabular port statistics Ability to ping With software version 1 1 you can ping from a BPS 2000 This ability greatly enhances the ease of network manage...

Page 62: ...iders and enterprise network environments offer varied levels of service for different types of data traffic Instead of using the best effort service model to ensure data delivery DiffServ s Quality of Service QoS lets you designate a specific level of performance on a packet by packet basis If you have applications that require high performance and reliable service such as voice and video over IP...

Page 63: ... Therefore for any given station on the shared Ethernet the local segment is the collision domain because traffic on the segment has the potential to cause an Ethernet collision The local segment is also the broadcast domain because any broadcast is sent to all stations on the local segment Although Ethernet switches and bridges divide a network into smaller collision domains they do not affect th...

Page 64: ...based VLANs A MAC SA based VLAN is a VLAN in which you assign switch ports as members of a broadcast domain based on the source MAC address information within the packet MAC SA based VLANs can be used to provide a MAC level security scheme to organize and group different users The maximum number of available MAC SA based VLANs is 48 Policy based VLANs are determined by the information within the p...

Page 65: ... assign different ports and therefore the devices attached to these ports to different broadcast domains This feature allows network flexibility because you can reassign VLANs to accommodate network moves additions and changes eliminating the need to change physical cabling Using 256 VLANs The BPS 2000 software version 1 2 provides support for 256 VLANs These 256 can be spread among port based pro...

Page 66: ...he Business Policy Switch 2000 Software Version 1 2 or Reference for the Business Policy Switch 2000 Management Software Version 1 2 Refer to Chapter 2 Network configuration for more information on VLANs For information on configuring VLANs using the CI menus refer to Chapter 3 To configure this feature using the Web based management system refer to Using Web based Management for the Business Poli...

Page 67: ... the switch and authentication server such as a RADIUS server Figure 7 shows a typical campus configuration using the RADIUS based and MAC address based security features for the Business Policy Switch This example assumes that the switch the teachers offices and classrooms and the library are physically secured The student dormitory may or may not be physically secure ...

Page 68: ...ng security measures are implemented The switch RADIUS based security is used to limit administrative access to the switch through user authentication see RADIUS based network security on page 70 Library Teachers offices and classrooms To Network Center Secure locked area Legend Student Dormitory Switch RADIUS server RADIUS based security BS45077A ...

Page 69: ...e assigned MAC address based security that is specific for each classroom and office location The security feature logically locks each wall jack to the specified station and prevents unauthorized access to the switch should someone attempt to connect a personal laptop PC into the wall jack The printer is assigned as a single station and is allowed full bandwidth on that switch port It is assumed ...

Page 70: ...ervice Type field value to Administrative Read only access Set the Service Type field value to NAS Prompt For detailed instructions to set up your RADIUS server refer to your RADIUS server documentation MAC address based security The MAC address based security feature allows you to set up network access control based on source MAC addresses of authorized stations You can Create a list of up to 448...

Page 71: ... 1 provides support for security based on the Extensible Authentication Protocol over LAN EAPOL which uses the EAP as described in the IEEE Draft P802 1X to allow you to set up network access control on internal LANs For information on configuring EAPOL based security using the Console Interface CI menus refer to Chapter 3 To configure this feature using the Web based management system refer to Us...

Page 72: ...pplying for access to the network Authenticator software with the sole purpose of authorizing a supplicant that is attached to the other end of a LAN segment Authentication Server a RADIUS server that provides authorization services to the Authenticator Port Access Entity PAE a software entity associated with each port that supports the Authenticator or Supplicant functionality In the preceding ex...

Page 73: ...e the controlled port s state depends on the Operational Traffic Control field value in the EAPOL Security Configuration screen The Operational Traffic Control field can have one of the following two values Incoming and Outgoing If the controlled port is unauthorized frames are not transmitted through the port all frames received on the controlled port are discarded The controlled port s state is ...

Page 74: ...tication server allows you to configure user specific settings for VLAN memberships and port priority When you log on to a system that has been configured for EAPOL authentication the Authentication server recognizes your user ID and notifies the switch to assign preconfigured user specific VLAN membership and port priorities to the switch The configuration settings are based on configuration para...

Page 75: ...DIUS server for these devices You must also configure your BayStack 350 410 24T 450 switches and BPS 2000 for port based VLANs and EAPOL security For information on configuring the BPS 2000 refer to the Chapter 3 Using Web based Management for the Business Policy Switch 2000 Software Version 1 2 Reference for the Business Policy Switch 2000 Management Software Version 1 2 and Reference for the Bus...

Page 76: ...es to Blocking mode EAPOL based security uses the RADIUS protocol to authenticate local console Telnet and EAPOL authorized logins Refer to RADIUS based network security on page 70 for more information on using the RADIUS protocol Flash memory storage Switch software image storage The Business Policy Switch uses flash memory to store the switch software image The flash memory allows you to update ...

Page 77: ... s in full duplex mode The Business Policy Switch can be configured with up to six MultiLink Trunks The trunk members can be configured within a single unit in the stack or distributed between any of the units within the stack configuration distributed trunking For more information about the MultiLink Trunking feature refer to Chapter 2 Network configuration Note Do not power off the switch within...

Page 78: ...ing where all traffic on specified ports is monitored or address based monitoring where traffic between specified MAC addresses is monitored You can attach a probe device such as a Nortel Networks StackProbe or equivalent to the designated monitor port For more information about the port mirroring feature refer to Chapter 2 Network configuration For information on configuring port mirroring using ...

Page 79: ...enus refer to Chapter 3 To configure this feature using the Web based management system refer to Using Web based Management for the Business Policy Switch 2000 Software Version 1 2 To use Device Manager DM to configure this feature refer to Reference for the Business Policy Switch 2000 Management Software Version 1 2 And to configure this feature using CLI commands refer to Reference for the Busin...

Page 80: ...your Business Policy Switch remotely through a dial up modem connection or in band through a Telnet session For information about the console interface refer to Chapter 3 Web based management You can manage the network from the World Wide Web Access the Web based graphical user interface GUI through the HTML based browser located on your network The GUI allows you to configure monitor and maintain...

Page 81: ... to quickly and easily analyze network performance and fault conditions on the individual segments and specific areas in your network Through the views Optivity can also alert you when a problem has occurred in a specific location For further information about Optivity contact your Nortel Networks sales representative Multifield packet classification Specify multifield packet classification based ...

Page 82: ... MIBs S5 Chassis MIB s5cha127 mib S5 Agent MIB s5age140 mib RMON rfc2819 mib MLT rcMLT Common Open Policy Service COPS support rfc 2940 mib Policy Management Policy Info Base pib802 pibFramework pibIp pibNtn mibntqos pibNtnEvol SNMPv3 MIBs RFCs 2570 2571 2572 2573 2574 2575 2576 MIB2 rfc1213 mib IF MIB rfc2863 mib Etherlike MIB rfc2665 mib Interface Extension MIB s5ifx100 mib Switch Bay Secure s5s...

Page 83: ...FCs This section lists the standards and RFCs supported by the BPS 2000 Table 6 Supported SNMP traps Trap name Configurable Sent when RFC 1215 industry standard linkUp Per port A port s link state changes to up linkDown Per port A port s link state changes to down authenticationFailure System wide There is an SNMP authentication failure coldStart Always on The system is powered on warmStart Always...

Page 84: ...Cs For more information about networking concepts protocols and topologies consult the following RFCs RFC 1213 MIB II RFC 1493 Bridge MIB RFC 2863 Interfaces Group MIB RFC 2665 Ethernet MIB RFC 2737 Entity MIBv2 RFC 2819 RMON MIB RFC 1757 RMON RFC 1271 RMON RFC 1157 SNMP RFC 2748 COPS RFC 2940 COPS Clients RFC 3084 COPS Provisioning RFC 2570 SNMPv3 RFC 2571 SNMP Frameworks RFC 2573 SNMPv3 Applicat...

Page 85: ...Chapter 1 The Business Policy Switch 2000 85 Using the Business Policy Switch 2000 Version 1 2 ...

Page 86: ...86 Chapter 1 The Business Policy Switch 2000 208700 B ...

Page 87: ...ks Compatibility with BayStack 450 switches next Network configuration examples on page 88 Business Policy Switch stack operation on page 93 IEEE 802 1Q VLAN workgroups on page 104 IGMP snooping on page 122 MultiLink Trunks on page 129 Port mirroring on page 139 Compatibility with BayStack 450 switches The BPS 2000 software version 1 2 is compatible with BayStack 450 software version 4 1 When you ...

Page 88: ...ANs for the entire stack When you change from a Pure BPS 2000 Stack mode to a Hybrid Stack mode If you have up to 64 VLANs on the Pure BPS 2000 Stack they will be retained when you change to a Hybrid Stack If you have more than 64 VLANs on the Pure BPS 2000 Stack you will lose them all The Hybrid Stack will return to the default VLAN configuration Also a mixed or hybrid stack does not support mult...

Page 89: ...tention for bandwidth and eliminate server and network bottlenecks Before segmentation 88 users had a total bandwidth of only 10 Mb s available After segmentation 92 users have 40 Mb s four times the previous bandwidth while adding 22 dedicated 100 Mb s connections This configuration can be extended to add more segments without degrading performance Server Up to 22 users To Network Center Key 10 M...

Page 90: ...rk Center 9796EA Up to 23 users Up to 23 users Up to 23 users 88 users share 10 Mb s 10 88 Mb s per user Server bottleneck 10 Mb s bandwidth Network center bottleneck 10 Mb s bandwidth Total of 88 users Four sets of 23 users each set shares 10 Mb s 10 23 Mb s per user Addition of 22 users each with dedicated 100 Mb s bandwidth Server with dedicated 100 Mb s bandwidth Network center with dedicated ...

Page 91: ... As shown in Figure 10 the Passport 1100 switch is used as a backbone switch connecting to the Business Policy Switch with an optional gigabit 1000BASE SX MDA for maximum bandwidth The BayStack 303 and BayStack 304 switches have 100 Mb s connections to the Business Policy Switch a 100BASE TX hub and a 100 Mb s server as well as 10 Mb s connections to DTE data terminal equipment See the Nortel Netw...

Page 92: ...t 1100 switch is used as a backbone switch connecting to the Business Policy Switch with an optional gigabit 1000BASE SX MDA for maximum bandwidth This configuration uses optional BayStack 400 ST1 Cascade Modules to connect the switches in the fail safe stack For an overview of the fail safe stacking feature that is available for the Business Policy Switches see Business Policy Switch stack operat...

Page 93: ...rovide uninterrupted connectivity for up to 224 ports see Fail safe stack application The entire stack is manageable as a single unit Installation instructions are provided with the BayStack 400 ST1 Cascade Module see your Nortel Networks sales representative for ordering information This section discusses the following stacking topics BayStack 400 ST1 Cascade Module on page 94 Base unit on page 9...

Page 94: ...ttachment point for connecting this unit to another unit via the cascade cable A return cable from another unit s Cascade A Out connector to this unit s Cascade A In connector completes the stack connection see the example shown in Figure 13 Note If you are implementing a mixed stack with the Business Policy Switch and BayStack 450 and BayStack 410 switches refer to Appendixes for configuration an...

Page 95: ...n all other Unit Select switches in the stack configuration must be set to Off down Cascade A In connector Provides an attachment point for accepting a cascade cable connection from an adjacent unit in the stack A return cable from this unit s Cascade A Out connector to the adjacent unit s Cascade A In connector completes the stack connection see the example shown in Figure 13 Figure 13 Connecting...

Page 96: ...ion of the stack the software automatically determines the physical order of all units in the stack according to the position of the base unit within the stack Thereafter the individual units maintain their original unit numbering even if you change the position of one or more units in the stack Refer to Chapter 3 for information on renumbering the units using the console interface CI menus and to...

Page 97: ...e unit If an assigned base unit fails the next unit in the stack order automatically becomes the new temporary base unit This change is indicated by the base LED on the temporary base unit s LED display panel turning on amber For detailed information about the base LED see Chapter 1 This automatic failover is a temporary safeguard only If the stack configuration loses power the temporary base unit...

Page 98: ...s on the BayStack 400 ST1 Cascade Module front panel provide the ability to stack up to 8 switches With BPS 2000 MDAs installed in each switch the stack can accommodate a maximum of 224 switch ports Because stack parameters are associated with the base unit see Base unit the physical stack order depends on the base unit s position and whether the stack is configured stack up or stack down Stack up...

Page 99: ...nfiguration example Table 7 describes the stack up configuration illustration references Table 7 Stack up configuration description 1 Last unit 2 Base unit 3 Cascade Cable part number 303978 A 4 Cascade Cable part number 303979 A 9813EA 1 Unit 8 Unit 7 Unit 6 Unit 5 Unit 4 Unit 3 Unit 2 Unit 1 2 3 4 Out In ...

Page 100: ...it 1 to the next switch which is assigned as unit 2 and continues until the last switch in the stack is assigned as unit 8 The physical order of the switches is from top to bottom unit 1 to unit 8 Figure 15 Stack down configuration example 9814EA 1 Unit 1 Unit 2 Unit 3 Unit 4 Unit 5 Unit 6 Unit 7 Unit 8 2 3 4 In Out ...

Page 101: ...the entire stack from any switch in the stack from the console interface a Telnet session the Web based management interface or any generic SNMP based network management software You can access and manage the stack using a Telnet connection the Web based management interface or any generic SNMP management tool through any switch port that is part of the stack configuration When stacking three or m...

Page 102: ...ure 16 unit 3 becomes nonoperational This result can be due to a failed unit or simply because the unit was powered down 2 Unit 2 and unit 4 directly upstream and downstream from unit 3 sense the loss of link signals from unit 3 a Units 2 and 4 automatically loop their internal stack signals A and B b The Cas Up LED for unit 2 and the Cas Dwn LED for unit 4 turn on amber to indicate that the stack...

Page 103: ...ng feature Table 9 describes the redundant cascade stacking illustration references Table 9 Redundant cascade stacking descriptions 1 Base unit 2 Last unit 3 Cascade cable part number 303978 A 4 Cascade max return cable part number 303979 A 9815EA 1 Unit 1 Unit 2 Unit 3 Unit 4 Unit 5 2 3 4 B A Cascade A Out Cascade A In ...

Page 104: ...switch port connects to a segment that is a single broadcast domain When a switch port is configured to be a member of a VLAN it is added to a group of ports workgroup that belong to one broadcast domain The Business Policy Switch allows you to assign ports to VLANs using the console Telnet Web based management CLI or an appropriate SNMP based application such as the Device Manager You can assign ...

Page 105: ...are Version 1 2 Reference for the Business Policy Switch 2000 Command Line Interface Software Version 1 2 and Reference for the Business Policy Switch 2000 Management Software Version 1 2 for information on overriding the default values Port VLAN identifier PVID a classification mechanism that associates a port with a specific VLAN For example a port with a PVID of 3 PVID 3 assigns all untagged fr...

Page 106: ...he individual LAN segments may be unable to signal priority information Port priority the priority level assigned to untagged frames received on a port This value becomes the user priority for the frame Tagged packets get their user priority from the value contained in the 802 1Q frame header Unregistered packet a tagged frame that contains a VID where the receiving port is not a member of that VL...

Page 107: ... In Figure 18 untagged incoming packets are assigned directly to VLAN 2 PVID 2 Port 5 is configured as a tagged member of VLAN 2 and port 7 is configured as an untagged member of VLAN 2 Port 1 DA SA Data CRC Incoming untagged packet BS45010A Port 2 Port 3 Port 4 Port 5 VLAN 1 802 1Q Switch By default Key All ports are assigned PVID 1 All ports are untagged members of VLAN 1 PVID 1 Port 6 Port 7 Po...

