Home
/
ZNYX
/
bh5700
/
User Manual

ZNYX bh5700, User Manual, Page: 125 / 359

Share

Page: 125 / 359

ZNYX bh5700 User Manual Download Page 125

Figure 7.6: COPS Network Architecture

A PDP contains all of the policy rulers for its associated PEPs. A PDP typically stores rules in a
data and is a dedicated server, not a forwarding device.

A PEP is any network device that has to enforce policy decisions. For example, a switch that
restricts network access or prioritizes traffic fits the definition of a Policy Enforcement Point. A
PEP makes no policy decision. It simply applies policy that receives from its PDP.

COPS uses a connection-based query and response mechanism. The following scenario illustrates
PEP-PDP communication:

•

A PEP comes online and opens a connection to its PDP.

•

After a connection has been established, the PEP transmits state information to the PDP.

•

The PDP uses that state information to determine what policy is applicable for the PEP.

•

The PDP sends that policy to the PEP.

•

The PEP installs the policy and applies it to future traffic.

As long as COPS is running, a connection between the PEP and PDP should stay open. A PEP
could query a PDP at any time asking for a policy decision. Alternatively, an administrator could
modify the policy on a PDP, which would then push any policy changes to its PEPs.

Protocol Architecture

The COPS protocol is broken into several components. The base layer is the COPS protocol
itself, which defines the messaging format. This protocol defines

how

communication is handled

without specifying the details of the message data.

The base COPS protocol is then used by different

client types

. These client types apply the COPS

messaging scheme to particular types of data. The currently standardized client types deal with
the RSVP model (COPS-RSVP) and provisioning model (COPS-PR).

The COPS-RSVP scheme is designed around the requirement that a PEP will have to query a
PDP in response to events. An RSVP PEP is constantly listening for resource reservation requests

Ethernet Switch Blade User's Guide

release 3.2.2j

page 125

PDP

PEP

PEP

PEP

«
...
123
124
125
126
127
...
»

Summary of Contents for bh5700

Page 1: ...HP bh5700 ATCA 14 Slot Blade Server Ethernet Switch Blade First Edition Manufacturing Part Number AD171 9603A June 2006...

Page 2: ...Ethernet Switch Blade User s Guide release 3 2 2j page ii...

Page 3: ...such products Intel assumes no liability whatsoever and Intel disclaims any express or implied warranty relating to sale and or use of Intel products including liability or warranties relating to fit...

Page 4: ...hernet Switch Blade Manual This manual includes everything you need to begin using the HP Ethernet Switch Blade with OpenArchitect software Release 3 2 2j Ethernet Switch Blade User s Guide release 3...

Page 5: ...orts 24 LED Reference 24 Chapter 3 High Availability Networking 27 Surviving Partner 27 VRRP 28 zlmd 28 Switch Replacement and Reconfiguration 29 zspconfig 29 Example HA Switch Configuration 30 Modify...

Page 6: ...roduction 60 Packet Walk 61 Filter Rules Specifications 62 Specifying Source and Destination IP Addresses 62 Specifying Protocol 62 Specifying an ICMP Message Type 62 Specifying TCP or UDP ports 63 Sp...

Page 7: ...Applications 82 Port Mirroring 82 Link and LED Control 83 Link Event Monitoring 83 Chapter 6 Fabric Switch Maintenance 84 Overview of the OpenArchitect switch boot process 84 Saving Changes 86 Modify...

Page 8: ...is changed for the interface in the ifconfig command line of the script 102 Layer 3 Routing Protocols with GateD 102 Using the Provided S55gatedRip1 Script 102 To Modify the GateD Scripts 104 Class o...

Page 9: ...Queuing Disciplines 124 Handle Semantics 124 COPS Common Open Policy Service 124 Protocol Architecture 125 OpenArchitect PEP 126 Using pepd 126 Chapter 8 Base Switch Administration 128 Setting the Ro...

Page 10: ...Blade 145 Base Interface Hub System 145 Ethernet Interfaces 145 Management Interfaces 145 Fabric Interface Hub System 146 Ethernet Interfaces 146 Management Interfaces 146 Connecting to the Base Inte...

Page 11: ...twork Connectivity Troubleshooting 170 No Connection 170 Diminished Network Throughput 170 Connecting to Devices with Fixed Port Speeds 170 External Fault LED 170 Network Tests 171 Ping Test 171 Trace...

Page 12: ...ost zl3net zvlan 216 zgvrpd 219 zl2d 221 zl3d 223 zlc 225 zlmd 228 zlogrotate 230 zmirror 231 zmnt 233 zpeer 235 zqosd 238 zrc 240 zreg 241 zrld 243 zsnoopd 244 zspconfig 246 zstack 253 ztats 258 zsyn...

Page 13: ...tructure of Standard IPMI Responses From PMC to BMC 352 Event Generator 353 IPMB Event message format 353 IPMI Event Message Definitions 353 Field Replaceable Unit Inventory Device 353 IPMB Override L...

Page 14: ...in OpenArchitect 190 Index of Tables Table 5 1 Supported MIBs 79 Table 5 2 Supported Traps 80 Table 5 3 Link and SNMP Status 81 Table 7 1 Port Path Cost 97 Table 7 2 Policing Actions 119 Table 7 3 U M...

Page 15: ...Ethernet Switch Blade User s Guide release 3 2 2j page 15...

Page 16: ...Ethernet Switch Blade User s Guide release 3 2 2j page 16...

Page 17: ...acket classification are also included with a user friendly interface OpenArchitect can be used with a variety of IP routing protocols As part of Advanced TCA the switch incorporates the PICMG 3 0 Int...

Page 18: ...chassis The PICMG 3 0 Intelligent Platform Management Interface IPMI standard is also supported IPMI uses message based interfaces that monitor the physical health characteristics of the Ethernet Swit...

Page 19: ...nodes 15 16 zre 20 21 Front panel zre12 zre14 zre15 Fabric Switch Quick Reference slot zre numbers 3 zre0 3 4 zre4 7 5 zre8 11 6 zre12 15 7 zre16 19 8 zre24 27 9 zre28 29 10 zre30 31 11 zre32 33 12 z...

Page 20: ...s that the PCI bus that interfaces with the embedded processor and the switch fabric is at a higher performance level than a typical switch see Figure 1 1 Fabric Switch Elements The use of PCI creates...

Page 21: ...ed tables This provides both the flexibility and control of the Linux software environment and the speed of dedicated switching silicon The OpenArchitect environment includes additional features For e...

Page 22: ...ries and RMAPI Ethernet Switch Blade User s Guide release 3 2 2j page 22 Linux Application Level Software routed gated ZNYX RAIN Mgt API RMAPI OpenArchitect Libraries zlxlib and ztlib OpenArchitect Ap...

Page 23: ...straight through or MDI X crossover cable is attached Console Port Cabling The switch console can be accessed via one RJ 45 10 100 service port located on the front panel of the Ethernet Switch Blade...

Page 24: ...full duplex not auto sensing The front OOB port is eth0 and the rear not implemented with this release is eth1 LED Reference See Figure 2 1 for a schematic view of the front of a typical Ethernet Swi...

Page 25: ...Ethernet Switch Blade User s Guide release 3 2 2j page 25 Figure 2 1 LED Reference...

Page 26: ...Ethernet Switch Blade User s Guide release 3 2 2j page 26...

Page 27: ...h redundant links from a switch or switches to the host one link is maintained as the ACTIVE link and the other as STANDBY If the ACTIVE link were to go down the STANDBY becomes the new ACTIVE while p...

Page 28: ...k An HA solution would include redundant connections from each host to each switch in the virtual router Combining the features of Surviving Partner on the switches and HA bonding drivers on the hosts...

Page 29: ...dinated configuration of many different processes including vrrpd zlmd zlc and dhcpd The daemon processes run scripts to perform their actions Because these scripts are complex and inter dependent a c...

Page 30: ...hat executes each time the vrrpd changes state This script starts and stops dhcpd and toggles down RAINlink ports to force the RAINlink nodes to a new Master switch zlmd script Runtime script executed...

Page 31: ...esign On Switch A Master make a backup copy of zsp conf and edit zsp conf cd etc rcZ d surviving_partner cp zsp conf zsp conf save vi zsp conf The first section uses zconfig to create the VLANs Many o...

Page 32: ...enabled nodes These ports contain virtual addresses managed by VRRP And during a failover event the links are toggled down to force failover to the Master switch Route Ports connected to upstream rout...

Page 33: ...he new Master for that VLAN Similar to VLAN failover the interconnect link will carry data traffic in this mode when ports failover failover_mode switch Next you can set VRRP_msg_rate and default prio...

Page 34: ...ed template These entries are optional If you use the special failover modes vlan or port see above for details you can also specify an individual address to be the default master that is that a port...

Page 35: ...uration Now go to the backup switch and run zspconfig u to get the appropriate configuration information from the Master zspconfig u zhp0 Modifying zsp_vlan conf on the Fabric Switch An example file f...

