background image

116

C

HAPTER

 12: P

OWER

 M

ANAGEMENT

 

AND

 C

ONTROL

supplied with power if all the existing power requirements can also 
be met. See 

“Configuring a Guaranteed Power Plan”

 below.

Once power has been guaranteed to a port it will be reserved for 
that port even if the device or port is not currently in use.

Configuring a

Guaranteed Power

Plan

When you implement a guaranteed power plan, power is reserved for 
devices you choose. The Switch 4400 PWR has a set of power profiles for 
3Com Power over Ethernet products.

Configuring a port for a 3Com Power over Ethernet device is as simple as 
selecting the profile for that device. If you add a device to your Switch 
that does not have a profile, for example a future 3Com device or a 
device from another supplier, you can also guarantee power by specifying 
the maximum power required by the device. Refer to the documentation 
supplied with your Power over Ethernet device.

To ensure that the Switch is able to supply power to each device for 
which it has guaranteed power, the Switch reserves the maximum power 
that each guaranteed device can draw, regardless of whether the device 
is in use. Typically, this results in the Switch reserving more power for 
guaranteed devices than is actually supplied to these devices.

If the Switch is not able to supply power to all your devices, you may 
want to consider prioritizing your devices rather than guaranteeing 
power. See 

“Implementing a Power Plan”

 on 

page 115

.

To configure a guaranteed power plan use the 

Physical Interface > 

Power > Configure

 operation in the Web interface. See the Management 

Interface Reference Guide, supplied on the CD with your Switch for 
details of the 

Physical Interface > Power > Configure

 operation.

Monitoring Power 
Usage

The Switch is able to allocate and monitor power on a port by port basis 
and is able to monitor power usage for the whole unit. As you increase 
the number of Power over Ethernet devices you use, managing the way 
you use your power becomes increasingly important.

Содержание 3C17203 - SuperStack 3 Switch 4400

Страница 1: ...http www 3com com Part No DUA1720 3BAA04 Published January 2003 SuperStack 3 Switch Implementation Guide Generic guide for units in the SuperStack 3 Switch 4400 Series 3C17203 3C17204 3C17205 3C17206 ...

Страница 2: ...ny portion of any legend provided on any licensed program or documentation contained in or delivered to you in conjunction with this User Guide Unless otherwise indicated 3Com registered trademarks are registered in the United States and may or may not be registered in other countries 3Com the 3Com logo and SuperStack are registered trademarks of 3Com Corporation Intel and Pentium are registered t...

Страница 3: ... Automatic IP Configuration 17 Port Security 17 Power Management 18 Aggregated Links 18 Auto negotiation 18 Multicast Filtering 19 Resilient Links 20 Spanning Tree Protocol and Rapid Spanning Tree Protocol 20 Switch Database 21 Traffic Prioritization 21 Roving Analysis 21 RMON 22 Webcache Support 22 Broadcast Storm Control 22 VLANs 22 Configuration Save and Restore 23 2 OPTIMIZING BANDWIDTH Port F...

Страница 4: ...Your Switch 41 IGMP Multicast Filtering 42 4 USING RESILIENCE FEATURES Resilience Feature Overview 46 What are Resilient Links 46 Spanning Tree Protocol STP 47 Rapid Spanning Tree Protocol RSTP 48 What is STP 48 How STP Works 50 STP Requirements 50 STP Calculation 51 STP Configuration 52 STP Reconfiguration 52 How RSTP Differs to STP 52 STP Example 52 STP Configurations 54 Default Behavior 56 RSTP...

Страница 5: ...uring Traffic Prioritization 72 Important QoS Considerations 72 Default QoS Configurations 74 Example QoS Configurations 75 Other Configuration Examples and Guidelines 76 7 STATUS MONITORING AND STATISTICS Roving Analysis Port 77 Roving Analysis and Your Switch 77 RMON 78 What is RMON 78 The RMON Groups 78 Benefits of RMON 79 RMON and the Switch 80 Alarm Events 81 The Default Alarm Settings 81 The...