Page 108: ... to VLAN 3 policy VLAN 3 PVID 2 Port 5 is configured as a tagged member of VLAN 3 and port 7 is configured as an untagged member of VLAN 3 Port 6 DA SA Data CRC BS45011A Port 7 Port 8 Port 1 Port 4 Port 5 Port 2 Port 3 802 1Q Switch PVID 2 Untagged packet Untagged member of VLAN 2 Tagged member of VLAN 2 Before BS45012A Port 6 Port 7 Port 8 Port 1 Port 4 Port 5 Port 2 Port 3 802 1Q Switch Key Prio...

Page 109: ...22 802 1Q tagging after policy based VLAN assignment Port 6 DA SA Data CRC BS45011B Port 7 Port 8 Port 1 Port 4 Port 5 Port 2 Port 3 802 1Q Switch PVID 2 Untagged packet Untagged member of VLAN 3 Tagged member of VLAN 3 Before Policy VLAN 3 BS45012B Port 6 Port 7 Port 8 Port 1 Port 4 Port 5 Port 2 Port 3 802 1Q Switch Key Priority CFI VID User_priority Canonical format indicator VLAN identifier PV...

Page 110: ...signment in the packet Port 5 is configured as a tagged member of VLAN 2 and port 7 is configured as an untagged member of VLAN 2 Figure 23 802 1Q tag assignment Port 6 DA SA Tag Data CRC Tagged packet BS45013A Port 7 Port 8 Port 1 Port 4 Port 5 Port 2 Port 3 802 1Q Switch PVID 2 Untagged member of VLAN 2 Tagged member of VLAN 2 Before ...

Page 111: ...ch However the configuration guidelines depend on whether both switches support 802 1Q tagging With 802 1Q tagging enabled on a port for a VLAN all frames leaving the port for that VLAN are marked as belonging to that specific VLAN You can assign specific switch ports as members of one or more VLANs that span multiple switches without interfering with the Spanning Tree Protocol Refer to Chapter 1 ...

Page 112: ...guration as any other switch to switch connection For this configuration to work properly both switches must support the 802 1Q tagging protocol VLANS spanning multiple untagged switches Figure 26 shows VLANs spanning multiple untagged switches In this configuration Switch S2 does not support 802 1Q tagging and you must use a single switch port on each switch for each VLAN For this configuration t...

Page 113: ...ach port belongs to only one VLAN at a time connectivity on the other VLAN is lost Exercise care when configuring the switches to ensure that the VLAN configuration does not conflict with spanning tree configuration To connect multiple VLANs across switches with redundant links you must disable the STP on all participating switch ports Figure 27 shows possible consequences of enabling the STP when...

Page 114: ... Blocking mode stations on VLAN 2 in Switch S1 cannot communicate with stations in VLAN 2 on Switch S2 With multiple links only one link will be forwarding Shared servers Business Policy Switches allow ports to exist in multiple VLANs for shared resources such as servers printers and switch to switch connections It is also possible to have resources exist in multiple VLANs on one switch as shown i...

Page 115: ... the switch ports are set to participate as VLAN port members This arrangement allows the switch to establish the appropriate broadcast domains within the switch Figure 29 Refer to Chapter 1 for additional guidelines on configuring VLANs and spanning tree groups Business Policy Switch 2000 9803EA S1 V2 V2 V1 V1 V2 V3 Key VLAN 1 PVID 1 VLAN 2 PVID 2 VLAN 3 PVID 3 ...

Page 116: ...sociation for ports 6 and 11 is PVID 1 Ports 2 4 10 and 8 are untagged members of VLAN 2 The PVID VLAN association for ports 2 4 and 10 is PVID 2 Ports 2 4 10 8 6 and 11 are untagged members of VLAN 3 The PVID VLAN association for port 8 is PVID 3 The following steps show how to use the VLAN configuration screens to configure the VLAN 3 broadcast domain shown in Figure 29 Port 2 BS45019A Port 4 Po...

Page 117: ...Figure 30 are default settings with all switch ports classified as untagged members of VLAN 1 Figure 31 shows the VLAN Configuration screen after it is configured to support the VLAN 3 broadcast domain shown in Figure 29 VLAN Name is optional VLAN Configuration Create VLAN 1 Vlan Type Port Based Delete VLAN Protocol Id PID None VLAN Name Default VLAN User Defined PID 0x0000 Management VLAN Yes Now...

Page 118: ... c The default VLAN Port Configuration screen opens Figure 32 The VLAN Port Configuration screen settings shown in Figure 32 are default settings VLAN Configuration Create VLAN 3 Vlan Type Port Based Delete VLAN Protocol Id PID None VLAN Name test VLAN User Defined PID 0x0000 Management VLAN Yes Now 1 VLAN State Active IVL SVL IVL Port Membership 1 6 7 12 13 18 19 24 Unit 1 U U U U UU KEY T Tagged...

Page 119: ...t 8 as shown in Figure 29 Port Name is optional The PVID VLAN association for VLAN 3 is now PVID 3 VLAN Port Configuration Unit 1 Port 1 Filter Tagged Frames No Filter Untagged Frames No Filter Unregistered Frames No Port Name Port 1 PVID 1 Port Priority 0 Tagging Untagged Access AutoPVID all ports Disabled Use space bar to display choices press Return or Enter to select choice Press Ctrl R to ret...

Page 120: ...ch port on each switch must be used for each VLAN see VLANS spanning multiple untagged switches The connection to S2 requires only one link between the switches because S1 and S2 are both Business Policy Switches that support 802 1Q tagging see VLANs spanning multiple 802 1Q tagged switches VLAN Port Configuration Unit 1 Port 8 Filter Tagged Frames No Filter Untagged Frames No Filter Unregistered ...

Page 121: ...iguration spanning multiple switches Business Policy Switch 2000 Business Policy Switch 2000 Untagged ports STP disabled Both ports are tagged members of VLAN 1 and VLAN 2 Non 802 1Q tagging switch 9802EA Key VLAN 1 PVID 1 VLAN 2 PVID 2 VLAN 3 PVID 3 S1 S2 S4 S3 V1 V2 V2 V1 V2 V3 Non 802 1Q tagging switch ...

Page 122: ...n If a port is on a trunk with a mirroring port the VLAN configuration cannot be changed VLANs are not dependent on Rate Limiting settings If a port is an IGMP member on any VLAN and is removed from a VLAN the port s IGMP membership is also removed If a port is added to a different VLAN and it is already configured as a static router port the port is configured as an IGMP member on that specific V...

Page 123: ...P host provides an IP Multicast stream to designated routers that forward the IP Multicast stream on their local network only if there is a recipient The client server path is set up as follows 1 The designated router sends out a host membership query to the subnet and receives host membership reports from end stations on the subnet 2 The designated routers then set up a path between the IP Multic...

Page 124: ...epresent a LAN connected to an IP Multicast router The router periodically sends Host Membership Queries to the LAN and listens for a response from end stations All of the clients connected to switches S1 to S4 are aware of the queries from the router Non IP Multicast filtering switch Non IP Multicast filtering switch Host membership report Multicast stream BS45021B Host membership query Designate...

Page 125: ...to its upstream neighbor S1 Figure 36 Business Policy Switch filtering IP multicast streams 1 of 2 Switch S1 treats the consolidated proxy reports from S2 and S4 as if they were reports from any client connected to its ports and generates a consolidated proxy report to the designated router In this way the router receives a single consolidated report from that entire subnet Consolidated report BS4...

Page 126: ...roxy report generated by the switch remains transparent to layer 3 of the International Organization for Standardization Open Systems Interconnection ISO OSI model The switch IP address and MAC address are not part of proxy report generation The last reporting IGMP group member in each VLAN represents all of the hosts in that VLAN and IGMP group BS45023C Designated router Host membership query Int...

Page 127: ...rt members of at least one VLAN If a port is configured as a static router port it is configured as a static router port for all VLANs on that port The IGMP configuration is propagated through all VLANs of that port If a static router port is removed the membership for that port is removed from all VLANs of that port The IGMP snooping feature is not STP dependent The IGMP snooping feature is not R...

Page 128: ...ived by the switch on that port are tagged according to the priority level you assign to the port see Figure 38 Figure 38 Prioritizing packets The newly tagged frame is read within the switch and sent to the port s high or low transmit queue for disposition BS45024A Port 6 Port 7 Port 8 Port 1 PVID 2 Priority 6 Port 4 Port 5 Port 2 Port 3 802 1Q Switch High Low Key Priority CFI VID User_priority C...

Page 129: ... on a single unit or on multiple units within the same stack configuration as a distributed trunk MultiLink Trunking software detects misconfigured or broken trunk links and redirects traffic on the misconfigured or broken trunk link to other trunk members within that trunk You can use the Trunk Configuration screen with the CI menus the Web based management system the CLI or DM to create switch t...

Page 130: ...single port bandwidth limitations creating a MultiLink Trunk can supply the additional bandwidth required to improve the performance Figure 40 shows a typical switch to server trunk configuration In this example file server FS1 uses dual MAC addresses using one MAC address for each network interface card NIC For this reason FS1 does not require a trunk assignment FS2 is a single MAC server with a ...

Page 131: ...s accessing data from the servers FS1 and FS2 are provided with maximized bandwidth through trunks T1 T2 T3 T4 and T5 Trunk members the ports making up each trunk do not have to be consecutive switch ports you can select ports randomly as shown by T5 With spanning tree enabled one of the trunks T2 or T3 acts as a redundant backup trunk to Switch S2 With spanning tree disabled you must configure tr...

Page 132: ...Before you configure your MultiLink Trunk you must consider these settings along with specific configuration rules as follows 1 Read the configuration rules provided in the next section MultiLink Trunking configuration rules 2 Determine which switch ports up to four are to become trunk members the specific ports making up the trunk A minimum of two ports are required for each trunk T2 S2 S3 T3 T4 ...

Page 133: ...y port that participates in MultiLink Trunking must be an active port set to Enabled via the Port Configuration screen or through network management All trunk members must have the same VLAN configuration before the Trunk Configuration screen s Trunk Status field can be set to Enabled using CI menus see Chapter 3 When an active port is configured in a trunk the port becomes a trunk member when you...

Page 134: ... members on the trunk You cannot configure a trunk member as a monitor port see Chapter 3 Trunks cannot be monitored by a monitor port however trunk members can be monitored see Port based mirroring configuration All trunk members must have identical IGMP configurations If you change the IGMP snooping configuration for any trunk member the IGMP snooping settings for all trunk members change How th...

Page 135: ...configuration Rate Limiting configuration Spanning tree considerations for MultiLink Trunks The spanning tree Path Cost parameter is recalculated based on the aggregate bandwidth of the trunk For example Figure 43 shows a four port trunk T1 with two port members operating at 100 Mb s and two at 10 Mb s Trunk T1 provides an aggregate bandwidth of 220 Mb s The Path Cost for T1 is 4 Path Cost 1000 Un...

Page 136: ...n example The switch can also detect trunk member ports that are physically misconfigured For example in Figure 44 trunk member ports 2 4 and 6 of Switch S1 are configured correctly to trunk member ports 7 9 and 11 of Switch S2 The Spanning Tree Port Configuration screen for each switch shows the port state field for each port in the Forwarding state 9807EA T1 T2 100 Mb s 100 Mb s 10 Mb s 100 Mb s...

Page 137: ...If Switch S2 s trunk member port 11 is physically disconnected and then reconnected to port 13 the Spanning Tree Port Configuration screen for Switch S1 changes to show port 6 in the Blocking state Figure 45 T1 S1 Port Configuration screen 9808EA S2 Port Configuration screen S1 S2 Business Policy Switch 2 Business Policy Switch 2000 ...

Page 138: ... the individual trunk members the specific ports that make up the trunk logically connect and react as a single entity For example if you change spanning tree parameters for any trunk member the spanning tree parameters for all trunk members change S1 Port Configuration screen 9809EA S2 Port Configuration screen Blocking T1 S1 S2 Business Policy Switch 2000 Business Policy Switch 2 ...

Page 139: ... ports 13 14 15 and 16 are trunk members of trunk T1 the management station views trunk T1 as spanning tree port 13 For more information on configuring MultiLink Trunking VLANs and spanning tree groups refer to Chapter 1 for guidelines on configuring spanning tree groups For more information about using the MultiLink Trunking feature see Chapter 3 See also Appendixes for configuration flowcharts t...

Page 140: ...ration Figure 46 shows an example of a port based mirroring configuration where port 23 is designated as the monitor port for ports 24 and 25 of Switch S1 Although this example shows ports 24 and 25 monitored by the monitor port port 23 any of the trunk members of T1 and T2 can also be monitored In this example Figure 46 shows port X and port Y as members of Trunk T1 and Trunk T2 Port X and port Y...

Page 141: ...ll traffic transmitted by port X Monitor all traffic received and transmitted by port X Monitor all traffic received by port X or transmitted by port Y Monitor all traffic received by port X destined to port Y and then transmitted by port Y Monitor all traffic received transmitted by port X and transmitted received by port Y conversations between port X and port Y 9810EA StackProbe S1 S2 S3 Busine...

Page 142: ...Port Mirroring Configuration port based screen example Note The Unit value in the Unit Port field is not configurable when the switch is operating standalone For detailed information about the Port Mirroring screen fields see Chapter 3 Port Mirroring Configuration Monitoring Mode Port X or Port Y Monitor Unit Port 23 Unit Port X 25 Unit Port Y 24 Address A 00 00 00 00 00 00 Address B 00 00 00 00 0...

Page 143: ...d address B Figure 48 Address based mirroring configuration example In this configuration the designated monitor port port 23 can be set to monitor traffic in any of the following modes Monitor all traffic transmitted from address A to any address Monitor all traffic received by address A from any address Monitor all traffic received by or transmitted by address A Monitor all traffic transmitted b...

Page 144: ...ou press Enter in response to the Yes screen prompt The Monitoring Mode field Address A Address B indicates that all traffic transmitted by address A to address B will be monitored by the StackProbe attached to Monitor Port 23 Note The screen data displayed at the bottom of the screen changes to show the new currently active port mirroring configuration after you press Enter Note When you enter MA...

Page 145: ...nitor port the port is enabled for spanning tree participation When you create a port based port mirroring configuration be sure that the monitor port and both of the mirrored ports port X and port Y have the same configuration Use the VLAN Configuration screen to configure the VLAN see Chapter 3 Port Mirroring Configuration Monitoring Mode Address A Address B Monitor Unit Port 23 Unit Port X Unit...

Page 146: ...tings For port based monitoring of traffic use one of the following modes for monitoring broadcast IP Multicast or unknown DA frames Monitor all traffic received by port X Monitor all traffic transmitted by port X Monitor all traffic received and transmitted by port X Monitor all traffic received by port X or transmitted by port Y For more information about using the Port Mirroring feature see Cha...

Page 147: ...yStack 450 software version 4 1 When you are using a local console to access the BPS 2000 software version 1 2 features with a Hybrid or mixed stack BPS 2000 and BayStack 450 and 410 switches in the same stack you must plug your local console into a BPS 2000 unit To find out which version of the BPS 2000 software is running use the console interface CI menus or the Web based management system CI m...

Page 148: ...the CI menus and screens You can access the CI menus and screens locally through a console terminal attached to your Business Policy Switch remotely through a dial up modem connection or in band through a Telnet session see Chapter 1 You can connect your console cable into any unit in a Business Policy Switch only stack Pure BPS 2000 Stack mode for a unified stack interface For the mixed stack Hyb...