Page 36: ...be created If a new VLAN zhp is to be managed by HA add a zconfig sibling_address and vrrp_virtual_address configuration line and define the port type as appropriate The interconnect port is needed i...

Page 37: ...ome first serve basis in the order specified Each zconfig ured interface should have sibling addresses specified sibling_addresses zhp0 100 0 0 30 100 0 0 31 netmask 255 0 0 0 sibling_addresses zhp1 1...

Page 38: ...the end these definitions are on a port by port basis Note zhp and zre names cannot be mixed on the same line Shelf manager ports should be defined as monitor_only monitor_only ports are used in failo...

Page 39: ...gratuitous ARP vrrp_mode RAINlink_xmit_on_failover vrrp_mode block_crossconnect failover modes switch failover VLAN failover or port failover are mutually exlusive They describe what occurs if a port...

Page 40: ...d will only run with ZNYX supplied vrrpd vrrp_msg_rate 100 In milliseconds vrrp_def_priority 254 start_script Allows the user to add files and scripts that are moved to the slave switches when they do...

Page 41: ...orted mode at this time The same mode must be set in both the base and fabric switches board_synchronization_mode basic vrrpd_script Allows the user to add scripts to be executed during vrrpd state tr...

Page 42: ...on Now go to the backup switch and run zspconfig u to get the appropriate configuration information from the Master zspconfig u zhp0 Configuring Surviving Partner The S60SP_startup script is useful in...

Page 43: ...of the DHCP daemon configuration file is dependent on the machine and operating system being used An example can be obtained from the Surviving Partner primary switch in the location etc rcZ d surviv...

Page 44: ...ed to tftpboot zsp primary conf on the Central Authority Move tftpboot zsp_DC conf 1 file on the primary created by zspconfig to tftpboot zsp secondary conf on the Central Authority Create dhclient co...

Page 45: ...tup script line that reads echo y n zspconfig t 10 su zhp0 dev null 2 1 Can be modified to echo y n zspconfig c etc rcZ d surviving_partner dhclient new conf t 10 su zhp0 dev null 2 1 If you use S60SP...

Page 46: ...nfigured with address 10 0 0 43 Telnet to 10 0 0 43 telnet 10 0 0 43 After you are connected enter the login name root No password is required OpenArchitect login root ZX7100 OA release no OpenArchite...

Page 47: ...scripts located in the switch etc rcZ d examples directory to help you configure the switch The default configuration for the switch is located in the script file etc rcZ d S50layer2 The following scr...

Page 48: ...VLAN network structure in a fabric switch In the Figure 4 1 four VLANs for each fabric switch are used to organize traffic This is just one example of how a layer 2 switch could be configured with the...

Page 49: ...creates the VLAN group of switch ports as well as a network interface Use ifconfig 1M on the network interface to bring up the VLAN group A startup script called etc rcZ d S50layer2 is executed at bo...

Page 50: ...ialog carried in packets called Bridge Protocol Data Units BPDUs for finding the shortest path between two networks and for eliminating loops from the topology If nodes attached to ports fail or are a...

Page 51: ...hp0 Port Path Cost Each port has an associated cost that contributes to the total cost of the path to the Root Bridge when the port is the root port The smaller the cost the better the path The Ethern...

Page 52: ...tag them zconfig zhp0 vlan1 zre1 4 zconfig zre1 4 untag1 zconfig zhp1 vlan2 zre5 8 zconfig zre5 8 untag2 Now use ifconfig to assign each zhp interface an IP address ifconfig zhp0 10 0 0 1 ifconfig zhp...

Page 53: ...zre that is zhp0 has zre1 on vlan1 zhp1 has zre1 on vlan2 Runs the Linux ifconfig 1M command for each interface to assign default IP addresses 10 0 0 43 10 0 47 43 sets the netmask and brings up the i...

Page 54: ...Routing Information Protocols RIP 1 or RIP 2 and Open Shortest Path First OSPF protocols Once you ve configured your Layer2 and Layer3 devices start gated Using the S55gatedRip1 Script To use GateD p...

Page 55: ...0 define 10 0 13 42 netmask 255 255 255 0 define 10 0 14 42 netmask 255 255 255 0 define 10 0 15 42 netmask 255 255 255 0 Sets the RIP1 protocol to open rip1 yes Shuts off sending and receiving packet...

Page 56: ...all To Modify the GateD Scripts Copy two GateD files the OpenArchitect S file and its corresponding conf file into the rcZ d directory that is S55gatedRip1 and gated conf rip1 Notice the files are pla...

Page 57: ...urs Egress Queues The Ethernet Switch Blade fabric switch provides 1 to 8 COS queues per egress port and for packets destined to the CPU from the switching fabric By default a freshly booted OpenArchi...

Page 58: ...ty traffic could block lower priority traffic Weighted Round Robin WRR This algorithm is similar to Strict Priority scheduling but it provides fairness with quanta for each queue Each queue is assigne...

Page 59: ...e the zhp interface used must be previously defined using zconfig A restriction on the fields supported is the size of the IMASK table There are only 16 entries per port available which means only 16...

Page 60: ...management user space utility used in conjunction with the Linux 2 4 kernels and takes advantage of the netfilter 2 4 kernel code iptables is extended with a few more targets to support the hardware f...

Page 61: ...t In the Ethernet Switch Blade product both the FORWARD chain hook and the INPUT chain hook packets destined for the CPU are implemented in hardware The rest of the hooks are in software in the Linux...

Page 62: ...10 0 0 1 d 10 0 0 1 32 with a source port number 53 source port 53 then the target is to DROP j DROP More details on rule specifications follow Specifying Source and Destination IP Addresses Source s...

Page 63: ...options specify the name of an interface to match An interface is the physical device the packet came in on i or is going out on o You can use the ifconfig command to list the up interfaces for exampl...

Page 64: ...tch only ARP packets i option can be used to specify ingress port or VLAN d specifies target IP address p specifies arp operation as request 1 or response 2 For arp response the o field can be used to...

Page 65: ...f the capabilities of the tc command rather it explicitly mentions only features that are supported by OpenArchitect based switches The examples that follow assume that the switch is running the stand...

Page 66: ...OpenArchitect switch though because the normal case is for packets to be switched in hardware For that reason zqosd must be used to shadow tc configuration into hardware Like zfilterd zqosd works wit...

Page 67: ...been added to the prio discipline The final example in this document illustrates WRR A strict priority scheduler is a simpler case that can be constructed easily from this example Examine the existing...

Page 68: ...uld be 0 are set to 1 Queue 0 has a weight of 1000 bytes Queue 1 has a weight of 2000 bytes Queue 2 has a weight of 4000 bytes Queue 3 has a weight of 6000 bytes The remaining commands each define a p...

Page 69: ...t 1 2 3 4 32 flowid 100 20 tc filter add dev zhp0 protocol arp parent 100 0 u32 match u32 2 0xffff at 4 flowid 100 30 Combining Queuing Disciplines Any of the queue length limiting disciplines can be...

Page 70: ...ts as a server for PEP clients Figure 4 3 Provides an illustration of the COPS Network Architecture A PDP contains all of the policy rulers for its associated PEPs A PDP typically stores rules in a da...

Page 71: ...sting policy The expectation is that policy should be administratively defined at the PDP and pushed to the PEPs as needed OpenArchitect is a COPS PR client The most common use of COPS PR is for distr...

Page 72: ...ile specified on the command line with the f option pepd f full_path_and_filename A sample configuration file is listed below PDP address 10 0 0 11 PDP port 3288 PEPID some id Role If a zre1 zre2 zre3...

Page 73: ...Enter the new password minimum of 5 maximum of 8 characters Please use a combination of upper and lower case letters and numbers Enter new password Re enter new password Password changed ZX7100 OA rel...

Page 74: ...use by including an entry in etc resolv conf DHCP Client Configuration A utility is included to dynamically determine the IP address of the OpenArchitect switch interfaces To set the the IP address d...

Page 75: ...te u ntp ucsd edu The u is required if the OpenArchitect switch is operating behind some types of firewalls If you wish for ntpdate to set your date and time automatically each time you boot uncomment...

Page 76: ...mount remote NFS file systems at boot time There is an example line included at the appropriate location in etc init d rcS Uncomment and alter the mount command included for your particular configurat...

Page 77: ...o connect via ftp from a remote host since root is not allowed ftp access See the earlier section in this chapter regarding how to add a user The ftp daemon is started by default If you wish to shutdo...

Page 78: ...f Management Information for TCP IP based Internets RFC 1227 SNMP MUX Protocol and MIB RFC 1493 Definitions of Managed Objects for Bridges obsoletes RFC 1286 RFC 1657 Definitions of Managed Objects fo...

Page 79: ...tion Base RFC 2863 The Interfaces Group MIB obsoletes RFC 2233 which obsoletes RFC 1573 which obsoletes RFC1229 RFC 2932 IPv4 Multicast Routing MIB RFC 3165 Definitions of Managed Objects for the Dele...