Страница 6: ...s 97 10 USING AUTOMATIC IP CONFIGURATION How Your Switch Obtains IP Information 100 How Automatic IP Configuration Works 100 Automatic Process 101 Important Considerations 102 Server Support 102 Event Log Entries and Traps 102 11 MAKING YOUR NETWORK SECURE Port Security 104 What is Network Login 105 How Network Login Works 106 Important Considerations 107 What is Disconnect Unauthorized Device DUD...

Страница 7: ...ion Rules for Gigabit Ethernet 123 Configuration Rules for Fast Ethernet 124 Configuration Rules with Full Duplex 125 B NETWORK CONFIGURATION EXAMPLES Simple Network Configuration Examples 128 Segmentation Switch Example 128 Collapsed Backbone Switch Example 129 Desktop Switch Example 130 Advanced Network Configuration Examples 131 Improving the Resilience of Your Network 131 Enhancing the Perform...

Страница 8: ...GLOSSARY INDEX ...

Страница 9: ...ng knowledge of local area network LAN operations and familiarity with communication protocols that are used to interconnect LANs For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch or on ...

Страница 10: ...ample To change your password use the following syntax system password password In this example you must supply a password for password Commands The word command means that you must enter the command exactly as shown and then press Return or Enter Commands appear in bold Example To display port information enter the following command bridge port detail The words enter and type When you see the wor...

Страница 11: ...erStack 3 Switch Management Quick Reference Guide This guide contains a list of the features supported by the Switch a summary of the Web interface and Command Line Interface commands for the Switch Release Notes These notes provide information about the current software release including new features modifications and known problems There are other publications you may find useful such as Documen...

Страница 12: ...entation Guide Part number DUA1720 3BAA04 Page 25 Please note that we can only respond to comments and questions about 3Com product documentation at this e mail address Questions related to technical support or sales should be directed in the first instance to your network supplier Product Registration You can now register your SuperStack 3 Switch on the 3Com Web site http www 3com com register ...

Страница 13: ...Using Resilience Features Chapter 5 Using the Switch Database Chapter 6 Using Traffic Prioritization Chapter 7 Status Monitoring and Statistics Chapter 8 Setting Up Virtual LANs Chapter 9 Using Webcache Support Chapter 10 Using Automatic IP Configuration Chapter 11 Making Your Network Secure Chapter 12 Power Management and Control ...

Страница 14: ...14 ...

Страница 15: ...red by the Switch and to change and monitor the way it works you have to access the management software that resides on the Switch This is known as managing the Switch Managing the Switch can help you to improve its efficiency and therefore the overall performance of your network There are several different methods of accessing the management software to manage the Switch These methods are explain...

Страница 16: ...an encrypted License Key that you must register on the 3Com Web site 2 Visit the following URL on the 3Com Web site http www 3com com register 3 Select Switches 4 Select Switch 4400 SE Enhanced Software Upgrade 5 Enter the Serial Number of your SuperStack 3 Switch 4400 SE unit The Serial Number can be found on the underside of the unit 6 Enter the License Key of the Enhanced Software Upgrade The L...

Страница 17: ...wing URL http www 3com com register Switch Features Explained The management software provides you with the capability to change the default state of some of the Switch features This section provides a brief overview of these features their applications are explained in more detail later in this guide For a list of the features supported by your Switch please refer to the Management Quick Referenc...

Страница 18: ...reased As the power is supplied over the Ethernet cable it can be backed up by redundant and uninterruptible power supplies Power Management is only available on the Switch 4400 PWR 3C17205 For more information about power management see Chapter 12 Power Management and Control Aggregated Links Aggregated links are connections that allow devices to communicate using up to four links in parallel Agg...

Страница 19: ... mode and is implemented using the IEEE Std 802 3 2002 incorporating 802 3x on ports operating in full duplex mode Smart Auto sensing Smart auto sensing allows auto negotiating multi speed ports such as 10 100 Mbps or 100 1000 Mbps to monitor and detect high error rates or problems in the physical interconnection to another port The port reacts accordingly by tuning the link from its higher speed ...