Page 149: ...possible values other options allow you to set or modify a parameter Navigating the CI menus and screens Use the following methods to navigate the CI menus and screens To select a menu option 1 Use the arrow keys to highlight the option name 2 Press Enter The option takes effect immediately after you press Enter Alternatively you can press the key corresponding to the underlined letter in the opti...

Page 150: ...Logout Main Menu MAC Address Table MAC Address Security Config EAPOL Security Configuration VLAN Configuration Port Configuration High Speed Flow Control Config MultiLink Trunk Config Port Mirroring Configuration Rate Limiting Configuration IGMP Config Display Port Statistics Clear All Port Statistics Stack Operational Mode Spanning Tree Group Configuration Spanning Tree Port Configuration Display...

Page 151: ...ibes the options available from the CI main menu Figure 51 The CI screens and submenus for these options are described in the following sections Note The field values shown in the CI screens in this section are provided as examples only Note Some menu options shown in this main menu example and in other screen examples in this chapter may not appear on your screen depending on the switch options i...

Page 152: ...isplays the System Characteristics screen see System Characteristics screen on page 162 This screen allows you to view switch characteristics including number of resets power status hardware and software version and MAC address This screen also contains three user configurable fields sysContact sysName and sysLocation When the switch is part of a stack configuration this screen also displays the b...

Page 153: ...le terminal to communicate with the Business Policy Switch as if the console terminal were directly connected to it You can have up to 10 active Telnet sessions running at one time in either a standalone switch or a stack configuration You can use the Command Line Interface CLI DM or Web based management system or these menus with a Telnet session This screen also allows you to set the switch to a...

Page 154: ...fehls zur Rücksetzung auf die Standardeinstellungen werden alle von Ihnen konfigurierten Einstellungen durch die werkseitigen Standardeinstellungen ersetzt wenn Sie die Eingabetaste drücken Attention Si vous restaurez la configuration usine votre configuration courante sera remplacée par la configuration usine dès que vous appuierez sur Entrée Precaución Si selecciona el comando Restaurar valores ...

Page 155: ... fields Note The read only fields in this screen are updated based on the BootP mode specified in the BootP Request Mode field See Choosing a BootP request mode on page 157 for more information IP Configuration Setup BootP Request Mode BootP When Needed Configurable In Use Last BootP In Band Stack IP Address 10 30 31 108 10 30 31 108 0 0 0 0 In Band Switch IP Address 10 30 31 106 0 0 0 0 In Band S...

Page 156: ...y received In Band Stack IP Address The in band stack IP address field This field is not required for the operation of the standalone switch Default Value 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is represented as a decimal value between 0 and 255 separated by a decimal point In Band Switch IP Address The in band IP address of the switch This field i...

Page 157: ...ecimal value between 0 and 255 separated by a decimal point Default Gateway The IP address of the default gateway Default Value 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is represented as a decimal value between 0 and 255 separated by a decimal point IP Address to Ping The IP address of the network device you want to ping This field is not required fo...

Page 158: ... is currently in use these actions take effect only after the switch is reset or power cycled BootP Always Allows the switch to be managed only when configured with the IP address obtained from the BootP server When selected this mode operates as follows The switch continues to broadcast BootP requests regardless of whether an in band IP address is set from the console terminal If the switch recei...

Page 159: ... if a BootP server is not reachable When selected this mode operates as follows When the IP data is entered from the console terminal the data becomes the in band address of the switch and BootP requests are not broadcast The switch can be managed using this in band IP address When the in band IP address is not set from the console terminal the switch broadcasts BootP requests until it receives a ...

Page 160: ...nu Figure 53 SNMP Configuration screen SNMP Configuration Read Only Community String public Read Write Community String private Trap 1 IP Address 0 0 0 0 Community String Trap 2 IP Address 0 0 0 0 Community String Trap 3 IP Address 0 0 0 0 Community String Trap 4 IP Address 0 0 0 0 Community String Authentication Trap Enabled AutoTopology Enabled Enter text press Return or Enter when complete Pres...

Page 161: ... set when viewed from the console terminal however no traps will be sent to that address until the row status is set to Valid Number one of four trap IP addresses Successive trap IP address fields are numbered 2 3 and 4 Each trap address has an associated community string see Community String Default Value 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is ...

Page 162: ...menu Figure 54 System Characteristics screen System Characteristics Operation Mode Stack Unit 1 Size Of Stack 2 Base Unit 1 MAC Address 00 80 2C 8D 23 DF Reset Count 16 Last Reset Type Management Reset Power Status Primary Power Local MDA Type None sysDescr Business Policy Switch 2000 HW AB3 FW V1 2 SW v1 2 0 0 ISVN 2 sysObjectID 1 3 6 1 4 1 45 3 40 1 sysUpTime 0 days 0 11 3 sysServices 3 sysConta...

Page 163: ...dicates the unit number of the switch that is currently operating as the base unit MAC Address The MAC address of the switch or when the switch is participating in a stack configuration the MAC address of the stack configuration Reset Count A read only field that indicates the number of resets since the operational firmware was first loaded on the switch Default Value 1 Range 0 to 232 1 4 294 967 ...

Page 164: ...o 56 printable characters1 sysName A name that uniquely identifies the switch Default Value Zero length string Range Any ASCII string of up to 56 printable characters1 sysLocation The physical location of the switch Default Value Zero length string Range Any ASCII string of up to 56 printable characters 1 Although this field can be set to up to 255 characters from a Network Management Station NMS ...

Page 165: ...ion Menu screen on page 169 This screen allows you to set up the MAC address security feature and provides the following options MAC Address Security Configuration MAC Address Security Port Configuration MAC Address Security Port Lists and MAC Address Security Table This menu allows you to enable and disable security features on the port and trunk levels Switch Configuration Menu MAC Address Table...

Page 166: ...k Trunk Configuration Displays the MultiLink Trunk Configuration Menu see MultiLink Trunk Configuration Menu screen on page 207 This menu provides the following options MultiLink Trunk Configuration and MultiLink Trunk Utilization This menu allows you to create and modify trunks and to monitor the bandwidth utilization of configured trunks Port Mirroring Configuration Displays the Port Mirroring C...

Page 167: ...ng Yes to clear all port statistics for all switch ports No to abort the option If the switch is participating in a stack configuration choose one of the following Clear all port statistics for a specific unit in the stack Clear all port statistics for the entire stack No to abort the option Stack Operational Mode Displays the stack operational mode screen which provides information about the type...

Page 168: ...e Aging Time 300 seconds Find an Address 00 00 00 00 00 00 Select VLAN ID 1 Number of addresses 51 00 00 81 65 20 02 Unit 2 Port 24 00 00 81 C1 9B 81 Unit 2 Port 24 00 00 81 C1 F6 81 Unit 2 Port 24 00 03 4B 40 2B F4 Unit 2 Port 24 00 08 C7 02 C4 C0 Unit 2 Port 24 00 08 C7 20 CC AE Unit 2 Port 24 00 08 C7 90 2E E5 Unit 2 Port 24 00 20 AF 9E 9E FD Unit 2 Port 24 00 60 08 95 A6 F5 Unit 2 Port 24 00 6...

Page 169: ...You must also include the MAC address of any router connected to any secure ports When the switch software detects a security violation the response can be to send a trap turn on destination address DA filtering disable the specific port or any combination of these three options To open the MAC Address Security Configuration screen Choose MAC Address Security Configuration from the Switch Configur...

Page 170: ... MAC Security for each port MAC Address Security Port Lists Displays the MAC Address Security Port Lists screen see MAC Address Security Port Lists screens on page 176 This screen allows you to create port lists that can be used as an allowed source port list for a MAC address in the MAC Address Security Table screen MAC Address Security Table Displays the MAC Address Security Table screen see MAC...

Page 171: ... Address Security Configuration Menu to open the MAC Address Security Configuration screen Figure 58 MAC Address Security Configuration screen MAC Address Security Configuration MAC Address Security Disabled MAC Address Security SNMP Locked Disabled Partition Port on Intrusion Detected Disabled DA Filtering on Intrusion Detected Disabled Generate SNMP Trap on Intrusion Disabled MAC Security Table ...

Page 172: ...trusion even is detected see MAC Address Security field description the specified switch port is set to Disabled partitioned from other switch ports When the field is set to Disabled the port remains enabled even if an intrusion event is detected Enabled the port becomes disabled then automatically resets to enabled depending on the value set in the Partition Time field Forever the port becomes di...

Page 173: ... to be cleared using this field the specific port or ports will be cleared for each of the entries listed in the MAC Address Security Table If you totally clear the allowed Source Port s field leaving a blank field for an entry the associated MAC address for that entry is also cleared Default NONE Range NONE ALL a port number list for example 1 1 2 6 etc Learn by Ports All source MAC addresses of ...

Page 174: ...4 Chapter 3 Using the console interface 208700 B To open the MAC Address Security Port Configuration screen Choose MAC Address Security Port Configuration from the MAC Address Security Configuration Menu ...

Page 175: ...Disabled More Press Ctrl N to display choices for additional ports Use space bar to display choices press Return or Enter to select choice Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu MAC Security Port Configuration Port Trunk Security 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled 21 Disabled 22 Disabled 23 Disabled 24 Disabled Switch Enable...

Page 176: ...s in the MAC Address Security Table screen You can create as many as 32 port lists using up to five MAC Address Security Port Lists screens see Figure 61 Table 18 MAC Security Port Configuration screen fields Field Description Port Displays a numbered port list Trunk Displays the trunk number if the port is a member of that trunk Default blank field Security This field value determines whether or ...

Page 177: ...nter unit port 1 NONE 1 ALL 2 3 4 7 9 press Return or Enter when done Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu MAC Address Security Port Lists Entry Port List S15 S16 S17 S18 S19 S20 S21 More Press Ctrl N to display next screen Press Ctrl P to display previous screen Enter unit port 1 NONE 1 ALL 2 3 4 7 9 press Return or Enter when done Press Ctrl R to return to ...

Page 178: ...eld indicates the port list number S1 to S32 that corresponds to the values you set in the Port List field Port List This field allows you to create a port list that you can use as an Allowed Source in the MAC Address Security Table screen Note NONE and ALL must be entered in uppercase characters as shown in the screen prompt MAC Address Security Port Lists Entry Port List S1 1 1 7 2 1 7 2 9 3 1 4...

Page 179: ...repetitive tasks You can use certain keystrokes as accelerator keys to help speed up repetitive tasks For example suppose you want to modify the Port List field in the MAC Address Security Port List screen Figure 62 on page 178 You can modify the port list in any of the following ways Add a new port to an existing port number list Remove a port from an existing port number list Copy an existing fi...

Page 180: ...isting port number list To remove a port from the port number list use the minus sign character instead of the plus sign character as described above Copying an existing field into and adjacent field You can use the period character to copy a previously entered field value into the field directly next to it For example to copy the Allowed Source S3 shown in Figure 62 on page 178 into the next fiel...

Page 181: ...Return or Enter when complete Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu MAC Address Security Table Find an Address 00 00 00 00 00 00 MAC Address Allowed Source MAC Address Allowed Source Screen 1 More Press Ctrl N to display next screen Enter MAC Address xx xx xx xx xx xx press Return or Enter when complete Press Ctrl R to return to previous menu Press Ctrl C to r...

Page 182: ...t take effect until the Allowed Source field is set to some value a single unit port number or a port list value that you previously configured in the MAC Address Security Port Lists screen You can clear an existing MAC address field by entering zero 0 in the field and pressing Enter Default no address assigned Range A range of 6 Hex Octets separated by dashes multicast1 and broadcast addresses ar...

Page 183: ... your RADIUS server refer to your RADIUS server documentation Allowed Source Allows you to specify the ports that each MAC address is allowed to access The options for the Allowed Source field include a single unit port number or a port list value that you have previously configured in the MAC Address Security Port Lists screen Default Blank field Range A single unit port or a port list value for ...

Page 184: ...r when stacking is configured to view or configure To view or configure another unit type its unit number and press Enter or press the spacebar to toggle the unit numbers If you set this field value to All other screen field values you modify apply to all stack ports EAPOL Security Configuration EAPOL Administrative State Disabled Unit 1 Port 1 Initialize No Administrative Status Force Authorized ...

Page 185: ...ative Status Allows you to set the EAPOL authorization status for the specified unit port Default Force Authorized Range Force Authorized Force Unauthorized Auto Force Authorized means the specified unit port authorization status is always authorized Force Unauthorized means the specified unit port authorization status is always Unauthorized Auto means the specified unit port authorization status ...

Page 186: ...field see next field description Default Enabled Range Enabled Disabled Re authentication Period When the Re Authentication field value see preceding field is set to enabled this field allows you to specify the time period between successive EAPOL authentications for the specified unit port Default 3600 seconds Range 1 to 604800 seconds Quiet Period Allows you to specify the time period between an...

Page 187: ...ne protocol based VLAN with the same PID Untagged ports cannot belong to different VLANs of the same protocol type however tagged ports can You can configure up to 48 MAC SA based VLANs Up to 48 MAC addresses can be used with the existing MAC SA based VLANs Due to hardware limitations it is possible that some MAC address cannot be entered depended on the values of MAC addresses previously entered ...

Page 188: ...l cabling To open the VLAN Configuration Menu Choose VLAN Configuration or press v from the Switch Configuration Menu screen Figure 66 VLAN Configuration Menu screen Note Refer to Chapters 1 and 2 for detailed information about configuring VLANs VLAN Configuration Menu VLAN Configuration MAC Addresses for MAC SA Based VLAN VLAN Port Configuration VLAN Display by Port Return to Switch Configuration...

Page 189: ...ed with the specified packets When you configure ports as VLAN port members they become part of a set of ports that form a broadcast domain for a specific VLAN You can assign switch ports whether standalone or stacked unit ports as VLAN port members of one or more VLANs Table 22 VLAN Configuration Menu Screen options Option Description VLAN Configuration Displays the VLAN Configuration screen see ...

Page 190: ...ing rules Refer to Chapter 2 for a description of important terms used with 802 1Q VLANs You can also use this screen to create and to delete specific VLANs to assign VLAN names and to assign any VLAN as the management VLAN To open the VLAN Configuration screen Choose VLAN Configuration or press v from the VLAN Configuration Menu screen ...

Page 191: ... different VLANs except VLAN 1 Default 1 Range 2 to 4094 Delete VLAN Allows you to delete specified VLANs except the assigned management VLAN See Management VLAN field Enter the number of the VLAN you want to delete then press Return or use the space bar to toggle through the selection until you reach the VLAN you want to delete then press Return VLAN Configuration Create VLAN 1 VLAN Type Port Bas...

Page 192: ...ent VLAN Learning IVL each VLAN using a unique forwarding database To set this field the VLAN State field value must be Inactive IVL is a Business Policy Switch only feature The IVL option is enabled only in Pure BPS 2000 Stack mode The SVL option is enabled in the Hybrid Stack mode See Stack Operational Mode screen on page 230 Default SVL in a mixed stack or in a pure Business Policy Switch stack...

Page 193: ...on parameters that are associated with that VLAN are also deleted Default Inactive Range Inactive Active Port Membership Allows you to assign VLAN port memberships to standalone or stacked unit ports The ports can be configured in one or more VLANs To set this field you must set the VLAN State field to Active Certain restrictions apply for Gigabit and BayStack 410 ports see Gigabit ports restricti...