Page 80: ...f its constituent zres ports A zhp is an aggregate of its immediately contributing sub interfaces zre s and zrl s The ports that make up a trunk do not contribute to the zhp The administrative status...

Page 81: ...P agent is called snmpd and is started by default from the Linux boot up script etc rcZ d S75snmpd If you do not wish to start snmpd remove etc rcZ d S75snmpd Configuration of the OpenArchitect switch...

Page 82: ...lications you can use these standard Linux utilities to test your SNMP agent For example snmpwalk localhost c public walks the entire MIB of the localhost that is OpenArchitect switch starting at the...

Page 83: ...orts of the switch or display their current state It can also set or clear the extract led or the internal fault led or to set a port down or up To force the link on port 0 down zlc zre1 down To check...

Page 84: ...t operates as a boot loader and includes a device bootstring Device 1 contains the application flash 1 image of the Linux operating system and the OpenArchitect overlay file system Application flash 1...

Page 85: ...begins booting the Linux image After Linux boots the init process executes the etc init d rcS script which in turn executes etc rcZ d rc see Figure 6 3 Init Script Flow The etc rcZ d rc script runs S...

Page 86: ...ess The user should not modify the files in this directory or unpredictable results may occur Recovering from a System Failure If the switch does not function after you initially change or reconfigure...

Page 87: ...sbin init i Initiating the i option of zbootcfg zbootcfg d 1 i Reboot the system After the reboot clear the i option from the boot string Enter the following command zbootcfg d 1 The reboot command wi...

Page 88: ...console keyboard to enter the zmon application At the monitor prompt type boot 2 You should see the counter again but the system should boot into the secondary kernel If you have difficulties booting...

Page 89: ...e file will be something named similar to the following zflash d 1 rdr7000 zImage initrd Upgrading or Adding Files Follow the procedure below to upgrade or add a new file to the switch Place the file...

Page 90: ...rs to keep their software up to date with the latest binaries and install new software without the need to recompile Users may create their own repositories and add entries in etc apt sources list emp...

Page 91: ...an Ethernet cable to the host and the switch Configure a host on the 10 0 0 0 network The OpenArchitect switch is pre configured with address 10 0 0 42 telnet to 10 0 0 42 telnet 10 0 0 42 After you a...

Page 92: ...0 1000 ports are set up on one IP network VLAN The ISL is set up in its own vlan Example Configuration Scripts Example scripts are supplied that can be used as templates Use one of the scripts located...

Page 93: ...cally created by OpenArchitect to enable interaction between the software and hardware This initial host port called ZNYX Host Port zhp is a network interface that provides communication between all 2...

Page 94: ...t You cannot directly access or modify the zre interfaces During the initial power up of the switch the default configuration creates a Layer 2 switch The Layer 2 configuration places all of the zre i...

Page 95: ...nfig zre0 23 untag1 Uses ifconfig 1M to assign the IP address 10 0 0 42 to the interface usr sbin ifconfig zhp0 10 0 0 42 up To create another VLAN that only contained the two ports first use zconfig...

Page 96: ...is a shell script used to create Linux bridges consisting of the name of the previously created zhp device or devices preceded with a b for example if you are creating a Bridge device from zhp0 the r...

Page 97: ...ayer 2 switch configuration that is automatically configured when you initially bring up the OpenArchitect switch In order to communicate between Layer2 interfaces you must properly setup routing The...

Page 98: ...zl3d to update the switch tables zl3d zhp0 zhp1 The base switch switch is now configured as a Layer3 switch that can route between two Layer2 devices in silicon Using the S50layer3 Script To modify t...

Page 99: ...re0 23 untag1 NOTE Double periods after vlan1 and untag1 are used to indicate a range of values The plus sign after zre1 is a wildcard character that means auto incremented and causes each zhp interfa...

Page 100: ...dcast 193 08 1 255 up Adjust the number of zhp interfaces that are added to the routing tables depending on the number of VLANs you are adding for your network Include any other details as applicable...

Page 101: ...zconfig zhp0 vlan1 zre0 5 usr sbin zconfig zre0 5 untag1 usr sbin zconfig zhp1 vlan2 zre6 11 usr sbin zconfig zre6 11 untag2 usr sbin zconfig zhp2 vlan3 zre12 17 usr sbin zconfig zre12 17 untag3 usr...

Page 102: ...sk 255 255 255 0 up ifconfig zhp0 193 08 1 1 netmask 255 255 255 0 up Adjust the number of zhp interfaces depending on the number of VLANs you are adding for your network Include any other details as...

Page 103: ...10 0 1 42 passive interface 10 0 2 42 passive interface 10 0 13 42 passive interface 10 0 14 42 passive interface 10 0 15 42 passive Defines the netmask used in the interface define 10 0 0 42 netmask...

Page 104: ...s routes learned through the RIP protocol import proto rip all Exports all directly connected routes and routes learned from the RIP protocol export proto rip proto direct all proto rip all To Modify...

Page 105: ...ure defines the scope of the COS parameters Some apply to an individual port some apply to a group of ports known as a block and others apply to the whole switch It is important for the user to unders...

Page 106: ...g but it provides fairness with quanta for each queue Each queue is assigned a number of packets known as weight that it is allowed to transmit before it yields to a lower priority queue Note that wit...

Page 107: ...r udp fields Fields supported are Source IP address destination IP address IP protocol TCP or UDP source port or destination port ICMP type and TCP flags bits such as SYN The input port and output por...

Page 108: ...les a FORWARD i zhp5 o zhp3 p udp sport domain j ACCEPT iptables a FORWARD i zhp5 o zhp3 p tcp sport domain j ACCEPT iptables a FORWARD i zhp5 o zhp3 p tcp sport www j ACCEPT iptables a FORWARD i zhp5...

Page 109: ...aken If the rule doesn t match the packet then the next rule in the chain is consulted Finally if there are no more rules to consult then the kernel looks at the chain default policy to decide what to...

Page 110: ...to the FORWARD chain the rule If you see UDP packets p UDP from anywhere s 0 0 going to host 10 0 0 1 d 10 0 0 1 32 with a source port number 53 source port 53 then the target is to DROP j DROP More d...

Page 111: ...options specify the name of an interface to match An interface is the physical device the packet came in on i or is going out on o You can use the ifconfig command to list the up interfaces that is w...

Page 112: ...Options with any of these ZACTION parameters counter val Increment classifier hit counter val arp Not an action match only ARP packets i option can be used to specify ingress port or VLAN d specifies...

Page 113: ...file or out of profile remarked mapped to a FIFO queue and transmitted by a priority scheduler tc is very flexible in the data paths that it allows The utility zqosd is a daemon that monitors Linux Qo...

Page 114: ...packets to be transmitted in the queues Although the weights can be any integer value they will be scaled so that the largest value is 15 or less and the smallest is at least 1 FIFO Queues pfifo and...

Page 115: ...sing Filters to Direct Packets to a COS Queue Once the queues are defined for a port filters can be added to direct the desired packets into the queue The target queue is identified by the classid par...

Page 116: ...assid 105 3 Protocol all Packets with IEEE 802 3 802 2 LLC encapsulation can be recognized based on their DSAP SSAP values using protocol all It is also possible to match the source or destination MAC...

Page 117: ...provides a means for limiting the bandwidth used by matching packets The rate threshold is specified in bytes per second with a burst size which is to be allowed when the previous rate has been below...

Page 118: ...lice rate 250kbit burst 5200 action drop flowid 124 6 Spanning tree BPDU packets go in COS queue 6 no limit tc filter add dev zrm parent 124 0 protocol all u32 match u32 0x0180c200 0xffffffff at 0 mat...

Page 119: ...73 No Set the Differentiated Service field to value IPV4 only 74 Yes Set the ECN to value IPV4 only 81 Yes Set the VLAN ID to value 82 No Table 7 2 Policing Actions To set the DS value to 0 for out o...

Page 120: ...c value mask u16 value mask at 20 udp dst value mask u16 value mask at 22 tcp src value mask u16 value mask at 20 tcp dst value mask u16 value mask at 22 icmp type value mask u8 value mask at 20 icmp...

Page 121: ...dev zhp0 root Note that zqosd detects this state change In fact examining the CoS configuration on the switch reveals that the queue sizes have reverted to their default values The byte limited FIFO...

Page 122: ...e root discipline for zhp0 with a handle of 100 0 as in the FIFO cases The prio option identifies the type of queuing discipline Priority scheduling implies multiple queues and the bands 4 parameters...

Page 123: ...emove the wrr 1 2 4 6 options from the first tc command Note that all queue disciplines in this test may be cleared by deleting the root discipline as before tc qdisc del dev zhp0 root The U32 Filter...

Page 124: ...se translation rules handle conversions of individual rules from tc entries into hardware entries They do not explain the results of creating rules that are individually supported but which do not mak...