Страница 20: ...ore information about resilient links see Chapter 4 Using Resilience Features Spanning Tree Protocol and Rapid Spanning Tree Protocol Spanning Tree Protocol STP and Rapid Spanning Tree Protocol RSTP are bridge based systems that make your network more resilient to link failure and also provide protection from network loops one of the major causes of broadcast storms STP allows you to implement alt...

Страница 21: ...t passes through the Switch for example prioritized or discarded Being able to define exactly how you want your Switch to treat selected applications devices users and types of traffic allows you to have more control over your network For more information about traffic prioritization see Chapter 6 Using Traffic Prioritization Roving Analysis Roving analysis is a system that allows you to attach a ...

Страница 22: ...eb pages stored locally on the Webcache this allows your network to operate more efficiently and reduces WAN network traffic To make Webcache support available on the SuperStack 3 Switch 4400 SE upgrade the product to the Switch 4400 SE Enhanced Software Upgrade 3C17207 For more information about Webcache Support see Chapter 9 Using Webcache Support Broadcast Storm Control Broadcast Storm Control ...

Страница 23: ...this information if you wish before restoring the configuration If the Switch is part of a stack it is the configuration of the stack that is saved and restored You cannot restore the configuration of a single unit in the stack from the saved file you must restore the configuration of the entire stack You must have either the manager or security management access level to be able to save and resto...

Страница 24: ...otocol enabled Parameters such as VLANs and Fast Start may be set up as required Other combinations of port settings however are not recommended as Configuration Restore will only perform a best effort restore of the configuration For example LACP automatic aggregations with manually defined ports are restored as manual aggregations with manual ports LACP automatic aggregations with automatic port...

Страница 25: ...ration Restore has been completed For detailed descriptions of the Configuration Save and Restore Web interface operations and Command Line Interface CLI commands please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch ...

Страница 26: ...26 CHAPTER 1 SWITCH FEATURES OVERVIEW ...

Страница 27: ... Features The default state for all the features detailed below provides the best configuration for most users In normal operation you do not need to alter the Switch from its default state However under certain conditions you may wish to alter the default state of these ports for example if you are connecting to old equipment that does not comply with the IEEE 802 3x standard Duplex Full duplex a...

Страница 28: ...ly determine the best port speed duplex mode only at 10 Mbps and 100 Mbps and flow control When auto negotiation is enabled default a port advertises its maximum capabilities these capabilities are by default the parameters that provide the highest performance supported by the port You can modify the capabilities that a port advertises on a per port basis dependant on the type of port You can disa...

Страница 29: ...n to the network An SNMP Trap is sent every time a port is down rated to a lower speed Conditions that affect smart auto sensing Smart auto sensing will not operate on links that do not support auto negotiation or on links where one end is at a fixed speed The link will reset to the higher speed of operation when the link is lost or the unit is power cycled Smart auto sensing can only be configure...

Страница 30: ...edundancy between two devices switch to switch or switch to server that have full duplex connections operating at the same speed By default LACP is disabled on all Switch ports If LACP is enabled on all Switch ports this means that your Switch will detect if there is more than one connection to another device and will automatically create an aggregated link consisting of those links If a member li...

Страница 31: ... and managed via network management Implementing 802 3ad Aggregated Links LACP can be enabled or disabled on a per port basis You can implement 802 3ad aggregated links in three ways Manual Aggregations You can manually add and remove ports to and from an aggregated link via Web or CLI commands However if a port has LACP enabled and if a more appropriate or correct automatic membership is detected...

Страница 32: ...If LACP detects at least two active ports sharing the same partner device and if no matching pre configured aggregated links exist LACP will automatically assign a free un configured aggregated link to form an aggregated link with the partner device The aggregated link will inherit its configuration from the first port originally detected against the partner device If you have an existing single p...