Page 194: ...t Type 2 and Ethernet Snap frames Declat Ether2 Ethernet type 2 6004 DEC LAT protocol DecOther Ether2 Ethernet type 2 6000 6003 6005 6009 8038 Other DEC protocols Sna 802 2 Ethernet 802 2 04 04 IBM SNA on IEEE 802 2 frames Sna Ether2 Ethernet type 2 80D5 IBM SNA on Ethernet Type 2 frames NetBios 802 2 Ethernet type 2 F0 F0 NetBIOS protocol Xns Ether2 Ethernet type 2 0600 0807 Xerox XNS Vines Ether...

Page 195: ... ethertype for Ethernet type 2 frames The PID in Ethernet SNAP frames The DSAP or SSAP value in Ethernet 802 2 frames The following PIDs Table 25 are reserved and are not available for user defined PIDs Table 25 Reserved PIDs PID Value hex Comments 04 04 Sna 802 2 F0 F0 NetBIOS 802 2 AAAA SNAP 0 05DC Overlaps with 802 3 frame length 0600 0807 Xns Ether2 0BAD Vines Ether2 4242 IEEE 802 1D BPDUs 600...

Page 196: ...o select a MAC SA based VLAN Default The least valued active MAC SA based VLAN will be displayed Range 2 to 4094 must be a currently active MAC SA based VLAN Display Create MAC Address Allows you to enter a MAC address If the address is already present in the selected MAC SA based VLAN its state is displayed Otherwise that address will be activated in the MAC SA based VLAN MAC Address State Displa...

Page 197: ...appropriate PVID VLAN association that enables the creation of VLAN broadcast domains see Chapters 1 and 2 for more information about setting up VLAN broadcast domains You can configure specified switch ports to filter discard all received tagged frames untagged frames or unregistered frames see Chapters 1 and 2 Refer to the guidelines for configuring spanning tree groups in Chapter 1 for more inf...

Page 198: ...rt type its port number and press Enter or press the spacebar to toggle the port numbers Filter Tagged Frames Allows you to set this port to filter discard all received tagged packets Default No Range No Yes Filter Untagged Frames Sets this port to filter discard all received untagged frames Default No Range No Yes VLAN Port Configuration Unit 1 Port 1 Filter Tagged Frames No Filter Untagged Frame...

Page 199: ... ports see CH1 Default 0 Range 0 to 7 Tagging Allows you to assign VLAN Port Membership tagging options to this port as follows Untagged Access Any VLAN that this port is a member of will not be 802 1Q tagged Tagged Trunk Any VLAN that this port is a member of will be 802 1Q tagged Restriction If this port is a Gigabit port or a BayStack 410 24T switch port that is a protocol based VLAN member you...

Page 200: ...igure 70 VLAN Display by Port screen Table 28 describes the VLAN Display by Port screen fields AutoPVID Automatically associates this PVID specific VLAN Default Disabled Range Enabled Disabled Table 27 VLAN Port Configuration screen fields continued Field Description VLAN Display by Port Unit 1 Port 1 PVID 1 Port Name Unit 1 Port 1 VLANs VLAN Name VLANs VLAN Name 1 VLAN 1 Use space bar to display ...

Page 201: ... the Switch Configuration Menu screen Table 28 VLAN Display by Port screen fields Field Description Unit Allows you to select a switch in your stack To view another switch type its switch number and press Enter or press the spacebar to toggle the switch numbers Port Allows you to select the number of the port you want to view To view another port type its port number and press Enter or press the s...

Page 202: ...play choices for additional ports Use space bar to display choices press Return or Enter to select choice Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu Port Configuration Unit 1 Port Trunk Status Link LnkTrap Autonegotiation Speed Duplex 1 Enabled Down On Enabled 15 Enabled Down On Enabled 16 Enabled Down On Enabled 17 Enabled Down On Enabled 18 Enabled Down On Enable...

Page 203: ... Gigabit MDA ports or fiber optic ports when installed Trunk The read only data displayed in this column indicates the trunks that correspond to the switch ports specified in the Trunk Members fields of the Trunk Configuration screen see MultiLink Trunk Configuration Menu screen on page 207 Status Allows you to disable any of the switch ports You can also use this field to control access to any sw...

Page 204: ... screen Speed Duplex1 Allows you to manually configure any port to support an Ethernet speed of 10 Mb s or 100 Mb s in half or full duplex mode This field is set by default to 1000 Mb s full duplex for Gigabit ports only Default Value 100Mbs Half when Autonegotiation is Disabled Range 10Mbs Half 10Mbs Full 100Mbs Half 100Mbs Full 1 Fiber optic ports can only be set to 100 Mb s Half or 100 Mb s Ful...

Page 205: ...it MDA Autonegotiation When enabled the port only advertises support for 1000 Mb s operation in full duplex mode Default Value Enabled Range Enabled Disabled Flow Control Allows you to control traffic and avoid congestion on the Gigabit MDA port Two modes are available see Choosing a high speed flow control mode for details about the two modes The Flow Control field cannot be configured unless you...

Page 206: ...pends transmission of frames for a number of slot times specified in the control frame or until a pause release control frame is received Both devices on the link must support this mode when it is selected Asymmetric mode This mode allows the link partner to send flow control pause frames to the Gigabit MDA port When a pause frame is received the receiving port suspends transmission of frames for ...

Page 207: ...switch ports together to form each trunk You can configure up to six MultiLink Trunks in each stack with trunk members in either a single unit or distributed between units within the stack configuration distributed trunking You can monitor the bandwidth usage for the trunk member ports within each trunk For more information about configuring MultiLink Trunks see Chapters 1 and 2 To open the MultiL...

Page 208: ...tiLink Trunk Configuration Displays the MultiLink Trunk Configuration screen Figure 75 This screen allows you to configure up to six MultiLink Trunks within a standalone switch or within a stack configuration You can group up to four switch ports together to form each trunk MultiLink Trunk Utilization Displays the MultiLink Trunk Utilization screen Figure 76 and Figure 77 This screen allows you to...

Page 209: ... trunk you may need to reconfigure the specific trunk members switch ports to return to the previous switch configuration See Chapter 1 for more information To open the MultiLink Trunk Configuration screen Choose Trunk Configuration or press t from the MultiLink Trunk Configuration Menu screen Figure 75 MultiLink Trunk Configuration screen MultiLink Trunk Configuration Trunk Trunk Members Unit Por...

Page 210: ...t when enabled allows the specified trunk to participate in the spanning tree This setting overrides those of the individual trunk members Fast is the same as Normal except that the state transition timer is shortened to two seconds Default Value Normal Range Normal Fast Disabled Trunk Mode The Trunk Mode column contains a single read only field for each row that indicates the default operating mo...

Page 211: ...six Choose MultiLink Trunk Utilization or press u from the MultiLink Trunk Configuration Menu screen to open the MultiLink Trunk Utilization screen Figure 76 MultiLink Trunk Utilization screen 1 of 2 MultiLink Trunk Utilization Trunk Traffic Type Unit Port Last 5 Minutes Last 30 Minutes Last Hour 1 Rx and Tx 3 6 90 0 70 0 90 0 3 7 20 0 55 0 80 0 3 9 35 0 45 0 45 0 3 17 85 0 35 0 20 0 2 Rx and Tx 4...

Page 212: ...Port column name only appears when the switch unit is part of a stack configuration It indicates that the ports in this row are associated with the specified unit number configured in the Unit field Last 5 Minutes This read only field indicates the percentage of packets of the type specified in the Traffic Type field utilized by the port in the last 5 minutes This field provides a running average ...

Page 213: ...ing port for ports 5 and 6 of stack unit 4 When installed as a standalone switch the screen does not display the Unit field designation To open the Port Mirroring Configuration screen Choose Port Mirroring Configuration or press i from the Switch Configuration Menu screen Last 30 Minutes This read only field indicates the percentage of packets of the type specified in the Traffic Type field utiliz...

Page 214: ...es the Address A and Address B screen fields where a user can specify MAC addresses to monitor Default Value Disabled Range See Table 35 Monitor Unit Port Indicates the port number of the specified unit that is designated as the monitor port Default Value Zero length string Range 1 to 8 1 to 28 depending on model type Port Mirroring Configuration Monitoring Mode Port X or Port Y Monitor Unit Port ...

Page 215: ...ignation This port will be monitored according to the value of Port Y in the Monitoring Mode field see Table 35 Default Value Zero length string Range 1 to 8 1 to 28 depending on model type Address A Indicates the MAC addresses that will be monitored by the designated port monitor when one of the address based monitoring modes is selected This port will be monitored according to the value of Addre...

Page 216: ... to Port Y and then transmitted by Port Y Port X and Port Y Monitor all traffic received transmitted by Port X and received transmitted by Port Y Address based Disabled Default value for this feature Address A any Address Monitor all traffic transmitted from Address A to any address any Address Address A Monitor all traffic received by Address A from any address Address A Monitor all traffic recei...

Page 217: ...one 56 0 22 0 23 0 2 Multicast 9 30 0 27 0 55 0 3 Both None 25 0 24 0 67 0 4 Both 10 72 0 33 0 55 0 5 Broadcast 10 35 0 54 0 78 0 6 Multicast 10 96 0 45 0 87 0 7 Both 10 86 0 67 0 60 0 8 Both 5 58 0 44 0 70 0 9 Multicast None 11 0 87 0 65 0 10 Both None 27 0 89 0 44 0 11 Both None 15 0 66 0 66 0 12 Both None 12 0 98 0 99 0 13 Both None 44 0 33 0 89 0 14 Both None 34 0 45 0 76 0 More Press Ctrl N t...

Page 218: ...bes the Rate Limiting Configuration screen fields Rate Limiting Configuration Unit 1 Port Packet Type Limit Last 5 Minutes Last Hour Last 24 Hours 15 Both None 44 0 56 0 0 0 16 Both None 67 0 34 0 0 0 17 Multicast 10 65 0 48 0 45 0 18 Both None 77 0 74 0 60 0 19 Both 10 80 0 89 0 90 0 20 Both None 78 0 83 0 98 0 21 Broadcast None 98 0 88 0 44 0 22 Both None 34 0 93 0 0 0 23 Both None 65 0 82 0 56 ...

Page 219: ...This read only field indicates the percentage of packets of the type specified in the Packet Type field received by the port in the last 5 minutes This field provides a running average of network activity and is updated every 15 seconds Note that this field indicates the receiving port s view of network activity regardless of the rate limiting setting Last Hour This read only field indicates the p...

Page 220: ...een Figure 81 IGMP Configuration Menu screen Table 37 describes the IGMP Configuration Menu screen options IGMP Configuration Menu IGMP Configuration Display Multicast Group Membership Return to Switch Configuration Menu Use arrow keys to highlight option press Return or Enter to select option Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu ...

Page 221: ...ocal multicast router The configured ports are VLAN port members of VLAN 5 To open the IGMP Configuration screen Choose IGMP Configuration or press g from the Switch Configuration Menu screen Table 37 IGMP Configuration Menu screen options Option Description IGMP Configuration Displays the IGMP Configuration screen see IGMP Configuration screen on page 221 This screen allows you to set up IGMP VLA...

Page 222: ... Snooping Allows you to enable or disable IGMP Snooping This field affects all VLANs for example if you disable snooping on the VLAN specified in the screen s VLAN field ALL VLANs are disabled for snooping Default Value Enabled Range Enabled Disabled IGMP Configuration VLAN 1 Snooping Enabled Proxy Enabled Robust Value 2 Query Time 125 seconds Set Router Ports Version 1 Static Router Ports 1 6 7 1...

Page 223: ... Allows a user to control the number of IGMP messages allowed on the subnet by varying the Query Interval the Query Interval is the interval between general queries sent by the multicast router This field affects only the VLAN specified in the screen s VLAN field for example if you change the Query Time value field on the VLAN specified in the screen s VLAN field other VLANs are not affected Defau...

Page 224: ...n switch ports to any port that has a path to a multicast router When the unit is part of a stack configuration the screen displays the unit numbers of the switches configured in the stack along with the corresponding ports The configured ports do not filter any IP Multicast traffic The Static Router Ports fields are displayed in six port groups for example 1 6 7 12 13 18 The number of ports displ...

Page 225: ...igurations the maximum number of VLANs that can be displayed is 256 Multicast Group Address Displays all of the IP Multicast group addresses that are currently active on the associated port Port Displays the port numbers that are associated with the IP Multicast group addresses displayed in the IP Multicast group address field Multicast Group Membership VLAN 1 Multicast Group Address Port 277 37 3...

Page 226: ...compare and evaluate throughput or other port parameters All screen data is updated approximately every 2 seconds You can use the Port Statistics screen to clear reset to zero port counters for a specific switch or port Alternatively you can use the Clear All Port Statistics option to clear port counters for all switches or ports see Switch Configuration Menu screen on page 164 To open the Port St...

Page 227: ...s 0 Broadcasts 0 Broadcasts 0 Total Octets 0 Total Octets 0 Lost Packets 0 Packets 64 bytes 0 Packets 64 bytes 0 65 127 bytes 0 65 127 bytes 0 128 255 bytes 0 128 255 bytes 0 256 511 bytes 0 256 511 bytes 0 512 1023 bytes 0 512 1023 bytes 0 1024 1518 bytes 0 1024 1518 bytes 0 FCS Errors 0 Collisions 0 Undersized Packets 0 Single Collisions 0 Oversized Packets 0 Multiple Collisions 0 Filtered Packe...

Page 228: ...lticast packets transmitted successfully on this port excluding broadcast packets Broadcasts Received column Indicates the total number of good broadcast packets received on this port Transmitted column Indicates the total number of broadcast packets transmitted successfully on this port Total Octets Received column Indicates the total number of octets of data including data in bad packets receive...

Page 229: ... bytes and with proper CRC and framing also known as short frames or runts Oversized Packets Indicates the total number of packets received on this port with more than 1518 bytes and with proper CRC and framing also known as oversized frames Filtered Packets Indicates the number of packets filtered not forwarded by this port Flooded Packets Indicates the total number of packets flooded forwarded t...

Page 230: ...e frames cause the transmitting port to temporarily suspend the transmission of packets when the receiving port s frame buffer is full Gigabit ports only Received column Indicates the total number of pause frames received on this port Pause frames cause the transmitting port to temporarily suspend the transmission of packets when the receiving port s frame buffer is full Gigabit ports only Table 4...

Page 231: ...rrent Stack Operational Mode A read only field that indicates the current mode of your stack This field identifies a stack that contains only Business Policy Switches or a stack that contains a variety of switches Default Pure BPS 2000 Stack Range Hybrid Stack Pure BPS 2000 Stack Next Stack Operational Mode Allows you to set the configuration modes of your stack Press the spacebar to toggle betwee...

Page 232: ... Baud Caution If you choose a baud rate that does not match your console terminal baud rate you will lose communication with the configuration interface when you press Enter If communication is lost set your console terminal to match the new service port setting Console Comm Port Configuration Comm Port Data Bits 8 Data Bits Comm Port Parity No Parity Comm Port Stop Bits 1 Stop Bit Console Port Sp...

Page 233: ... de la consola al pulsar Intro Si se pierde la comunicación ajuste el terminal de la consola para que coincida con el nuevo valor del puerto de servicio Attenzione Nel caso in cui si scelga una velocità di trasmissione non corrispondente a quella del terminale della console la comunicazione con l interfaccia della console cadrà premendo il tasto Invio Se la comunicazione cade impostare il terminal...

Page 234: ...ce CI of any participating switch in a stack configuration through a Telnet session If you set this field to Required you can use the Logout option to restrict access to the CI of any stack unit Thereafter you will need to specify the correct password at the console terminal prompt when accessing the stack See Console Read Only Stack Password and Console Read Write Stack Password for more informat...