Page 125: ...policy and applies it to future traffic As long as COPS is running a connection between the PEP and PDP should stay open A PEP could query a PDP at any time asking for a policy decision Alternatively...

Page 126: ...raft ietf rap frameworkpib 09 A Policy Information Base PIB defines the representation of a particular data set For example the Diffserv PIB specifies the structures used to represent all Diffserv ele...

Page 127: ...en a COPS connection Default is 3288 PEPID The PEP Identifier Role If A mapping of roles to interfaces The name of the role is followed by a comma delineated list of interfaces Multiple role interface...

Page 128: ...f 5 maximum of 8 characters Please use a combination of upper and lower case letters and numbers Enter new password Re enter new password Password changed ZX6000 OA release no CAUTION Even when just c...

Page 129: ...ct switch interfaces To set the the IP address dynamically execute the command dhclient zhp0 The default device name zhp0 works with the default configuration of the OpenArchitect switch and will atte...

Page 130: ...returns the Universal Time UTC formerly Greenwich Mean Time or GMT To display the local time set the TZ variable to the appropriate name and the number of hours offset from UTC For instance export TZ...

Page 131: ...s To enable the NFS server first follow the steps to enable the NFS client Then edit etc exports to include the file systems you wish to export Consult a standard Linux Network Administrator s Guide o...

Page 132: ...s not require an account or password on the remote system Due to the lack of authentication information tftpd will allow only publicly readable files to be accessed The default location of these files...

Page 133: ...r Describing SNMP Management Frameworks RFC 2572 Message Processing and Dispatching for the Simple Network Management Protocol SNMP RFC 2573 SNMP Applications RFC 2574 User based Security Model USM fo...

Page 134: ...2 MIB authenticationFailure IF MIB linkUp IF MIB linkDown UCD SNMP MIB ucdShutdown RMON MIB risingAlarm RMON MIB fallingAlarm VRRP vrrpTrapNewMaster VRRP vrrpTrapAuthFailure EGP rfc1213 egpNeighborLos...

Page 135: ...wo OIDs which denote ifIndexes show the relationships ifMIB ifMIBObjects ifStackTable ifStackEntry ifStackStatus 0 1 active 1 ifMIB ifMIBObjects ifStackTable ifStackEntry ifStackStatus 0 2 active 1 If...

Page 136: ...nmpd conf for more details SNMP Applications The OpenArchitect switch includes the snmpget snmpwalk and snmpset applications you can use these standard Linux utilities to test your SNMP agent For exam...

Page 137: ...lc application sets the link speed and state of individual ports of the switch or display their current state It can also set or clear the extract led or the internal fault led or to set a port down o...

Page 138: ...ates as a boot loader and includes a device bootstring Device 1 contains the application flash 1 image of the Linux operating system and the OpenArchitect overlay file system Application flash 1 is th...

Page 139: ...After Linux boots the init process executes the etc init d rcS script which in turn executes etc rcZ d rc see Figure 9 3 Init Script Flow The etc rcZ d rc script runs S files in etc rcZ d with the sta...

Page 140: ...ure If the switch does not function after you initially change or reconfigure the image you have several options for recovering from an error First try to telnet into the switch If you are successful...

Page 141: ...ng Enter the following command zbootcfg d 1 The reboot command will also take i as an option and pass it to the Linux boot reboot i When the system boots the overlay file system is returned to the fac...

Page 142: ...rt At this point follow the Upgrading the OpenArchitect Image section to put a new RAM disk image in the application flash 1 IMPORTANT Be sure not to program flash 2 since this is your only current bo...

Page 143: ...ation zflash d 1 image_file The image file will be something named similar to the following zflash d 1 rdr6000 zImage initrd Upgrading or Adding Files Follow the procedure below to upgrade or add a ne...

Page 144: ...rs to keep their software up to date with the latest binaries and install new software without the need to recompile Users may create their own repositories and add entries in etc apt sources list emp...

Page 145: ...sor are labeled base Ethernet Interfaces The 3 0 Base Interface switching system provides 24 ports of Gigabit Ethernet service for up to 14 line cards with support for dual shelf manager connections T...

Page 146: ...Interfaces The Ethernet Switch Blade features a RS 232 console port located on the front panel that allows communication with the switch when the Out of Band Ethernet port is not available or in band...

Page 147: ...switch into the system and power up 5 Use a terminal emulation program to access the switch console Base Interface Out of Band Ethernet Connection Connect an Ethernet cable from the Ethernet Switch Bl...

Page 148: ...45 adapter cable is required to connect to the console port of the switch See the Users Guide for more information Figure 10 3 showsthe RJ 45 serial console 3 and Out of Band OOB ports 4 for the Fabr...

Page 149: ...figured with address 10 0 0 42 telnet to 10 0 0 42 telnet 10 0 0 42 3 After you are connected enter the login name root No password is required OpenArchitect login root 4 You are now logged in and sho...

Page 150: ...nagement environment If a failure occurs during the Shelf Manager activation stage the Ethernet Switch Blade has to be diagnosed through the ShMM as the OpenArchitect environment is not booted Table 1...

Page 151: ...M2 LONG BLINK OFF If the switch has reported critical sensor data for temperature or voltage the ShMM can prevent the switch from booting To determine if the critical sensor events persist it may be n...

Page 152: ...ther FRUs in the chassis If a remote connection to the ShMM can be established it is possible to collect some preliminary troubleshooting data Consult your Chassis user s guide for more information on...

Page 153: ...ufficient and the temperature threshold is still reported then return the switch for repair Analyzing Mstate information for the switch The SEL will also contain Mstate information for the switch that...

Page 154: ...These commands generate an output that reports if the ShMM thinks it has granted access to ports on the switches Check the Shelf Manager User s Guide for the expected output Ethernet Switch Blade User...

Page 155: ...Switch Blade is activated by the Shelf Manager If there is a problem with the loading of OpenArchitect due to a hardware failure or corrupt file system the back up image can help to troubleshoot the...

Page 156: ...hernet Switchblade has been enabled by the ShMM and starts to boot Bootloader examines the bootstring in the Boot ROM Loads image from Flash device 1 Loads image from Flash device 2 Begins execution o...

Page 157: ...net into the switch If you are successful remember to run zsync after fixing the problem After attaching the system console cable if the system boots fix the problem that does not allow you to telnet...

Page 158: ...Enter the following command zbootcfg d 1 4 The reboot command will also take i as an option and pass it to the Linux boot reboot i 5 When the system boots the overlay file system is returned to the f...

Page 159: ...t into the secondary kernel If you have difficulties booting contact Hewlett Packard technical support 5 At this point follow the Upgrading the OpenArchitect Image section to put a new RAM disk image...

Page 160: ...h zrl Trunk of Ports Link Aggregation eth Each switch fabric and base in a Ethernet Switch Blade Series unit has Out of Band OOB Ethernet port on the front panel These are an alternative maintenance p...

Page 161: ...anel access not implemented this release on either the Base or Fabric Interfaces Default Base Interface Configuration Editing the S50layer2 script can change the Ethernet Switch Blade Base Interface d...

Page 162: ...cks the current OA version and loads into the Vital Product Data VPD area if necessary Editing this script is not recommended 3 S50layer2 Script that sets up a basic Layer 2 switch All 24 10 100 1000...

Page 163: ...his configuration script is appropriate for an Ethernet Switch Blade It may need to be modified for other models Ethernet Switch Blade User s Guide release 3 2 2j page 163 OpenArchitect login root sh...

Page 164: ...dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 b TX bytes 0 0 0 b zhp0 Link encap Ethernet HWaddr 00 11 65 0B C0 38 inet add...

Page 165: ...uto by default the link may not negotiate correctly See the section on Connecting to Devices with Fixed Port Speeds Ext FLT LED on The EXT FLT LED indicates that communications could not be establishe...

Page 166: ...nager and enabled by the Ethernet Switch Blade switch UP The port has been configured to be active and has established a link with another network device DOWN The port has been configured to be active...

Page 167: ...e failure External An external fault indicates that a port has been configured to active but a link has not been established OK ON Indicates that the Ethernet Switch Blade has successfully loaded Open...

Page 168: ..._DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre6 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre7 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre8 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON...

Page 169: ...E EXT_FLT ON OK ON zre24 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre25 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre26 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre27 EKEY_DISAB...

Page 170: ...he connected devices are set to the same port speed setting otherwise diminished or no connections can be made If devices connected to the Ethernet Switch Blade are connected at a fixed Full Duplex hi...

Page 171: ...2 2j page 171 sh 2 04 ping 10 0 0 43 ping cannot resolve 10 0 0 43 Unknown host sh 2 04 sh 2 04 ping 10 0 0 43 PING 10 0 0 43 56 data bytes 64 bytes from 10 0 0 43 icmp_seq 0 ttl 109 time 69 094 ms 64...

Page 172: ...wing is an example of a Layer 2 traceroute with only two devices Ethernet Switch Blade User s Guide release 3 2 2j page 172 sh 2 04 traceroute 192 168 1 101 traceroute to 192 168 1 101 192 168 1 101 6...