Page 235: ...les mots de passe par défaut du système assurez vous de bien noter vos nouveaux mots de passe et de les conserver dans un endroit sûr Si vous perdez vos nouveaux mots de passe vous ne pourrez plus accéder à votre interface Le cas échéant veuillez contacter Nortel Networks Precaución Si modifica las contraseñas predeterminadas asignadas por el sistema asegúrese de anotar las nuevas contraseñas y gu...

Page 236: ...the system supplied default passwords be sure to write the new passwords down and keep them in a safe place If you forget the new passwords you cannot access the console interface In that case contact Nortel Networks for help Achtung Wenn Sie die für das System standardmäßig eingestellten Paßwörter ändern notieren Sie sich die neuen Paßwörter und bewahren Sie sie an einem sicheren Ort auf Falls Si...

Page 237: ...imary RADIUS server Default 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is represented as a decimal value separated by a decimal point Secondary RADIUS Server The IP address of the Secondary RADIUS server Default 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is represented as a decimal value separated by a deci...

Page 238: ...reen Note This menu option and screen appears only when the switch is participating in a stack configuration Renumber Stack Units Current Unit Number MAC Address New Unit Number 1 00 60 fd 77 a6 0c 1 2 00 60 fd 77 a5 f0 2 3 00 60 fd 77 a4 4c 3 4 00 60 fd 77 ab 84 4 Renumbering stack units will cause an automatic Reset to Current Settings to occur across the entire stack The current configuration w...

Page 239: ...s can also include unit numbers of units that are no longer participating in the stack not currently active MAC Address Read only field listing the MAC address of the corresponding unit listed in the Current Unit Number field New Unit Number User settable field showing the current unit number of each unit in the stack You can change any of the fields as required You can also delete entries by typi...

Page 240: ... p from the main menu Note Before configuring spanning tree groups refer to Chapters 1 and 2 for guidelines and interactions with VLANs and MLT Note You must use either the Command Line Interface CLI or Device Manager DM if you want to configure individual port values for path cost and priority Hardware Unit Information Switch Model MDA Model Cascade MDA Software Version Unit 1 BPS 2000 None 400 S...

Page 241: ...en see Spanning Tree Port Configuration screen on page 245 Display Spanning Tree Switch Settings Allows you to display the Spanning Tree Switch Settings screen see Spanning Tree Switch Settings screen on page 248 Display Spanning Tree VLAN Membership Allows you to display the Spanning Tree VLAN Membership screen see Spanning Tree VLAN Membership screen on page 248 Spanning Tree Configuration Menu ...

Page 242: ...ly 1 STG which is the default STG1 To open the Spanning Tree Group Configuration screen Choose Spanning Tree Group Configuration or press g from the Spanning Tree Configuration Menu screen Figure 90 shows the Spanning Tree Group Configuration screen Note Because multiple STGs are available only in Pure BPS 2000 Stack mode the first and fourth menu items do not appear when you work in Hybrid Stack ...

Page 243: ...o 8 Delete STP Group Allows you to delete a spanning tree group Default Value Blank Range 1 to 8 only created STP Groups are available Spanning Tree Group Configuration Create STP Group 1 Delete STP Group Bridge Priority 8000 Bridge Hello Time 2 seconds Bridge Max Age Time 20 seconds Bridge Forward Delay Time 15 seconds Add VLAN Membership 1 Delete VLAN Membership Tagged BPDU on tagged port No STP...

Page 244: ... Hello Time Default Value 2 seconds Range 1 to 10 seconds Bridge Max Age Time For the STP Group specifies the maximum age in seconds that a Hello message can attain before it is discarded This parameter specified by management for this bridge takes effect only when the bridge becomes the root bridge Note that if this bridge becomes the root bridge its Maximum Age Time parameter value becomes the A...

Page 245: ... delete a VLAN from the specified spanning tree group Default Value Blank Range 1 to 4094 but only configured ones are available NOTE You cannot remove VLAN 1 from STP Group 1 Tagged BPDU on tagged port Allows you to choose to send either tagged or untagged BPDUs from a tagged port Default Value STP Group 1 No Other STP Groups Yes Range No or Yes STP Group State Allows you to make the STP Group ac...

Page 246: ...arning 128 10 Forwarding 4 Normal Learning 128 10 Forwarding 5 Normal Learning 128 10 Forwarding 6 Normal Learning 128 10 Forwarding 7 Normal Learning 128 10 Forwarding 8 Normal Learning 128 10 Forwarding 9 Normal Learning 128 10 Forwarding 10 Normal Learning 128 10 Forwarding 11 Normal Learning 128 10 Forwarding 12 Normal Learning 128 10 Forwarding 13 Normal Learning 128 10 Forwarding 14 Normal L...

Page 247: ...l switch ports and when the switch is part of a stack the values in the Stack row affect all ports in the entire stack Trunk The read only data displayed in this column indicates the trunks that correspond to the switch ports specified in the Trunk Members fields of the Trunk Configuration screen see MultiLink Trunk Configuration Menu screen on page 207 Participation Allows you to configure any or...

Page 248: ... Priority Range 1 to 65535 State This read only field indicates the current port state within the spanning tree network Each port can transition to various states as determined by the Participation field setting For example when the Participation field is set to disabled the port does not participate in spanning tree and transitions to the Forwarding state the default When the Participation field ...

Page 249: ...xed stack mode Spanning Tree Switch Settings STP Group 1 Bridge Priority 8000 Designated Root 8000000342F6DE21 Root Port Unit 2 Port 2 Root Path Cost 30 Hello Time 2 seconds Maximum Age Time 20 seconds Forward Delay 15 seconds Bridge Hello Time 2 seconds Bridge Maximum Age Time 20 seconds Bridge Forward Delay 15 seconds Use space bar to display choices press Return or Enter to select choice Press ...

Page 250: ...Spanning tree uses this parameter to determine the root bridge or designated bridge For example the bridge with the lowest bridge ID becomes the root bridge with Bridge Priority values compared first followed by the hardware addresses Designated Root For STP Group indicates the bridge ID of the root bridge as determined by spanning tree Root Port For STP Group indicates the switch port number that...

Page 251: ...t for this bridge This parameter takes effect only when this bridge becomes the root bridge Note that although you can set the Hello Interval for a bridge using bridge management software once the spanning tree computation process is complete all bridges participating in the spanning tree network use the root bridge s Hello Interval parameter value If any bridge becomes the root bridge its Hello I...

Page 252: ...nu screen The Forward Delay parameter value specifies the amount of time that the bridge ports remain in the Listening and Learning states before entering the Forwarding state Note that all bridges participating in the spanning tree network use the root bridge s Forward Delay parameter value See also Forward Delay Note Because multiple STGs are available only in Pure BPS 2000 Stack mode the Spanni...

Page 253: ...TG you want to view To view another STG type that STG ID number and press Enter or press the spacebar on your keyboard to to toggle the STP Group numbers Default Value 1 Range 1 to 8 only created STP Groups display VLAN Membership Displays the total number of VLANs in the specified STP Group as well as the VLAN IDs of the VLAN members Spanning Tree VLAN Membership STP Group 1 Total VLAN Membership...

Page 254: ...LNET SNMP Web Access Configuration screen TELNET SNMP WEB Access Configuration TELNET Access Use List Login Timeout 1 minute TELNET Enabled No Login Retries 3 SNMP Enabled No Inactivity Timeout 15 minutes WEB Enabled No Event Logging All Allowed Source IP Address Allowed Source Mask 1 0 0 0 0 0 0 0 0 2 255 255 255 255 255 255 255 255 3 255 255 255 255 255 255 255 255 4 255 255 255 255 255 255 255 ...

Page 255: ... be inactive before it is terminated Default Value 15 minutes Range 0 to 60 minutes 0 indicates no timeout Event Logging Specifies the types of events that will be displayed in the Event Log screen see System Log screen on page 269 Default Value All Range All None Accesses Failures Description All Logs the following Telnet events to the Event Log screen TELNET connect Indicates the IP address and ...

Page 256: ... addresses that are allowed Telnet access to the management systems Default Value 0 0 0 0 no IP address assigned Range Four octet dotted decimal notation where each octet is represented as a decimal value separated by a decimal point Allowed Source Mask Specifies up to 10 user assigned allowed source address masks The remote IP address is masked with the Allowed Source Mask and if the resulting va...

Page 257: ...ie die Stromzufuhr zum Gerät nicht während die Software heruntergeladen wird Bei Unterbrechung der Stromzufuhr kann das Firmware Image beschädigt werden Attention Ne pas couper l alimentation de l appareil pendant le chargement du logiciel En cas d interruption le programme résident peut être endommagé Precaución No interrumpa la alimentación del dispositivo durante el proceso de descarga del soft...

Page 258: ...n IP address for the switch or stack if configured To learn how to configure the switch or stack IP address refer to IP Configuration Setup screen on page 155 To open the Software Download screen Choose Software Download or press f from the main menu You can monitor the software download process by observing the LEDs see LED Indications during the download process on page 261 ...

Page 259: ... Filename TFTP Server IP Address 0 0 0 0 Start TFTP Load of New Image No Enter text press Return or Enter when complete Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu Software Download BPS 2000 Image Filename BPS 2000 Diagnostics Filename 450 Image Filename TFTP Server IP Address 10 170 119 5 Start TFTP Load of New Image No Enter text press Return or Enter when complet...

Page 260: ...software releases may require you to download two images the boot code image and the agent image For proper operation of the switch the new boot code image must be downloaded before the agent image is downloaded Default Value Zero length string Range An ASCII string of up to 30 printable characters TFTP Server IP Address The IP address of your TFTP load host Default Value 0 0 0 0 no IP address ass...

Page 261: ... The Configuration File Menu screen Figure 97 allows you to upload and download the configuration parameters of a BPS 2000 switch or stack to a TFTP server With software version 1 2 or higher you can also download an ASCII configuration file from a TFTP server These options allow you to store your switch stack configuration parameters on a TFTP server You can retrieve the configuration parameters ...

Page 262: ...to the configuration file certain parameters are not saved see Table 53 on page 266 Table 51 Configuration File Menu screen options Option Description Configuration File Download Upload Displays the Configuration File Download Upload screen see Configuration File Download Upload screen on page 262 Ascii Configuration File Download Displays the ASCII Configuration File Download screen see ASCII Con...

Page 263: ...ure 98 Configuration File Download Upload screen Table 52 describes the Configuration File Download Upload screen fields Configuration File Download Upload Configuration Image Filename TFTP Server IP Address 132 245 164 4 Copy Configuration Image to Server No Retrieve Configuration Image from Server No Enter text press Return or Enter when complete Press Ctrl R to return to previous menu Press Ctr...

Page 264: ...et dotted decimal notation where each octet is represented as a decimal value separated by a decimal point Copy Configuration Image to Server Specifies whether to copy the presently configured switch stack parameters to the specified TFTP server default is No Use the spacebar to toggle the selection to Yes Press Enter to initiate the process Default Value No Range Yes No Retrieve Configuration Ima...

Page 265: ...hat have the same firmware revision and model type as the donor standalone switch A configuration file obtained from a stack unit can only be used to configure other stacks that have the same number of switches firmware version model types and physical IDs as the stack the donor stack unit resides in Reconfigured stacks are configured according to the unit order number of the donor unit For exampl...

Page 266: ...rom the Configuration File Menu to open the ASCII Configuration File Download screen Table 53 Parameters not saved to the Configuration File These parameters are not saved Used in this screen See page In Band Stack IP Address IP Configuration Setup 155 In Band Switch IP Address In Band Subnet Mask Default Gateway Console Read Only Switch Password Console Comm Port Configuration 231 Console Read Wr...

Page 267: ...oad screen fields ASCII Configuration File Download ASCII Configuration Filename TFTP Server IP Address 132 245 164 4 Retrieve Configuration File from Server No Last Manual Configuration Status Passed Last Auto Configuration Status Passed Auto Configuration on Reset Disabled Enter text press Return or Enter when complete Press Ctrl R to return to previous menu Press Ctrl C to return to Main Menu ...

Page 268: ... download process begins immediately and when completed causes the switch stack to be configured according to the CLI commands in the file Use the spacebar to toggle the selection to Yes Press Enter to initiate the process Default Value No Range Yes No Last Manual Configuration Status The system displays if the last manual configuration passed or failed Default Value Passed Range Passed Failed Las...

Page 269: ...siness Policy Switch you are connected to through the Console Comm port System Log messages operate as follows NVRAM messages are retrievable after a system reset DRAM messages can be viewed while the system is operational All NVRAM and DRAM messages are time stamped When you restart your system after a reset the DRAM messages are deleted After a reset all messages stored in NVRAM are copied to DR...

Page 270: ...Clear Messages From None Idx Time Stamp Type Message 1 0D 0H 1M 53S I Warm Start Trap 2 0D 0H 1M 58S I Link Up Trap 3 0D 0H 1M 58S I Link Up Trap 4 0D 0H 1M 58S I Link Up Trap 5 0D 0H 1M 58S I Link Up Trap Type I Info S Serious C Critical Time zero means messages from last reset Press Ctrl P to see previous display Press Ctrl N to see more messages Press Ctrl R to return to previous menu Press Ctr...

Page 271: ...Choose Non Volatile NVRAM Volatile DRAM or Volatile Non Volatile Use the spacebar to toggle between the options Default Non Volatile Range Non Volatile Volatile Volatile Non Volatile Display configuration complete This field allows you to determine whether the configuration information received from NVRAM DRAM depending on what is selected in the Display Messages From field is complete Use the spa...

Page 272: ...272 Chapter 3 Using the console interface 208700 B ...

Page 273: ...rence for the Business Policy Switch 2000 Management Software Version 1 2 for detailed information In addition to these management systems policies can be configured using SNMP and Common Open Policy Services COPS The complexities of QoS are discussed in the remainder of this chapter which includes information about the following topics Summary on page 274 Differentiated Services DiffServ overview...

Page 274: ...ue Nortel Networks uses Differentiated Services DiffServ to provide QoS functionality A DiffServ architecture enables service discrimination of traffic flows or microflows by offering network resources to higher classes at the expense of lower classes of service This architecture allows you to prioritize microflows or aggregate flows and provides Quality of Service QoS that is scalable Briefly wit...

Page 275: ...ues Ingress port number For EtherType IP DSCP value IP protocol type such as TCP UDP TCP UDP source port range TCP UDP destination port range Summary of actions The BPS 2000 filters collectively direct the system to initiate the following actions on a packet depending on your configuration Pass or Drop Re mark the packet when Pass is selected Re mark a new DiffServ Codepoint DSCP Re mark the 802 1...

Page 276: ...t and the first six bits called the DS codepoint DSCP are used in the DiffServ architecture The DSCP marking dictates the forwarding treatment given to the packet at each hop This marking occurs at the edge of the DiffServ domain and is based on the policy or filter for the particular microflow or an aggregate flow Within the DiffServ network the marked packets are placed in a queue according to t...

Page 277: ...odepoints to per hop behavior PHB is configurable and the DSCP may be re marked as it passes through a DiffServ network Re marking the DSCP allows for the treatment of packets to be reset based on new network specifications or desired levels of service DiffServ assumes the existence of a Service Level Agreement SLA between DS domains that share a border The SLA defines the profile for the aggregat...

Page 278: ...control traffic Priority over user traffic Guaranteed minimum bandwidth Real time delay intolerant fixed bandwidth Premium Interhuman communications requiring interaction such as VoIP Absolute bounded priority over user traffic No packet loss for in profile traffic Virtual leased line with lowest amount of latency Provisioned for peak rate Real time delay tolerant low variable bandwidth Platinum I...

Page 279: ... deleted from an existing group A filter or filter group is associated through a policy with interface groups Packets received from any port that is in an interface group are classified with the same filters Non real time mission critical non interactive Bronze For example E mail FTP SNMP Lower priority scheduling providing guaranteed minimum provisioned bandwidth Competes for additional bandwidth...

Page 280: ... available layer 2 filters in the BPS 2000 The layer 2 filters are used to classify traffic based on the following criteria Layer 2 information including VLAN ID IEEE 802 1p priority and etherType Layer 3 information including DSCP and IP protocol such as TCP UDP Layer 4 information including TCP UDP port ranges Layer 2 classifiers can be associated with the following actions Drop matching packets...

Page 281: ...on including IP source and subnet addresses IP destination and subnet addresses DSCP and IP protocols such as TCP UDP Layer 4 information including TCP UDP port numbers port ranges are not supported by layer 3 filters IP filters have the same actions as layer 2 filters If an IP filter is installed on a trusted port then it cannot change the DSCP of the matching IP traffic or 802 1p user priority I...

Page 282: ...riority and drop precedence of the matching IP traffic For trusted ports you also need two layer 2 filters However the actions will not re mark the fields Layer 2 filters that do not match IP traffic pass the traffic through untouched With layer 2 filters that match IP traffic the hardware matches the fields using mapping tables you configure or uses the preset default tables which Nortel Networks...

Page 283: ...usted port Filters installed on trusted ports cannot change the DSCP of the IP packets received on these ports These filters specify an action that must change the IEEE 802 1p and drop precedence of the matching packets based on the incoming DSCP using a table that matches each one of the 64 DSCP values to the corresponding IEEE 802 1p priority The values can be modified by a policy server or by t...

Page 284: ...S 2000 uses a layer 2 filter to change the DSCP IEEE 802 1p to 0 and drop precedence to 1 so that the packet can get best effort treatment If an IP packet is untagged the BPS 2000 uses 8 default layer 2 filters to change the DSCP based on the default IEEE 802 1p priority of the ingress untrusted port The BPS 2000 changes the packet DSCP using the 802 1p priority mapping table that matches each one...

Page 285: ...t of 2 queues that are serviced using an absolute priority discipline Filters are installed only on cascade ports that are connected to BayStack 450 units in the stack BPS 2000 ports are associated with two types of queue sets Queue set 1 has four queues The first queue is serviced in an absolute priority fashion The other three queues are serviced in a WRR fashion Queue set 2 has two queues that ...

Page 286: ...You cannot change the characteristics of these queue sets such as the service discipline packet or buffer thresholds and queue weights for WRR scheduler You can change the default IEEE 802 1p to queue mapping and the default DSCP to IEEE 802 1p mapping using the Web based management interface SNMP the CLI or DM Note that the IEEE 802 1p to queue mapping for an interface port depends on the number ...

Page 287: ...eters you set a Committed Rate in Kb s 1000 bits per second in each Kb s All traffic within this Committed Rate is In Profile Additionally you set a Maximum Burst Rate that specifies an allowed data burst larger than the Committed Rate for a brief period After you set the Maximum Burst Rate the system helps you choose the Duration for this burst Combined these parameters define the In Profile traf...

Page 288: ... then the policy with the next lowest order and so on For example with an order of 1 to 20 the system begins the evaluation with 1 moves onto 2 and so forth This is important to remember when you configure policies A policy is a network traffic controlling mechanism that monitors the characteristics of the traffic for example its source destination and protocol and performs a controlling action on...

Page 289: ...ng packets depend on the DSCP and the 802 1 priority level and drop precedence The QoS class basically directs which group of packets receives the best network throughput which group of packets receives the next best throughput and so on The level of service for each packet is determined by the configurable DSCP The available levels of QoS classes are currently named Premium Platinum Gold Silver B...

Page 290: ...hed Default QoS settings The Business Policy Switch is shipped with limited default QoS information Defaults include a default interface group default user priority to queue mappings for each queue set and default DSCP to user priority mappings QoS configuration guidelines You can install filters that will act on traffic destined for the switch itself such as ICMP Echo Requests ping and SNMP messa...

Page 291: ...cy Services COPS protocol a query and response protocol that exchanges policy information messages using the Transmission Control Protocol TCP COPS ensures redundancy for devices to contact an alternate policy server should the primary server fail Specifically COPS for Provisioning COPS PR is used to download information COPS is used to communicate with edge devices on the network Some of the bene...

Page 292: ...292 Chapter 4 Policy enabled networks 208700 B ...

Page 293: ...rence for the Business Policy Switch 2000 Command Line Interface Software Version 1 2 You can configure QoS using the embedded Web based QoS Wizard in the The QoS Wizard allows you to configure simplified policies and common filters to control the behavior of network traffic in your standalone or stack switch configuration In addition you can prioritize a VLAN to receive better service than others...

Page 294: ...cs using the QoS Advanced Web pages Creating interface groups next Accepting default mapping values on page 298 Setting up filters and filter groups on page 298 Configuring actions on page 311 Configuring meters on page 313 Configuring policies on page 315 Assigning mapping values on page 318 Creating interface groups To create an interface group 1 In the Web based management interface click the A...

Page 295: ...nds to display Devices Rules Actions Meters Policies Agent 2 Click Devices The Devices menu option expands Figure 102 to display Interface Config Priority Q Assign Priority Mapping DSCP Q Assign DSCP Mapping Figure 102 Web based management menu page 3 Click Interface Config The Interface Configuration page opens Figure 103 ...

Page 296: ...ups of interfaces You can view your interface configurations in the read only Interface Queue Table and the Interface Group Table 4 Use the Interface Group Creation section to create a new Role Combination In the Role Combination field enter Webbrowsing Remember this is an example You can enter any string in this field Note Do not use spaces in the naming field ...

Page 297: ...he Set Drop Precedence and Update Priority fields in the QoS Advanced Action page the DSCP value will be used to update IEEE 802 1p user priority and drop precedence based on values in the DSCP mapping table 6 Click Submit The new entry appears in the Interface Group Table 7 Click the modify icon of the new role combination to assign interfaces The Interface Group Assignment page opens Figure 104 ...

Page 298: ...er groups are then associated with an interface group You configure filter specifications The QoS Advanced Rules IP Classification page or the QoS Advanced Rules Layer 2 Classification page allows you to enter matching conditions for an individual filter You set up special conditions for packet processing In order for packets to be processed a packet has to match all the fields you specify Note If...

Page 299: ...de point DSCP The DSCP has a specific value that determines how the packet is treated as it travels through the network As each packet is examined it will be forwarded or dropped depending on whether or not the filter criteria is matched You use the IP Filter Creation section of the Rules IP Classification page when defining your IP filters To define an IP filter 1 Click the Application QoS QoS Ad...

Page 300: ...mple QoS configuration 208700 B Figure 105 IP Classification page 1 of 2 Figure 106 IP Classification page 2 0f 2 2 In the Destination Address box click Network Address a In the Network Address field enter 134 177 69 0 ...

Page 301: ... 32 decimal value If you choose Ignore the DSCP value in the packet is ignored 5 In the Protocol field choose TCP from the list When you select TCP you specify that only TCP packets be matched If you select Ignore all IP protocols are matched 6 In the Destination Layer 4 Port field click Ignore 7 In the Source Layer 4 Port field click Ignore 8 Click Submit The new entry appears in the IP Filter Ta...

Page 302: ...inguishes this filter group from other filter groups 3 Click the Group check box in the Filter Group Table to include the entry in the filter group 4 Enter the Order number 1 This step establishes the evaluation order of filters in the group 5 Click Submit The new entry is displayed on the IP Group Modification page Figure 108 Note Do not leave spaces in your naming entry ...

Page 303: ...licy Switch 2000 Version 1 2 Figure 108 IP Group Modification page 6 Click Back The system returns you to IP Classification page The new filter appears in the IP Filter Table and the new filter group appears in the IP Filter Group Table Figure 109 and Figure 110 ...

Page 304: ...304 Chapter 5 Sample QoS configuration 208700 B Figure 109 IP Classification page 1 of 2 Figure 110 IP Classification page 2 0f 2 ...

Page 305: ...ng IEEE 802 based parameters and selective layer 3 and layer 4 parameters Layer 2 filter groups are defined by specifying the layer 2 filter to be included in the given filter group To configure a layer 2 filter 1 Click the Application QoS QoS Advanced Rules Layer 2 Classification menu option The Layer2 Classification page opens Figure 111 and Figure 112 ...

Page 306: ...tion page 1 of 2 Figure 112 Layer 2 Classification page 2 of 2 2 In the VLAN field choose VLAN 1 This filter matches packets in VLAN 1 3 In the VLAN Tag field choose Tagged Only packets that have an IEEE 802 1p tag match this layer 2 filter 4 In the EtherType field click Ignore ...

Page 307: ...r 6 In the DSCP field accept the default Ignore Any values that are in the DSCP field are ignored 7 In the Protocol field select Ignore All IP protocols are matched against the packet s IP protocol field 8 In the Destination IP Layer4 Port Range field click Ignore 9 In the Source IP Layer4 Port Range field click Ignore Any values for the packet s layer 4 source port are ignored 10 Click Submit The...

Page 308: ...try Now you can create a layer 2 filter group in the Layer2 Filter Group Table section of the Layer2 Classification page To create a layer 2 filter group entry 1 Click Create Filter Group in the Layer2 Filter Group Table section of the Layer 2 Classification page Figure 111 and Figure 112 The Layer2 Group page opens Figure 114 ...

Page 309: ...fication label to distinguish this filter group from other filter groups 3 Click the Group check box in the Filter Group Table to include the entry in the filter group 4 Enter the Order number 1 This entry establishes the evaluation order of filters in the group 5 Click Submit The new entry is displayed on the Layer 2 Group Modification page Figure 115 Note Do not leave spaces in your naming entry...

Page 310: ...Sample QoS configuration 208700 B Figure 115 Layer 2 Group Modification page 6 Click Back The system returns you to Layer 2 Classification page The new filter group appears in the Layer2 Filter Group Table Figure 116 ...

Page 311: ...ermine how a packet is to be processed You specify the actions associated with specific IP and layer 2 filter groups When filters match incoming packets the actions are performed on those packets Actions can be configured to re mark packets to change priorities and loss sensitivity drop precedence or to drop packets In order to use a particular action that action must be assigned to a meter refer ...

Page 312: ...ame field choose Transmit 4 In the Update DSCP field choose 47 0x2F This entry changes the DSCP value to the decimal value 47 in the match packet 5 In the Set Drop Precedence field choose Not Loss Sensitive 6 In the Update 802 1p Priority field select Priority 1 Priority 1 specifies a low priority 7 Click Submit The new entry is displayed in the Action Table Figure 118 ...

Page 313: ...lter associated with this action Configuring meters Metering or QoS traffic policing operates at ingress and provides different levels of service to data streams through user configurable parameters An example would be to limit traffic entering a port to a specified bandwidth such as 25 Kb s Committed Rate Instead of dropping all traffic that exceeds this threshold traffic policing allows you to c...

Page 314: ...er Creation section enter Practice 3 In the Data Specification field choose No Meter Data 4 In the In Profile Action field choose Generic 5 Click Submit The new entry is displayed in the Meter Table Figure 118 Note You must create a meter using the Meter page even if the traffic is not being metered choose No Meter Data The actions are defined using the meters so you must configure the Meter page ...

Page 315: ... packets that match a filter associated with this meter Configuring policies Now you are ready to configure a policy A policy is an interface group a group of filters filter set and the associated meter and action Policies are applied according to the precedence order that you assign in the QoS Advanced Policies page Policies are not modifiable If you want to change a policy you must delete the en...

Page 316: ...ter IPpolicy This entry is a unique name to identify this target 3 In the Filter Group Type choose IP Filter Group This entry is the filter group that will be associated with this policy 4 In the Filter Group field choose IPacket This entry is the filter group you created in the IP Classification Group page IP Filter Group Table 5 In the Role Combination field choose Webbrowsing Note You cannot ha...

Page 317: ...Policy Table Note Nortel Networks recommends that you consider an order numbering strategy for the values in the Order field as you configure policies The policies in the Policy Table are arranged in ascending order according to value in the Order column By establishing a policy ordering scheme in multiples of for example 10 Order 10 Order 20 Order 30 Order 40 and so on you are able to insert poli...

Page 318: ...erfaces ports in the hardware You specified that this policy will use the IPacket filter group with the elements that you specified Ippolicy will use the Role Combination Webbrowsing and Practice meter Ippolicy specifies the type of behavior you want to apply to a flow of packets Assigning mapping values Note Nortel Networks recommends that you use the default mapping values to ensure end to end Q...

Page 319: ...ifying DSCP queue assignments on page 324 Assigning 802 1p priority queue assignment You assign IEEE 802 1p priority values to a queue for specific queue set This information is used for assigning egress traffic to outbound queues To configure 802 1p priority 1 Click the Application QoS QoS Advanced Devices Priority Q Assign menu option The 802 1p Priority Queue Assignment page opens Figure 123 No...

Page 320: ... is the queue set you want to modify 3 Click Submit The 802 1p Priority Assignment Table is updated with the queue set you requested 4 Change the value of Priority 5 from 2 to 1 Verifying DSCP mapping Next verify the mapping of the DSCP to an IEEE 802 1p priority drop precedence and service class Note Clicking Submit in the 802 1p Priority Assignment Table section results in a system reset ...

Page 321: ...s DSCP Mapping menu option The DSCP Mapping page opens Figure 124 Figure 124 DSCP Mapping page To change the DSCP to an 802 1p priority 1 Click the Application QoS QoS Advanced Devices DSCP Mapping menu option The DSCP Mapping page opens Figure 124 2 Click the Modify icon of DSCP 0x1 The DSCP Mapping page opens Figure 125 for DSCP 0x1 ...

Page 322: ...re 125 DSCP Mapping page 3 In the 802 1 User Priority field choose 1 4 In the Drop Precedence field choose Not Loss Sensitive 5 In the Service Class field choose Standard 6 Click Submit The DSCP Mapping page opens with the updated information Figure 126 ...

Page 323: ...6 DSCP Mapping page Assigning 802 1p user priority mapping Now you want to map the 802 1p priority to a specific DSCP To configure IEEE 802 1p user priority to DSCP mapping 1 Click the Application QoS QoS Advanced Devices Priority Mapping menu option The 802 1p Priority Mapping page opens Figure 127 ...

Page 324: ...2 Change the DSCP value for 802 1 Priority 2 to 0x0 3 Click Submit Verifying DSCP queue assignments Next view the DSCP queue assignments To view DSCP queue assignments 1 Click the Application QoS QoS Advanced Devices DSCP Q Assign menu option The DSCP Queue Assignment page opens Figure 128 ...

Page 325: ...Chapter 5 Sample QoS configuration 325 Using the Business Policy Switch 2000 Version 1 2 Figure 128 DSCP Queue Assignment page 2 Choose Queue Set 1 3 Click Submit 4 View the queue assignment ...

Page 326: ...326 Chapter 5 Sample QoS configuration 208700 B ...

Page 327: ...leshooting the Business Policy Switch For example because LEDs provide visual indications of certain problems see Chapter 1 to understand the various states Table 59 that your switch LEDs can exhibit during normal operation For more help in determining the problem Diagnosing and correcting problems describes symptoms and corrective actions Table 60 you can perform to resolve specific problems Subs...