Page 173: ...ation Transformers 4 CPU 13 4 port PHY 5 SDRAM 14 Zone 2 ATCA Connector 6 Isolation Transformer 15 Zone 1 ATCA Connector 7 IPMI Controller 16 Isolation Transformers 8 Power Supply 17 4 port PHY 9 Swit...

Page 174: ...er 2 Zone 3 ATCA Connector 3 Isolation Transformer 4 Switch Chip U60 5 SDRAM 6 Switch Chip U59 7 Isolation Transformer Ethernet Switch Blade User s Guide release 3 2 2j page 174 Figure 14 2 ZMC Daught...

Page 175: ...h ROMs 2 4 Port PHY 9 FPGA 3 CPU U22 10 ZMC Connector 4 10 Gigabit XFP 11 Zone 3 ATCA Connector 5 10 Gigabit PHY 12 Power Supply Ethernet Switch Blade User s Guide release 3 2 2j page 175 Figure 14 3...

Page 176: ...e following A failure to run the Power On Self Test POST A failure to boot the OpenArchitect kernel Kernel panics Loss of CPU response sometime after operation is initiated 5 3 RAM The Ethernet Switch...

Page 177: ...OT ROM If the Boot ROM fails or is not programmed there will be no boot activity on the console port after power up Network Cable Network cable failures will result in loss of link or loss of data pac...

Page 178: ...puts the link status for any Ethernet Switch Blade interface Link Status for a single port To query a link status for a single port type zre x query for example zlc zre13 query Example Output Link Sta...

Page 179: ...SE ENABLE EXT_FLT ON OK ON zre5 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre6 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre7 EKEY_DISABLED AUTO PAUSE ENABLE EXT_FLT ON OK ON zre8 EKEY_D...

Page 180: ...all current processes sh 2 04 top The top command can help you isolate software related memory problems to specific processes Example output Testing the Control Processor The Base Interface and Fabric...

Page 181: ...te with the Ethernet Switch Blade replace and return the Ethernet Switch Blade for repair Software Error If you can successfully contact the Ethernet Switch Blade through the console port See Chapter...

Page 182: ...INT FLT LED is illuminated replace the switch and return it for repair Ethernet Switch Blade User s Guide release 3 2 2j page 182...

Page 183: ...for example a bad or loose cable for a wired port Spontaneous Failover Activity If while rebooting the inactive switch in a chassis causes the active switch to reboot and or an unexpected failover yo...

Page 184: ...output the Vital Product Data from switch memory zstats V The following output is shown for the 3 0 Base Interface 3 0 Base Interface Ethernet Switch Blade User s Guide release 3 2 2j page 184 sh 2 0...

Page 185: ...ial Number V6 OpenArchitect Version VZ BootLoader Version Ethernet Switch Blade User s Guide release 3 2 2j page 185 ZX7100 OA3 2 2h zstats V VITAL PRODUCT DATA Open Architect Advanced TCA Fabric Swit...

Page 186: ...so you will have to be able to reach 10 0 0 42 3 Using the procedures referenced in Step 1 above download the OpenArchitect image upgrade to a local system 4 Check for free space with the df command T...

Page 187: ...k oscillation Base Interface zflash d 1 rdr6000 zImage initrd Fabric Interface zflash d 1 rdr7100 zImage initrd IPMC Firmware Upgrade Upgrading the IPMC Firmware through OpenArchitect is not currently...

Page 188: ...the console port For more information see Chapter 10 Connecting to the Ethernet Switch Blade 2 When you see the number counter appear after the zmonitor banner press any key on the console keyboard t...

Page 189: ...packet flow and amount and type of traffic TCP UDP Broadcast Multicast 2 MAC addresses are useful as well 3 Document a repeatable test case to reproduce the problem 4 Obtain configuration scripts the...

Page 190: ...2 contains the application flash 2 that is an exact copy of application flash 1 You would only boot from this device if application flash1 is corrupted and you need to restore the switch to the facto...

Page 191: ...tion scripts the user can setup any combination of Layer 2 and Layer 3 switching configurations with VLAN support Running the zconfig command causes network interfaces to be presented to the Linux ope...

Page 192: ...rrpd The local options are as follows d level Set the debug level The default debug level is 1 The higher the level the more debugging output is produced Debugging output is sent to the controlling tt...

Page 193: ...of using the invocation method that changes the priority to 99 for the Virtual Router associated with the Virtual Router Identifier 1 vrrpconfig v 1 p 99 SEE ALSO vrrpd Ethernet Switch Blade User s Gu...

Page 194: ...rding responsibility should the Master become unavailable This allows any of the virtual router IP addresses on the LAN to be used as the default first hop router by end hosts The advantage gained fro...

Page 195: ...are lines of command line options Each line represents a Virtual Router Parameters given on the command line apply to all Virtual Routers defined by the conf file So for example if the command line r...

Page 196: ...address of the interface Using the n option is not recommended D level Set debugging output to the supplied level ipaddr the ip address es of the virtual server SEE ALSO vrrpconfig Ethernet Switch Bl...

Page 197: ...hipped location of the primary OpenArchitect image d 2 Loads an image located at offset 0 in the application flash 2 This is the factory shipped location for the alternate OpenArchitect image Any char...

Page 198: ...g d 2 The next example passes the i option to the booting kernel This is useful when recovering from a mistake saved to the read write file system or after updating the application flash 1 and doing t...

Page 199: ...ed for Layer 3 routing between VLAN groups A network interface uses the following format zhpN e g zhp0 N is an integer between 0 and 9999 The value of N is not required to be the same as any of the po...

Page 200: ...nt Syntax Double VLAN tag mode is set and removed on a global basis with the following syntax dvlan 0x8100 0x9100 or other unused ethertype dvlan teardown The first option sets double VLAN tag mode on...

Page 201: ...d destination for a given layer is the same as specifying that layer itself i e zrl0 ip source_address ip destination_address is the same as zrl0 ip NOTE The Ethernet Switch Blade supports destination...

Page 202: ...face and VLAN group already exist the specified ports or trunks are added to the network interface and VLAN group teardown Deletes the network interface and the associated VLAN group zre_list multicas...

Page 203: ...d then the action Port interface actions may include SYNTAX zconfig zre_list untag n untag N Packets sent from this port or trunk for VLAN N are transmitted without a VLAN tag The port or trunk specif...

Page 204: ...simplify the process of creating larger more complex configurations Wild card characters for zconfig include comma Use for creating lists dot dot Specifies an inclusive range plus Specifies auto incre...

Page 205: ...econd statement configures all ports as untagged in their respective VLANs zhp0 13 vlan1 14 zre1 zre1 13 untag1 This is equivalent to zhp0 vlan1 zre1 zhp1 vlan2 zre2 zhp2 vlan3 zre3 zhp13 vlan14 zre14...

Page 206: ...The previous configuration can be used for creating a 14 port Layer 2 switch all 14 ports assigned to the same VLAN SEE ALSO zl3d Ethernet Switch Blade User s Guide release 3 2 2j page 206...

Page 207: ...settings can also be examined The OpenArchitect switch supports up to eight class of service queues for packets to be sent out each of the Ethernet ports or forwarded to the CPU Normally packets are p...

Page 208: ...ag have no 802 1p priority This option assigns a default priority for untagged packets arriving on each port in the port list The default priority ranges from 0 lowest to 7 highest m q0 q7 port list S...

Page 209: ...e WRR Weighted round robin a configurable number of packets are scheduled from each queue before moving on to the next DRR Deficit Round Robin packets are scheduled from a backlogged queue until the c...

Page 210: ...COS queues for packets received on all ports zcos m 0 1 2 3 4 5 6 7 3 To set up weighted round robin scheduling on ports zre10 to zre14 and the CPU with a weight of 2 for queue 0 3 for queue 1 and 1...

Page 211: ...used to configure the expected interval of heartbeats and the number of missed heartbeats of the software component before the Ethernet Switch Blade should be rebooted If either the interval or number...

Page 212: ...ny or all critical system resources and processes in the system OPTIONS d set debug level to level h Toggle use of the hardware watchdog timer Off by default i Time interval in milliseconds between zd...

Page 213: ...for the filtering rules and actions OPTIONS d level Sets the level of debugging output required by zconfig The default level is one 1 Setting the debug level higher produces more output Four 4 is cur...

Page 214: ...a number 0 1 or 2 corresponding to the boot ROM application flash 1 or application flash 2 respectively i upgradeipmi img will load the file upgradeipmi img into the IPMI controller flash memory This...

Page 215: ...cise caution when using this command as an error can render your switch inoperable Do not interrupt this process until complete SEE ALSO zbootcfg Ethernet Switch Blade User s Guide release 3 2 2j page...

Page 216: ...e zvlan displays the abstraction API s VLAN table SYNOPSIS zl2 i index m mac_address a v vlan_id P port h host_name d level zl2mc i index m mac_address a v vlan_id P port h host_name d level zl3host i...