Page 328: ...lly and switch is operational Blinking A nonfatal error occurred during the self test This includes nonworking fans Off The switch failed the self test RPSU RPSU status Green On The switch is connected to the RPSU and can receive power if needed Off The switch is not connected to the RPSU or RPSU is not supplying power Cas Up Stack mode Off The switch is in standalone mode 9714EA Business Policy S...

Page 329: ...is on the ring but cannot participate in the stack configuration Cas Dwn Stack mode Off The switch is in standalone mode Green On The switch is connected to the downstream unit s Cascade A Out connector Amber On This unit has detected a problem with the switch connected to the cascade down connector In order to maintain the integrity of the stack this unit has bypassed its downstream neighbor and ...

Page 330: ...lover is a temporary safeguard only If the stack configuration loses power the temporary base unit will not power up as the base unit when power is restored For this reason you should always assign the temporary base unit as the base unit set the Unit Select switch to Base until the failed unit is repaired or replaced 10 100 10 100 Mb s port speed indicator Green On The corresponding port is set t...

Page 331: ...trischen Stromschlag auszuschließen nehmen Sie niemals die obere Abdeckung vom Gerät ab Im Geräteinnern befinden sich keine Komponenten die vom Benutzer gewartet werden können Avertissement Pour éviter tout risque d électrocution ne jamais retirer le capot de l appareil Cet appareil ne contient aucune pièce accessible par l utilisateur Advertencia A fin de evitar daños personales por corrientes el...

Page 332: ...s fastened securely at both ends and that power is available at the AC power outlet The fans are not operating or the airflow is blocked causing the unit to overheat Verify that there is sufficient space for adequate airflow on both sides of the switch Note Operating temperature for the switch must not exceed 40 C 104 F Do not place the switch in areas where it can be exposed to direct sunlight or...

Page 333: ...tion The Business Policy Switch negotiates port speeds according to the IEEE 802 3u autonegotiating standard The switch adjusts autonegotiates its port speed and duplex mode to match the best service provided by the connected station up to 100 Mb s in full duplex mode as follows If the connected station uses a form of autonegotiation that is not compatible with the IEEE 802 3u autonegotiating stan...

Page 334: ...3 You may have to try several settings before you find the correct speed duplex mode of the connected station If the problem persists 1 Disable the autonegotiation feature at the connected station 2 Manually set the speed duplex mode of the connected station to the same speed duplex mode you have manually set for the Business Policy Switch port Port interface Ensure that the devices are connected ...

Page 335: ...usiness Policy Switch Table 61 Environmental specifications Parameter Operating specification Storage specification Temperature 0 to 40 C 32 to 104 F 25 to 70 C 13 to 158 F Humidity 85 maximum relative humidity noncondensing 95 maximum relative humidity noncondensing Altitude 3024 m 10 000 ft 3024 m 10 000 ft Table 62 Electrical parameters Parameter Electrical specification Input Voltage 100 to 24...

Page 336: ... cm 15 1 in Weight 4 8 kg 10 60 lb Table 64 Performance specifications Parameter Specifications Frame Forward Rate 64 byte packets Up to 3 2 million packets per second pps maximum learned unicast traffic Port Forwarding Filtering Performance 64 byte packets For 10 Mb s 14 880 pps maximum For 100 Mb s 148 810 pps maximum Address Database Size 16 000 entries at line rate 32 000 entries without flood...

Page 337: ... and MT RJ connectors for switched 100 Mb s 100BASE FX connections over 50 125 and 62 5 125 micron multimode fiber optic cable 2 km 6562 ft maximum distance 1000BASE SX Shortwave Gigabit Fiber MDA SC connectors for shortwave 850 nm fiber optic connections over multimode 550 m 1805 ft fiber optic cable 1000BASE LX Longwave Gigabit Fiber MDA SC connectors for longwave 1300 nm fiber optic connections...

Page 338: ...claration identifies the product models the Nortel Networks name and address and the specifications recognized by the European community As stated in the Declaration of Conformity the Business Policy Switch 2000 complies with the provisions of Council Directives 89 336 EEC and 73 23 EEC US CFR47 Part 15 Subpart B Class A Canada ICES 003 Issue 2 Class A Australia New Zealand AS NZS 3548 1995 Class ...

Page 339: ...ersion 1 2 is compatible with BayStack 450 software version 4 1 When you are using a local console to access the BPS 2000 software version 1 2 features with a Hybrid or mixed stack BPS 2000 and BayStack 450 and 410 switches in the same stack you must plug your local console into a BPS 2000 unit To find out which version of the BPS 2000 software is running use the console interface CI menus or the ...

Page 340: ...ack will return to the default VLAN configuration Also a mixed or hybrid stack does not support multiple Spanning Tree Groups STG You have a single instance of STG when working with a mixed stack Setting up your mixed stack configuration To set up a mixed stack configuration follow the basic instructions regarding Business Policy Switch configuration detailed in Chapters 1 and 2 Installing the Bus...

Page 341: ...ndalone mode and perform preliminary IP configuration tasks before you add it to an existing stack To add a Business Policy Switch to your stack 1 Change the new Business Policy Switch base unit setting on the BayStack 400 ST1 Cascade Module to Base 2 Ensure that no other unit in the existing stack is selected as the base unit 3 Power up the switch 4 Change the Stack Operational Mode field on the ...

Page 342: ...failure of the base unit is discovered the Unit Select switch on the temporary base unit should be set to Base For detailed information about temporary base units see Installing the BayStack 400 ST1 Cascade Module Note If you do not reassign the temporary base unit as the new base unit and the temporary base unit fails the next unit directly downstream from this unit becomes the new temporary base...

Page 343: ...he stack order automatically becomes the new temporary base unit All Business Policy Switch units in the stack will be exhausted as base units successively before assigning a BayStack 410 or BayStack 450 as base unit The base unit change is indicated by the base LED on the temporary base unit s LED display panel turning on amber If the stack s base unit reverts to a BayStack 410 or BayStack 450 sw...

Page 344: ...rate with BayStack 450 or BayStack 410 switches that are configured with BayStack 450 software versions earlier than version V1 1 0 For information about using MDAs refer to Appendix C Media dependent adapters on page 347 System Characteristics Operation Mode Stack Unit 1 Size Of Stack 2 Base Unit 1 MAC Address 00 80 2C 8D 23 DF Reset Count 16 Last Reset Type Management Reset Power Status Primary ...

Page 345: ...by verifying the following items A Business Policy Switch is designated as the base unit All other units in the stack have the base unit select switch set to Off The Business Policy Switch s operational mode is set to Hybrid Stack and the unit has been reset after changing the operational mode Figure 130 All units in the stack exhibit the same ISVN All units must be reset when you add a Business P...

Page 346: ...346 Appendix B Interoperability in a mixed stack configuration 208700 B ...

Page 347: ...odels and features to existing product lines for a full range of MDAs that are available from Nortel Networks see your Nortel Networks sales representative Note The MDAs are not hot swappable Power down the switch before installing or removing an MDA Table 66 MDA models Interface type Model Refer to 1000BASE SX Shortwave gigabit fiber 450 1SR MDA 450 1SX MDA page 348 1000BASE LX Longwave gigabit f...

Page 348: ...t appareil contient une source lumineuse à rayons laser dangereuse pour les yeux Ne regardez jamais directement une fibre optique ou un port de connexion Agissez toujours comme si le câble de fibres optiques ou le connecteur était relié à une source lumineuse à rayons laser Advertencia Éste es un producto láser LED de Clase 1 Contiene una fuente de luz láser que puede causar lesiones en los ojos N...

Page 349: ...y becomes the active port The 450 1SX MDA is a single Phy MDA Both models Figure 132 conform to the IEEE 802 3z 1000BASE SX standard and use shortwave 850 nm fiber optic connectors to connect devices over multimode 550 meter fiber optic cable Figure 132 1000BASE SX MDA front panels Table 67 describes the 1000BASE SX components and LEDs 1000BASE SX TX RX Phy Link Activity 450 1SX MDA TX RX 1000BASE...

Page 350: ...s port 3 Activity Port activity LEDs green Blinking Indicates network activity level for the corresponding port A high level of network activity can cause LEDs to appear to be on continuously 4 1000BASE X SC port connectors Warning This is a Class 1 Laser LED product It contains a laser light source that can injure your eyes Never look into an optical fiber or connector port Always assume that the...

Page 351: ...re optique ou un port de connexion Agissez toujours comme si le câble de fibres optiques ou le connecteur était relié à une source lumineuse à rayons laser Advertencia Éste es un producto láser LED de Clase 1 Contiene una fuente de luz láser que puede causar lesiones en los ojos Nunca mire dentro de un cable o de un puerto de conexión de fibra óptica Asuma siempre que el cable o el connector de fi...

Page 352: ...s Table 68 describes the 1000BASE LX MDA components and LEDs Note The optical performance of this transceiver cannot be guaranteed when connected to a multimode fiber plant without the use of the special offset SMF MMF mode conditioning patch cord see 1000BASE LX multimode applications on page 367 1000BASE LX TX RX Phy Link Activity 450 1LX MDA BS45045A 3 4 2 1 TX RX 1000BASE LX RX 1000BASE LX TX ...

Page 353: ...em Label Description 1 Link Communication link LEDs green On Valid communications link Off The communications link connection is bad or there is no connection to this port Blinking The corresponding port is management disabled 2 Phy or Phy Select Phy status LEDs green On The corresponding Phy port is active Off The corresponding Phy port is in backup mode or there is no connection to this port 3 A...

Page 354: ...n a node or server similar to a conventional Ethernet repeater hub If you are connecting to another Ethernet hub or switch use a crossover cable unless an MDI connection exists on the associated port of the attached device The BPS2000 4TX MDA can operate at either 10 Mb s or 100 Mb s The speed is determined through autonegotiation with its connecting device For installation instructions see Instal...

Page 355: ...à fibre optique peut émettre des rayons laser ou infrarouges qui risquent d entraîner des lésions oculaires Ne jamais regarder dans le port d un connecteur ou d un câble à fibre optique Toujours supposer que les câbles à fibre optique sont raccordés à une source lumineuse Advertencia Los equipos de fibra óptica pueden emitir radiaciones de láser o infrarrojas que pueden dañar los ojos No mire nunc...

Page 356: ...ave 1300 nm MT RJ connectors to attach devices over 62 5 125 or 50 125 micron multimode fiber optic cable Figure 135 100BASE FX MDA front panels Both models conform to the IEEE 802 3u 100BASE FX standard and can be used for fiber based 100 Mb s connections 2 km maximum distance to other compatible Fast Ethernet devices Single mode fiber cable is not supported Table 69 describes the 100BASE FX comp...

Page 357: ...ously Off Indicates no active traffic 3 100BASE FX port connectors BPS2000 2FX uses SC connectors BPS2000 4FX uses MT RJ connectors Warning This is a Class 1 Laser LED product It contains a laser light source that can injure your eyes Never look into an optical fiber or connector port Always assume that the fiber optic cable or connector is connected to a laser light source Vorsicht Dieses Laser L...

Page 358: ...que ou un port de connexion Agissez toujours comme si le câble de fibres optiques ou le connecteur était relié à une source lumineuse à rayons laser Advertencia Éste es un producto láser LED de Clase 1 Contiene una fuente de luz láser que puede causar lesiones en los ojos Nunca mire dentro de un cable o de un puerto de conexión de fibra óptica Asuma siempre que el cable o el connector de fibra ópt...

Page 359: ...A on page 363 For instructions on installing GBICs to your 450 1GBIC MDA s Host port see Installing GBICs on page 360 Figure 136 450 1GBIC MDA front panel Table 70 describes the 450 1GBIC MDA front panel components GBIC Phy Link Activity 450 1GBIC MDA BS450102A 3 4 450 1GBIC MDA 2 1 GBIC model with extractor tabs GBIC model with extractor handle SC connector ...

Page 360: ...hy status LEDs green On The corresponding Phy port is active Off The corresponding Phy port is in backup mode or there is no connection to this port 3 Activity Port activity LEDs green Blinking Indicates network activity level for the corresponding port A high level of network activity can cause LEDs to appear to be on continuously 4 GBIC Host port refer to Installing GBICs on page 360 Table 71 Av...

Page 361: ...n for your hardware or software product Use Adobe Acrobat Reader to open the manuals and release notes search for the sections you need and print them on most standard printers Installation The 450 1GBIC MDA Host port is covered with a spring loaded filler panel that rotates out of the way as you push the GBIC into place You can install or replace a GBIC in an operating 450 1GBIC MDA without turni...

Page 362: ...it Remove it turn it over and reinsert it Figure 138 Installing a GBIC 3 Press on the front of the GBIC until it snaps into place 4 Remove the rubber plug to connect cables Removing an Installed GBIC To remove an installed GBIC 1 If the GBIC has spring tabs press in on the tabs on each side of the GBIC as you pull the GBIC out of the MDA s Host port Figure 139 Note The MDAs are not hot swappable P...

Page 363: ...fications refer to the Gigabit Interface Converter GBIC Installation Guide part number 208723 A Installing an MDA The Uplink Expansion Module slot on the Business Policy Switch accommodates a single MDA The connection can be either an RJ 45 10 100BASE TX MDA or a fiber 100BASE FX or 1000BASE SX LX MDA with an SC or MT RJ connector To install an MDA into the Uplink Expansion Module slot 1 Unplug th...

Page 364: ...0 B 2 Loosen the thumb screws and remove the filler panel or previously installed MDA from the Uplink Expansion Module slot Note If you are replacing an installed MDA with another type of MDA see Replacing an MDA with a different model on page 366 ...

Page 365: ...ess the MDA firmly into the Uplink Expansion Module slot Be sure that the MDA is fully seated into the mating connector 5 Secure the MDA by tightening the thumb screws on the MDA front panel 6 Attach devices to the MDA ports After connecting the port cables continue to follow the instructions in the manual for the switch to connect power and verify the installation Note The IEEE 802 3u specificati...

Page 366: ...er down the switch Remove the AC power cord from the power source 2 Remove the installed MDA Loosen the thumbscrews and remove the MDA 3 Cycle the switch power Power up the switch and wait for the Nortel Networks logo screen to appear approximately 10 seconds then power down the switch 4 Install the replacement MDA Be sure to firmly tighten the two thumbscrews on the MDA front panel 5 Power up the...

Page 367: ...odate the single mode ferrules used on one end of the special offset SMF MMF patch cord Multimode ferrules must not be used because they can bind and cause damage to the transceiver Do not connect multimode cables directly into the 1000BASE LX MDA transceiver Instead connect a special offset SMF MMF patch cord into the transceiver and then connect the multimode cable into the SMF MMF patch cord Fo...

Page 368: ...368 Appendix C Media dependent adapters 208700 B ...

Page 369: ...quick configuration guides The flowcharts refer you to the configuration rules appropriate for each feature The flowcharts cover the following features 802 1Q VLANs page 369 MultiLink Trunking page 373 Port Mirroring page 374 IGMP Snooping page 375 EAPOL Authentication page 378 Configuring 802 1Q VLANs To create or modify an 802 1Q VLAN follow the flowcharts in Figure 141 Figure 142 and Figure 143...

Page 370: ... appropriate value for the Create VLAN field Activate VLAN State Is VLAN Type Port Based 3 1 Select the appropriate value for the VLAN Type field No Yes Is VLAN Type Protocol Based Yes No Is the PID user defined Select the appropriate PID value for the PID field Enter the user defined PID value Off page reference On page reference Key Start ...