Page 217: ...t be combined with i P or v a Displays the entire table v vlan_id Displays entries whose VLAN ID field matches vlan_id Only valid for tables that have a VLAN ID field Cannot be combined with i m or P...

Page 218: ...0 c0 95 45 00 00 The following command displays all entries of the zl2 table zl2 Be careful the c option does not ask The following command deletes all entries in the zl2 table zl2 c SEE ALSO zal Ethe...

Page 219: ...AN specified in the GVRP packet If the VLAN does not exist zgvrpd creates it If zgvrpd deletes the last port from a dynamically created VLAN it also deletes the VLAN When a VLAN is dynamically created...

Page 220: ...ts specified by the target zhp interface There is no default A target must be specified EXAMPLES In the following example zgvrpd starts a background task that enables the GVRP protocol for the ports i...

Page 221: ...options OPTIONS start stop Starts or stops the zl2d daemon t msec Cause zl2d to monitor the Spanning Tree state of each port on each bridge every msec milliseconds If unspecified the default is 500 m...

Page 222: ...nux bridge named bzhp0 which includes all of the zre n devices previously associated with the zhp0 device zl2d then starts a background task that monitors the port information of the Linux bridge ever...

Page 223: ...from the route cache Similarly network route entries are removed when the corresponding Linux FIB table entry is deleted OPTIONS h hostname Specifies which host to monitor By default zl3d monitors th...

Page 224: ...estination then zl3d inserts the entry into the switch host route table If an entry in the Linux FIB table is a host entry and zl3d is able to resolve the MAC address of the destination host then the...

Page 225: ...ontains more than one port returns the number of ports that match the option port_list Port or list of ports on which to take action Port lists are supplied in zconfig syntax e g zre1 zre2 4 etc actio...

Page 226: ...n off or other If globally set to on or off the LED will not change when links go up or down or interfaces are configured If set to other the LED resumes its normal operation The next example globally...

Page 227: ...SEE ALSO ifconfig 8 Ethernet Switch Blade User s Guide release 3 2 2j page 227...

Page 228: ...name b Do not background the zlmd process d level Set debug level to level f configuration_file configuration Read configuration from file If file is a configuration is read from stdin Without the f o...

Page 229: ...t swap Events program ppa extraction 1 insertion 2 Note The ppa parameter is undefined and should be ignored EXAMPLES In the following example zlmd monitors ports 1 through 4 and runs a script called...

Page 230: ...is called from etc init d rcS by default with no parameters OPTIONS b Do not background the process i e run in foreground t time the time between logfile checks in seconds default 60 s size the target...

Page 231: ...hing zmirror zre1 zre2 zre3 zre12 To clear the current mirroring use the t option The e option can be used to indicate that packets being sent on a given port should be copied to the to port For examp...

Page 232: ...roring setup e Set egress port mirroring for the specified from port t Teardown or disable the mirroring WILDCARDS Wildcard characters can be included to simplify the process of creating larger more c...

Page 233: ...ay zmnt can be used for correcting a problem file in the read write file system The t option can be used to save the configuration of a switch to a tar file A tar file can be copied to another switch...

Page 234: ...he resulting tar file can now be saved on a different host as a snapshot of the overlay at that point in time Use zsync to restore the overlay on the switch zsync t overlay tar The restored overlay wi...

Page 235: ...tion to the base switch NOTE Local information can also be read as confirmation and for debugging purposes zpeer is part of the HA software suite It is called as part of the scripts that are generated...

Page 236: ...information that can be used for debugging Here is example output from the a option Local Write Peer Read priority 203 231 state master backup data 2 cb 2 e7 position byte bit 2 8 2 0 status 50 ACK 0...

Page 237: ...be also reset SEE ALSO zspconfig Ethernet Switch Blade User s Guide release 3 2 2j page 237...

Page 238: ...ng the queuing disciplines and filters and sends them to a hardware specific daemon ztmd ztmd should be started before zqosd Both programs normally run as background processes OPTIONS d level Set the...

Page 239: ...SEE ALSO ztmd tc 8 zfilterd Ethernet Switch Blade User s Guide release 3 2 2j page 239...

Page 240: ...e rate control for Broadcast packets m Enable rate control for Multicast packets d Enable rate control for DLF packets t Teardown or disable all rate control a Display the current rate control setting...

Page 241: ...A If there is only one OpenArchitect switch as would be the case when zreg is running on the embedded processor the PPA would be 0 The default PPA is 0 w Causes zreg to write to the register or table...

Page 242: ...owing is an example of reading the CONFIG Register zreg 1 When running zreg on the embedded processor of the OpenArchitect switch the ppa is always 0 since the embedded CPU processor only controls the...

Page 243: ...he following example zrld starts a background task that listens on the default port 7000 for incoming TCP requests and passes along the request to the OA HA application zrld Once started you can issue...

Page 244: ...creates or updates an entry in the MARL The key to each MARL entry is a source Ethernet multicast address combined with a VLAN ID Two port bitmaps are maintained one that identifies the untagged memb...

Page 245: ...zsnoopd for VLAN vlan_id Default is to enable zsnoopd on all VLANs This option may be entered more than once EXAMPLES In the following example zsnoopd starts a background task that monitors incoming...

Page 246: ...ate and replacement switches run zspconfig with the u option The v option prints the current version of zspconfig and performs no actions OPTIONS d level Set the debug level The default debug level is...

Page 247: ...configuration file zconfig zhp0 vlan1 zre1 4 zconfig zhp1 vlan2 zre5 8 zconfig zhp2 vlan100 zre14 In the above example three VLANs are created zhp0 and zhp1 will be used as connections to high availab...

Page 248: ...dress will move with the current Master switch and the netmask must be the same as that provided in the sibling_addresses statement The last required section for the configuration is description of th...

Page 249: ...a member of more then one zhp In such cases configuring the zhps as different port types would cause a conflict and will not work To handle this setup the individual zre commands would be used to setu...

Page 250: ...To overcome this problem zspconfig uses a default MAC address derived from the physical address of the switch on which it is running For the slave switch the vrrp_virtual_mac_addr command is used to s...

Page 251: ...ill crash the vrrpd or cause delays in the Surviving Partner failover To protect against this write the script to launch a second script in a background shell The advantage to calling the user provide...

Page 252: ...lient conf file is created and then dhclient is used to retrieve a zspconfig configuration file from the tftpboot area of the Master switch etc rcZ d surviving_partner vrrpd script Runtime script that...

Page 253: ...remote hostname to configure By default zstack configures stacking on the local OpenArchitect switch This option should only be used for displaying the configuration if at all d level Sets the level...

Page 254: ...ace of the IP address Currently only local CPU control is supported Stack creation example for a Ethernet Switch Blade stack0 ppa0 local stack1 ppa1 local The above statements indicate that there are...

Page 255: ...unicate with a different group of stacked ports The syntax is as follows stack N stack M zre n The above syntax indicates that stack N should use zre n to access stack M The zre value n is a physical...

Page 256: ...zstack stack1 trunk0 zre26 27 zstack stack0 stack1 trunk0 zstack stack1 stack0 trunk0 zstack enable WILDCARDS Wild card characters can be included to simplify the process of creating larger more compl...

Page 257: ...zre lists Example of stack0 3 representing stacks 0 1 2 and 3 SEE ALSO zconfig Ethernet Switch Blade User s Guide release 3 2 2j page 257...

Page 258: ...utput is formatted OPTIONS m port MIB statistics for specified port v vlan id MIB statistics for specified vlan id i unit Information for specified unit 0 is BCM56504 ports 0 23 48 49 1 is BCM56504 po...

Page 259: ...file then zsync to the mnt directory to save your changes and reboot There are two overlay areas dynamic and custom The dynamic overlay is where the switch s current configuration is stored It will b...

Page 260: ...ories must be created with zmnt l List files that would be written Do not flash EXAMPLES To zsync only the hosts file cd etc zsync hosts If you previously created a snapshot of an overlay to a tar fil...

Page 261: ...logged level may be 0 4 higher levels produce more output p port Use port as the multicast listening port for communication with ztmd Default is 2345 f Run ztmd in the foreground Without this option i...

Page 262: ...SEE ALSO zqosd iptables 8 tc 8 zfilterd Ethernet Switch Blade User s Guide release 3 2 2j page 262...

Page 263: ...apid Spanning Tree Protocol This protocol is used for finding the shortest path between two networks as well as eliminating loops from the topology Bridges communicate with each other by sending and r...

Page 264: ...the bridge s bridge hello time to time seconds setmaxage bridge time sets the bridge s maximum message age to time seconds setpathcost bridge zre cost sets the port cost of the port zre to cost This i...

Page 265: ...SEE ALSO zconfig zl2d Ethernet Switch Blade User s Guide release 3 2 2j page 265...

Page 266: ...ion scripts the user can setup any combination of Layer 2 and Layer 3 switching configurations with VLAN support Running the zconfig command causes network interfaces to be presented to the Linux oper...