Page 371: ...et the Port field as appropriate for your configuration Set PVID Choose VLAN Port Configuration or press c to open the VLAN Port Configuration screen VLAN Port members Configured Is PVID correct Configure Port Members as Tagged Port Member Untagged Port Member or Not a Member of VLAN see VLAN Configuration Rules for more information 2 1 BS45047D Off page reference On page reference Key ...

Page 372: ...istered filters if necessary Set Port Priority See also the Traffic Class Configuration screen if necessary BS45048C Is filtering correct Is Port Priority correct Yes Are all VLANs configured Yes 2 No 3 Done Off page reference On page reference Key Yes No Set Tagging field on VLAN Port Configuration screen Is VLAN tag correct ...

Page 373: ...runk Configuration or press t from the MultiLink Trunk Configuration Menu screen Figure 144 Configuring MultiLink Trunks Yes No No Configure STP field Enable Trunk Status field see MultiLink Trunking Configuration Rules Configure trunk members see MultiLink Trunking Configuration Rules BS45050A Are all trunk members configured Is trunk STP Enabled Yes Is trunk Enabled Yes No Done MultiLink Trunk C...

Page 374: ...Configuration Menu screen Figure 145 Configuring Port Mirroring 1 of 2 Yes No No Set Monitoring Mode field Port Mirroring Configuration screen Set Monitor Port field see Port Mirroring Configuration Rules Configure Ports X and Y fields see Port Mirroring Configuration Rules BS45051A Is Monitoring Mode field set Is Monitor Port field set Yes Is Monitor Port set for port based mode Yes Yes No 1 Are ...

Page 375: ...g ports follow the flowcharts in Figures Figure 147 to Figure 149 To open the IGMP Configuration screen Choose IGMP Configuration or press g from the Switch Configuration Menu screen Yes No No Enable Port Mirroring see Port Mirroring Configuration Rules BS45052A Are Address A and B configured Is Port Mirroring Enabled Yes 1 Done 2 Configure Addresses Off page reference On page reference Key ...

Page 376: ...onfigured Is the Snooping field set correctly Yes Is Snooping field set Yes Yes No 2 Is the Proxy field set correctly No 2 IGMP Configuration screen Go to VLAN flowchart Create VLANs configure port members as required Set the correct value for the Snooping field Set the correct value for the Proxy field Off page reference On page reference Key ...

Page 377: ...y Is the Query Timer field set correctly Yes Is the Set Router Ports field set correctly Yes Yes No Is the Proxy field set correctly No 3 2 Set the correct value for the Query Timer field Set the correct value for the Robust Value field Set the correct value for the Proxy field Set the correct value for the IGMP version in the Set Router Ports field Off page reference On page reference Key ...

Page 378: ...ameters follow the flowcharts in Figure 150 and Figure 151 Yes No No All trunk members for that trunk are automatically configured as IGMP Static Router Ports Off page reference On page reference BS45055B Key Are all IGMP members configured Is the Port a trunk member Yes 3 Done Configure all IGMP members see IGMP Configuration Rules All VLANs on this port are now configured as IGMP router ports ...

Page 379: ...wchart 1 of 2 Yes No EAPOL_Authen_Process_new_1 Authentication successful Authentication server sent VLAN ID Yes Yes No Does VLAN exist No Login screen Access denied See System Administrator Off page reference On page reference Key Switch restores VLAN ID and PVID values from NVRAM Switch sets VLAN ID and PVID values to VLAN 1 Yes Port based VLAN No Switch sets VLAN ID and PVID values to preconfig...

Page 380: ...rocess_new_2 Authentication server sent Port Priority value Is Port Priority value range 0 to 7 Yes No Off page reference On page reference Key Switch sets Port Prioity value to 0 A Switch restores Port Priority value from NVRAM Switch sets Port Priority value to preconfigured values stored in the Authentication server ...

Page 381: ...0BASE T 100BASE TX port connectors The RJ 45 port connectors Figure 152 are wired as MDI X ports to connect end stations without using crossover cables See MDI and MDI X devices on page 382 for information about MDI X ports For 10BASE T connections use Category 3 or higher UTP cable For 100BASE TX connections use only Category 5 UTP cable Figure 152 RJ 45 8 Pin Modular port connector 1 8 616EA ...

Page 382: ... crossover function internally Ports that implement the crossover function internally are known as MDI X ports where X refers to the crossover function The following sections describe the use of straight through and crossover cables for connecting MDI and MDI X devices Table 72 RJ 45 port connector pin assignments Pin Signal Description 1 RX Receive Data 2 RX Receive Data 3 TX Transmit Data 4 Not ...

Page 383: ...ing crossover cables Figure 153 Figure 153 MDI X to MDI cable connections MDI X to MDI X cable connections If you are connecting the Business Policy Switch to a device that also implements MDI X ports use a crossover cable Figure 154 1 8 1 8 8 1 8 1 RX RX TX TX TX TX RX RX MDI X port Business Policy Switch 2000 End station Straight through cable MDI port T R T R 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2...

Page 384: ...nal outputs are always asserted the CD DTR RTS and RI signal inputs are not used This configuration enables a management station a PC or console terminal to connect directly to the switch using a straight through cable Figure 155 DB 9 Console port connector 1 8 1 8 8 1 8 1 RX RX TX TX RX RX TX TX MDI X port Business Policy Switch 2000 Switch or hub Crossover cable MDI X port T R T R 1 2 3 4 5 6 7 ...

Page 385: ... pin assignments Table 73 DB 9 Console port connector pin assignments Pin Signal Description 1 CD Carrier detect not used 2 TXD Transmit data output 3 RXD Receive data input 4 DTR Data terminal ready not used 5 GND Signal ground 6 DSR Not used 7 RTS Request to send not used 8 CTS Not used 9 RI Ring indicator not used Shell Chassis ground ...

Page 386: ...386 Appendix E Connectors and pin assignments 208700 B ...

Page 387: ... 155 In Band Stack IP Address 0 0 0 0 no IP address assigned In Band Switch IP Address 0 0 0 0 no IP address assigned In Band Subnet Mask 0 0 0 0 no subnet mask assigned Default Gateway 0 0 0 0 no IP address assigned Read Only Community String public SNMP Configuration screen on page 160 Read Write Community String private Trap IP Address 0 0 0 0 no IP address assigned Community String Zero length...

Page 388: ...ltering on Intrusion Detected Disabled Generate SNMP Trap on Intrusion Disabled Clear by Ports NONE Learn by Ports NONE Current Learning Mode Not Learning Trunk blank field MAC Address Security Port Configuration screen on page 173 Security Disabled Port List blank field MAC Address Security Port Lists screens on page 176 Find an Address blank field MAC Address Security Table screens on page 181 M...

Page 389: ...e Subnet Addr 0 0 0 0 Subnet Mask 0 0 0 0 Port Membership U all ports assigned as untagged members of VLAN 1 Unit 1 VLAN Port Configuration screen on page 197 Port 1 Filter Tagged Frames No Filter Untagged Frames No Filter Unregistered Frames No Port Name Unit 1 Port 1 PVID 1 Port Priority 0 Tagging Untagged Access AutoPVID Disabled BootP Mac Address Type Stack Mac Address Stack Operational Mode s...

Page 390: ... ports Speed Duplex 100Mbs Half when Autonegotiation is Disabled Trunk 1 to 6 depending on configuration status MultiLink Trunk Configuration Menu screen on page 207 Trunk Members Unit Port Blank field STP Learning Normal Trunk Mode Basic Trunk Status Disabled Trunk Name Trunk 1 to Trunk 6 Traffic Type Rx and Tx MultiLink Trunk Utilization screen on page 211 Table 74 Factory default settings conti...

Page 391: ...ne VLAN 1 IGMP Configuration screen on page 221 Snooping Enabled Proxy Enabled Robust Value 2 Query Time 125 seconds Set Router Ports Version 1 Static Router Ports for all ports Unit 1 Port Statistics screen on page 226 Port 1 Console Port Speed 9600 Baud Console Comm Port Configuration screen on page 231 Console Switch Password Not Required Console Stack Password Not Required Console Read Only Sw...

Page 392: ...dd VLAN Membership 1 Tagged BPDU on tagged port STP Group 1 No Other STP Groups Yes STP Group State STP Group 1 Active Other STP Groups InActive STP Group 1 Spanning Tree Port Configuration screen on page 245 Participation Normal Learning Priority 128 Path Cost 10 or 100 STP Group 1 Spanning Tree Switch Settings screen on page 248 STP Group 1 Spanning Tree VLAN Membership screen on page 252 TELNET...

Page 393: ...ion 1 2 Event Logging All Allowed Source IP Address 10 user configurable fields First field 0 0 0 0 no IP address assigned Remaining nine fields 255 255 255 255 any address is allowed Table 74 Factory default settings continued Field Default setting Appears in this CI screen ...

Page 394: ...ng Configuration File Download Upload screen on page 262 TFTP Server IP Address 0 0 0 0 no IP address assigned Copy Configuration Image to Server No Retrieve Configuration Image from Server No ASCII Configuration Filename Zero length string ASCII Configuration File Download screen on page 266 TFTP Server IP Address 0 0 0 0 no IP address assigned Retrieve Configuration file from Server No Last Manu...

Page 395: ...ration file that was extracted from a Nortel Networks EZ LAN network management application Note that other BootP daemons can use a configuration file with a different format Before using your switch BootP facility you must customize your BootP configuration file with the appropriate data Blank lines and lines beginning with are ignored Legend first field hostname ht hardware type ha host hardware...

Page 396: ...every device Note that hardware type ht is specified first in the global entry The following global entry is defined for an Ethernet device Note that this is where a client s subnet mask sm and default gateway gw are defined global1 ht ethernet hd c opt images sm 255 255 255 0 gw 192 0 1 0 The following sample entry describes a BootP client bay1 ht ethernet ha 0060fd000000 ip 192 0 0 1 hd c ezlan ...

Page 397: ...File Download screen 262 266 ASCII Configuration Filename field 268 assymmetric mode 206 authentication 71 183 Authentication Trap field 161 Auto Configuration on Reset field 268 automatic PVID 59 200 autonegotiation description 79 modes 333 troubleshooting 333 Autonegotiation field 203 205 AutoPVID field 200 autosense description 78 Autotopology field 161 B base unit 96 97 Base Unit field 163 Bay...

Page 398: ...127 145 MultiLink Trunking 51 127 133 145 port mirroring 133 145 spanning tree 51 133 145 spanning tree groups 51 stacking 341 VLANs 51 133 145 connectivity 61 connectors 381 RJ 45 port connector 381 console 56 console interface CI main menu 151 menus using 149 Console Password field 233 234 Console Port Speed field 232 Console Read Only Password field 234 236 Console Read Write Password field 234...

Page 399: ...tion rules 75 Entry field 178 errors 61 event log 269 Event Logging field 255 Excessive Collisions field 229 F fans 39 FCS Errors field 229 features 47 Filter Group Name 301 308 Filter Group Table 301 308 Filtered Packets field 229 Find an Address field 169 182 flash memory for software image upgrades 76 Flooded Packets field 229 Flow Control field 205 Forward Delay field 251 Frame Errors field 22...

Page 400: ... page 305 Layer2 Filter Creation section 305 Layer2 Filter Group Table section 308 Layer2 Group Modification page 309 Learn by Ports field 173 LEDs descriptions 39 328 display panel 39 328 Link field 203 Link Trap field 203 Local MDA Type field 163 log messages 269 Login Retries field 255 Login Timeout field 255 Logout command 154 Logout screen 154 Lost Packets field 228 M MAC address 97 231 MAC A...

Page 401: ...ree groups 49 N network 61 network configuration configuring power workgroups and a shared media hub 92 desktop switch 89 segment switch 89 stacking 92 New Unit Number field 239 Next Stack Operational Mode field 231 Number of addresses field 169 NVRAM 269 O Operational Mode field 163 Operational Status field 185 Operational Traffic Control field 186 Optivity Policy Services 291 Oversized Packets f...

Page 402: ...assifiers 298 committed rate 287 313 configuration 293 data specification 314 default mapping values 298 DSCP 298 filter group precedence 301 308 filter groups 279 302 309 filters 279 298 IEEE 802 1p 298 in profile traffic 287 313 interface class 282 295 297 interface groups 286 295 297 IP filter groups 299 301 IP filters 279 299 layer 2 filter groups 305 308 layer 2 filters 279 305 management 293...

Page 403: ...based network security 70 Security field 176 Select VLAN ID field 169 Server Timeout field 187 settings default 387 Single Collisions field 229 Size of Stack field 163 SNMP 81 84 SNMP Access field 256 SNMP Configuration screen 152 160 snooping 122 software download process 261 image upgrades 76 interoperability 34 versions 47 239 343 Software Download screen 153 257 259 spanning tree 240 configura...

Page 404: ... filtering database identifier FID 106 port priority 106 port VLAN identifier PVID 105 tagged frame 105 tagged member 106 unregistered packet frame 106 untagged frame 106 untagged member 106 user_priority 106 VLAN identifier VID 105 VLAN port members 106 TELNET 56 TELNET Access field 255 TELNET Stack Password Type field 234 TELNET Switch Password Type field 234 TELNET SNMP Web Access Configuration...

Page 405: ...5 V VLAN Configuration Menu 166 187 VLAN Configuration screen 189 VLAN Display by Port screen 200 VLAN Membership field 253 VLAN Name field 192 VLAN Names field 201 VLAN State field 193 VLAN Type field 192 VLANs 48 104 Configuration Menu 166 188 configuration rules 51 122 133 145 default settings 106 EAPOL 73 examples 120 IVL 64 MAC SA based 64 network example 87 number of 65 187 number of protoco...

Reviews:

No comments

Related manuals for 2000

D-Link DSP-W115 User Manual preview
DSP-W115
Brand: D-Link Pages: 36
Baltimore Aircoil Company 3000 Series Operating And Maintenance Instructions Manual preview
3000 Series
Brand: Baltimore Aircoil Company Pages: 12
Samsung scx-4100 series Instructions Manual preview
scx-4100 series
Brand: Samsung Pages: 8
JANE MICRO Quick Start Manual preview
MICRO
Brand: JANE Pages: 6
Acdeos AXS FL Installation Instruction preview
AXS FL
Brand: Acdeos Pages: 7
Manfrotto 160 Instructions preview
160
Brand: Manfrotto Pages: 2
Garmin Varia Remote User Manual preview
Varia
Brand: Garmin Pages: 26
Garmin Varia Owner'S Manual preview
Varia
Brand: Garmin Pages: 33
Garmin Varia Quick Start Manual preview
Varia
Brand: Garmin Pages: 167
Danfoss 176F6516 Installation Manual preview
176F6516
Brand: Danfoss Pages: 14
Dakota Digital Odyssey II Series Quick Start Manual preview
Odyssey II Series
Brand: Dakota Digital Pages: 3
Kargo Master 80070 Assembly Lnstructions preview
80070
Brand: Kargo Master Pages: 13
Kargo Master 4A96L Installation Manual preview
4A96L
Brand: Kargo Master Pages: 21
Kargo Master 40201 Installation Manual preview
40201
Brand: Kargo Master Pages: 4
Karel MS48IP Technical Reference And Installation Manual preview
MS48IP
Brand: Karel Pages: 56
X-lite URANO Installation Instructions Manual preview
URANO
Brand: X-lite Pages: 6
Nailor UNI2-VAV Assembly preview
UNI2-VAV
Brand: Nailor Pages: 6
rako WAVMI User Manual preview
WAVMI
Brand: rako Pages: 7

Brands by name

Popular brands

Load more brands