Page 267: ...rrpd The local options are as follows d level Set the debug level The default debug level is 1 The higher the level the more debugging output is produced Debugging output is sent to the controlling tt...

Page 268: ...of using the invocation method that changes the priority to 99 for the Virtual Router associated with the Virtual Router Identifier 1 vrrpconfig v 1 p 99 SEE ALSO vrrpd Ethernet Switch Blade User s Gu...

Page 269: ...dynamic failover in the forwarding responsibility should the Master become unavailable This allows any of the virtual router IP addresses on the LAN to be used as the default first hop router by end...

Page 270: ...ng multiple Virtual Routers The contents of the conf file are lines of command line options Each line represents a Virtual Router Parameters given on the command line apply to all Virtual Routers defi...

Page 271: ...which to use the native MAC address of the interface Using the n option is not recommended D level Set debugging output to the supplied level ipaddr the ip address es of the virtual server SEE ALSO vr...

Page 272: ...hipped location of the primary OpenArchitect image d 2 Loads an image located at offset 0 in the application flash 2 This is the factory shipped location for the alternate OpenArchitect image Any char...

Page 273: ...g d 2 The next example passes the i option to the booting kernel This is useful when recovering from a mistake saved to the read write file system or after updating the application flash 1 and doing t...

Page 274: ...mat zhpN for example zhp0 N is an integer between 0 and 9999 The value of N is not required to be the same as any of the port s that are its members The range 0 4999 is reserved for network interfaces...

Page 275: ...set and teardown Double VLAN tag mode Global Statement Syntax Double VLAN tag mode is set and removed on a global basis with the following syntax dvlan 0x8100 0x9100 or other unused ethertype dvlan te...

Page 276: ...s all which combines all criteria for determining the transmit port of the trunk Specifying both source and destination for a given layer is the same as specifying that layer itself that is zrl0 ip so...

Page 277: ...ormat where Y is a number between 0 31 If the network interface and VLAN group already exist the specified ports or trunks are added to the network interface and VLAN group teardown Deletes the networ...

Page 278: ...a port or trunk name or a list of such names followed by an equal sign and then the action Port interface actions may include SYNTAX zconfig zre_list untag n untag N Packets sent from this port or tru...

Page 279: ...untagged on one VLAN WILDCARDS Wild card characters can be included to simplify the process of creating larger more complex configurations Wild card characters for zconfig include comma Use for creati...

Page 280: ...rt 1 the second group port 2 and so on The second statement configures all ports as untagged in their respective VLANs zhp0 13 vlan1 14 zre1 zre1 13 untag1 This is equivalent to zhp0 vlan1 zre1 zhp1 v...

Page 281: ...The previous configuration can be used for creating a 14 port Layer 2 switch all 14 ports assigned to the same VLAN SEE ALSO zl3d Ethernet Switch Blade User s Guide release 3 2 2j page 281...

Page 282: ...settings can also be examined The OpenArchitect switch supports up to eight class of service queues for packets to be sent out each of the Ethernet ports or forwarded to the CPU Normally packets are p...

Page 283: ...ag have no 802 1p priority This option assigns a default priority for untagged packets arriving on each port in the port list The default priority ranges from 0 lowest to 7 highest m q0 q7 port list S...

Page 284: ...e WRR Weighted round robin a configurable number of packets are scheduled from each queue before moving on to the next DRR Deficit Round Robin packets are scheduled from a backlogged queue until the c...

Page 285: ...COS queues for packets received on all ports zcos m 0 1 2 3 4 5 6 7 3 To set up weighted round robin scheduling on ports zre10 to zre14 and the CPU with a weight of 2 for queue 0 3 for queue 1 and 1...

Page 286: ...d the number of missed heartbeats of the software component before the base switch should be rebooted If either the interval or number of heartbeats is 0 the software component is off The h option is...

Page 287: ...resources and processes in the system OPTIONS d set debug level to level h Toggle use of the hardware watchdog timer Off by default i Time interval in milliseconds between zdog to driver heartbeats n...

Page 288: ...nd syntax as zffpcounter The iptables or zirule utilities may be queried to see which rules if any are using FFP counters OPTIONS h hostname Specifies the hostname to query clear By default zffpcounte...

Page 289: ...initialized on startup Counter 0 59602801 Counter 1 83360091 Counter 2 83361262 Counter 29 83074779 Counter 30 81723249 Counter 31 71007391 The next example clears all FFP counter values zffpcounter P...

Page 290: ...N accept counter 1 Start zfilterd to move the rule entered with iptables 8 down into the switching silicon zfilterd Counter 1 will now increment as traffic is sent to the switch from host 10 0 0 11 zf...

Page 291: ...Counter 19 0 Counter 20 0 Counter 21 0 SEE ALSO zirule iptables 8 Ethernet Switch Blade User s Guide release 3 2 2j page 291...

Page 292: ...for the filtering rules and actions OPTIONS d level Sets the level of debugging output required by zconfig The default level is one 1 Setting the debug level higher produces more output Four 4 is cur...

Page 293: ...a number 0 1 or 2 corresponding to the boot ROM application flash 1 or application flash 2 respectively i upgradeipmi img will load the file upgradeipmi img into the IPMI controller flash memory This...

Page 294: ...cise caution when using this command as an error can render your switch inoperable Do not interrupt this process until complete SEE ALSO zbootcfg Ethernet Switch Blade User s Guide release 3 2 2j page...

Page 295: ...ddress combined with a VLAN ID Two port bitmaps are maintained one that identifies the untagged members of the VLAN and one which identifies which ports of the VLAN have listening hosts attached NOTE...

Page 296: ...ecified by the target either a zhp or bzhp interface There is no default A target must be specified EXAMPLES In the following example zgmrpd starts a background task that enables the GMRP protocol for...

Page 297: ...ex m mac_address a v vlan_id P port h host_name d level zl3net i index m mac_address a v vlan_id P port h host_name d level zvlan i index m mac_address a v vlan_id h host_name d level DESCRIPTION The...

Page 298: ...Only valid for tables that have a PORT ID field Cannot be combined with i m or v h host_name Specifies which hostname to connect By default zgr connects to the locally connected OpenArchitect switch t...

Page 299: ...zl2 Be careful the c option does not ask The following command deletes all entries in the zl2 table zl2 c SEE ALSO zal Ethernet Switch Blade User s Guide release 3 2 2j page 299...

Page 300: ...e VLAN does not exist zgvrpd creates it If zgvrpd deletes the last port from a dynamically created VLAN it also deletes the VLAN When a VLAN is dynamically created a corresponding zhpN interface is al...

Page 301: ...ace There is no default A target must be specified EXAMPLES In the following example zgvrpd starts a background task that enables the GVRP protocol for the ports in the zhp0 interface zgvrpd receives...

Page 302: ...ions OPTIONS start stop Starts or stops the zl2d daemon t msec Cause zl2d to monitor the Spanning Tree state of each port on each bridge every msec milliseconds If unspecified the default is 500 milli...

Page 303: ...nux bridge named bzhp0 which includes all of the zre n devices previously associated with the zhp0 device zl2d then starts a background task that monitors the port information of the Linux bridge ever...

Page 304: ...from the route cache Similarly network route entries are removed when the corresponding Linux FIB table entry is deleted OPTIONS h hostname Specifies which host to monitor By default zl3d monitors th...

Page 305: ...estination then zl3d inserts the entry into the switch host route table If an entry in the Linux FIB table is a host entry and zl3d is able to resolve the MAC address of the destination host then the...

Page 306: ...ts that match the option port_list Port or list of ports on which to take action Port lists are supplied in zconfig syntax e g zre1 zre2 4 etc action Set link speed or state to up down auto 1000fd 100...

Page 307: ...hange when links go up or down or interfaces are configured If set to other the LED resumes its normal operation The next example globally turns on the Pull extract LED zlc extract on Additional capab...

Page 308: ...host_name b Do not background the zlmd process d level Set debug level to level f configuration_file configuration Read configuration from file If file is a configuration is read from stdin Without th...

Page 309: ...t swap Events program ppa extraction 1 insertion 2 NOTE The ppa parameter is undefined and should be ignored EXAMPLES In the following example zlmd monitors ports 1 through 4 and runs a script called...

Page 310: ...is called from etc init d rcS by default with no parameters OPTIONS b Do not background the process i e run in foreground t time the time between logfile checks in seconds default 60 s size the target...

Page 311: ...re2 zre3 zre12 To clear the current mirroring use the t option The e option can be used to indicate that packets being sent on a given port should be copied to the to port For example if the e option...

Page 312: ...ng example results in ingress mirroring from port 0 to port 1and from port 2 and 3 to port 18 zmirror zre0 zre1 zmirror zre2 zre12 zmirror zre3 zre18 The to port of 12 was over written with the to por...

Page 313: ...sive range Below are some examples for the correct usage of the comma and dot dot Each line below produces the same results zre1 zre2 zre3 zre4 zre1 4 zre1 zre2 4 zre1 2 zre3 4 SEE ALSO tcpdump 1M Eth...

Page 314: ...em file in the read write file system The t option can be used to save the configuration of a switch to a tar file A tar file can be copied to another switch and saved with zsync t As a result the con...

Page 315: ...different host as a snapshot of the overlay at that point in time Use zsync to restore the overlay on the switch zsync t overlay tar The restored overlay will be used upon the next reboot SEE ALSO zs...

Page 316: ...tion to the base switch NOTE Local information can also be read as confirmation and for debugging purposes zpeer is part of the HA software suite It is called as part of the scripts that are generated...

Page 317: ...information that can be used for debugging Here is example output from the a option Local Write Peer Read priority 203 231 state master backup data 2 cb 2 e7 position byte bit 2 8 2 0 status 50 ACK 0...

Page 318: ...be also reset SEE ALSO zspconfig Ethernet Switch Blade User s Guide release 3 2 2j page 318...

Page 319: ...ng the queuing disciplines and filters and sends them to a hardware specific daemon ztmd ztmd should be started before zqosd Both programs normally run as background processes OPTIONS d level Set the...

Page 320: ...SEE ALSO ztmd tc 8 zfilterd Ethernet Switch Blade User s Guide release 3 2 2j page 320...

Page 321: ...ckets d Enable rate control for DLF packets t Teardown or disable all rate control a Display the current rate control settings p port Enable rate control on this port v vlan Enable rate control for th...

Page 322: ...ect switch as would be the case when zreg is running on the embedded processor the PPA would be 0 The default PPA is 0 w Causes zreg to write to the register or table Data to be written is read from s...

Page 323: ...be read or written Content addressable memory register access is the default The following is an example of reading the CONFIG Register zreg 1 When running zreg on the embedded processor of the OpenA...

Page 324: ...he following example zrld starts a background task that listens on the default port 7000 for incoming TCP requests and passes along the request to the OA HA application zrld Once started you can issue...

Page 325: ...he table The key to each entry is a source Ethernet multicast address combined with a VLAN ID Two port bitmaps are maintained one that identifies the untagged members of the VLAN and one which identif...

Page 326: ...zsnoopd for VLAN vlan_id Default is to enable zsnoopd on all VLANs This option may be entered more than once EXAMPLES In the following example zsnoopd starts a background task that monitors incoming...

Page 327: ...uery command The information in the data position and status rows are internal debugging information that is useful to support engineers when diagnosing problems in the field The r option should not b...

Page 328: ...s run zspconfig with the u option The v option prints the current version of zspconfig and performs no actions OPTIONS d level Set the debug level The default debug level is 1 The higher the level the...

Page 329: ...hp0 vlan1 zre1 4 zconfig zhp1 vlan2 zre5 8 zconfig zhp2 vlan100 zre14 In the above example three VLANs are created zhp0 and zhp1 will be used as connections to high availability nodes zhp2 will be use...

Page 330: ...e current Master switch and the netmask must be the same as that provided in the sibling_addresses statement The last required section for the configuration is description of the ports Particularly we...

Page 331: ...a member of more then one zhp In such cases configuring the zhps as different port types would cause a conflict and will not work To handle this setup the individual zre commands would be used to set...

Page 332: ...o overcome this problem zspconfig uses a default MAC address derived from the physical address of the switch on which it is running For the slave switch the vrrp_virtual_mac_addr command is used to se...

Page 333: ...ize using the u option A common use of the start_script command might be to propagate gated configurations to all members of the Surviving Partner group Absolute path names must be used Using multiple...

Page 334: ...in tftpboot and is retrieved via DHCP by a replacement switch on boot up etc rcZ d surviving_partner dhcpd conf Configuration script used by dhcpd when the switch becomes master dhcpd is used to serve...

Page 335: ...Ethernet Switch Blade User s Guide release 3 2 2j page 335...

Page 336: ...te hostname to configure By default zstack configures stacking on the local OpenArchitect switch This option should only be used for displaying the configuration if at all d level Sets the level of de...

Page 337: ...running zstack controls the physical switch fabric chip the key word local is used in place of the IP address Currently only local CPU control is supported Stack creation example for a base switch st...

Page 338: ...n the configuration of the stack must be defined The stack configuration provides the network map of how inter switch fabric communication is performed It specifies which physical port or should be us...

Page 339: ...t be torn down using zconfig WILDCARDS Wild card characters can be included to simplify the process of creating larger more complex configurations Wild card characters for zconfig include comma Use fo...

Page 340: ...memory All output is formatted OPTIONS m port MIB statistics for specified port v vlan id MIB statistics for specified vlan id i unit Information for specified unit 0 is BCM5695 ports 0 11 1 is BCM569...

Page 341: ...be saved To correct a corrupted file that is saved to flash ROM with zsync first reboot with the i option see Switch Maintenance Use zmnt to put the corrupted file in the mnt directory open and correc...

Page 342: ...ay Contents of directories must be created with zmnt l List files that would be written Do not flash EXAMPLES To zsync only the hosts file cd etc zsync hosts If you previously created a snapshot of an...

Page 343: ...gged level may be 0 4 higher levels produce more output p port Use port as the multicast listening port for communication with ztmd Default is 2345 f Run ztmd in the foreground Without this option it...

Page 344: ...SEE ALSO zqosd iptables 8 tc 8 zfilterd Ethernet Switch Blade User s Guide release 3 2 2j page 344...

Page 345: ...ning Tree Protocol This protocol is used for finding the shortest path between two networks as well as eliminating loops from the topology Bridges communicate with each other by sending and receiving...

Page 346: ...etgcint bridge time sets the garbage collection interval for the bridge to time seconds This means that the bridge will check the forwarding database for timed out entries every time seconds stp bridg...

Page 347: ...ge port priority sets the port s priority to priority The priority value is an unsigned 8 bit quantity a number between 0 and 255 and has no dimension This metric is used in the designated port and ro...

Page 348: ...receive commands and control information from the BMC I2 C Port 1 Connects to the Ethernet Switch Blade CPU and the spare SEEPROM I2 C Port 2 Connects to the boot and run time SEEPROMs as well as the...

Page 349: ...atus Notes GetDevID 0x01 Mandatory BroadcastGetDeviceID 0x01 Mandatory ColdReset 0x02 Optional GetSelfTestResult 0x04 Mandatory GetSensorReading 0x2D Mandatory TempSensor 60 Returned in Celsius A2D_0...

Page 350: ...o the switch in slot 2 geographical address is B2h to read the temperature sensor which is assigned to sensor number 60h Standard IPMI Command GetSensorReading Byte Data Field Description 1 rsAddr B2h...

Page 351: ...6 command 2Dh 7 completion code 00h 8 sensor reading 1Bh 27 Celsius degree 9 optional data byte C0h scanning is enabled 10 optional data byte C0h 11 optional data byte 00 12 checksum2 80h Table C 4 Ge...

Page 352: ...rgN 7 x 1 check2 chksm2 Table C 5 Standard IPMI Commands Structure of Standard IPMI Responses From PMC to BMC Structure of Standard IPMI Responses PMC BMC Byte Data Field Description 1 rqAddr sw_id 2...

Page 353: ...le C 7 Event Message Format IPMI Event Message Definitions The following tables describe the IPMI event messages to be generated by the PMC The basic requirement is that when a monitored sensor change...

Page 354: ...Override State 0 Override state bus isolated 1 Local Control state IPM Controller determines state of bus 6 4 IPMB B Local Status 0 No Failure Bus enabled if no override in effect 1 Unable to drive c...

Page 355: ...IPMB Override Status Data 5 Clock low time out 6 under test 7 Undiagnosed communications failure Table C 9 IPMB Override Status Data Ethernet Switch Blade User s Guide release 3 2 2j page 355...

Page 356: ...68 126 Policy Decision Point 67 125 Policy Enforcement Points 67 125 console cable Booting 86 144 Console Port 21 COPS 67 125 Default Route 71 130 dhclient 71 130 DHCP 40 DHCP Client 71 130 Server 71...

Page 357: ...rtup 40 Saving Changes 86 144 Scripts rcS 71 130 S20stack 44 92 S30e1000 92 S40vpd 92 S50layer2 44 92 S50layer2sp 92 S50layer3 44 50 92 98 S50multivlan 44 93 100 S55gatedOSPF 44 93 S55gatedRip1 44 51...

Page 358: ...zconfig 97 148 227 235 zdog 247 zfilterd 56 107 253 zflash 88 146 171 254 zgmrpd 256 zgr 258 zgvrpd 261 zl2179 258 zl2d 148 184 227 263p zl2mc 179 258 zl3d 49 98 102 148 227 266 zl3host 179 258 zl3net...

Page 359: ...Index ztmd 301 zvlan 179 258 ZX4920 MIB 333 7100 User s Guide release 3 2 2j page 359...

Reviews:

No comments