Страница 33: ...only supports a maximum of four active ports in any individual aggregation Any extra ports will remain in a standby state and may become active if one of the four active ports fails If multiple links are connected between a unit and more than four other devices as shown in Figure 4 only four of the devices will be assigned to aggregated links The remaining devices will each only have one link made...

Страница 34: ...sted pair ports within the same aggregated link The member link ports can have different port configurations within the same aggregated link that is auto negotiation port speed and duplex mode However please note the following To be an active participant in an aggregated link the member link ports must operate in full duplex mode If a member link port does not operate in full duplex mode it can st...

Страница 35: ...aggregated link configuration To make this configuration work you need to have two aggregated links defined on Switch A one containing the member links for Switch B and the other containing those for Switch C Alternatively if Switches B and C are for example stacked Switch 4400 Series units and their member link ports defined as part of the same aggregated link as shown in Figure 6 the configurati...

Страница 36: ...configure the aggregated link at both ends before physically connecting the ports can result in a number of serious network issues such as lost packets and network loops Traffic Distribution and Link Failure on Aggregated Links To maximize throughput all traffic is distributed across the individual links that make up an aggregated link Therefore when a packet is made available for transmission dow...

Страница 37: ...regated link between two Switch units To manually set up this configuration 1 Prepare ports 2 4 6 and 8 on the upper Switch for aggregated links To do this a Check that the ports have an identical configuration using your preferred management interface b Add the ports 2 4 6 and 8 on the specified unit to the aggregated link 2 Prepare ports 2 4 6 and 8 on the lower Switch for aggregated links To do...

Страница 38: ... on the upper Switch to port 2 on the lower Switch 4 Connect port 4 on the upper Switch to port 4 on the lower Switch 5 Connect port 6 on the upper Switch to port 6 on the lower Switch 6 Connect port 8 on the upper Switch to port 8 on the lower Switch ...

Страница 39: ...t A multicast is a packet that is intended for one to many and many to many communication Users explicitly request to participate in the communication by joining an endstation to a specific multicast group If the network is set up correctly a multicast can only be sent to an endstation or a subset of endstations in a LAN or VLAN that belong to the relevant multicast group Multicast group members c...

Страница 40: ...ice QoS There are situations where a multicast approach is more logical and efficient than a unicast approach Application examples include distance learning transmitting stock quotes to brokers and collaborative computing A typical use of multicasts is in video conferencing where high volumes of traffic need to be sent to several endstations simultaneously but where broadcasting that traffic to al...

Страница 41: ... that wish to join a multicast group and then sets its filters accordingly Query Mode Query mode allows the Switch to function as the Querier if it has the lowest IP address in the subnetwork to which it belongs IGMP querying is disabled by default on the Switch 4400 This helps prevent interoperability issues with core products that may not follow the lowest IP address election method You can enab...

Страница 42: ... has more than one IP router then the one with the lowest IP address becomes the querier The Switch can be the IGMP querier and will become so if its own IP address is lower than that of any other IGMP queriers connected to the LAN or VLAN However as the Switch only has an IP address on its default VLAN the Switch will only ever query on the default VLAN VLAN1 Therefore if there are no other queri...

Страница 43: ...abling IGMP multicast learning please refer to the Management Interface Reference Guide supplied on your Switch CD ROM If IGMP multicast learning is not enabled then IP multicast traffic is always forwarded that is it floods the network For information about configuring IGMP functionality on an endstation refer to the user documentation supplied with your endstation or the endstation s Network Int...

Страница 44: ...44 CHAPTER 3 USING MULTICAST FILTERING ...

Страница 45: ...t provide resilience for your network It covers the following topics Resilient Links Spanning Tree Protocol STP Rapid Spanning Tree Protocol RSTP an enhanced version of the STP feature For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML f...

Страница 46: ...f those links fail A resilient link is comprised of a resilient link pair containing a main link and a standby link If the main link fails the standby link quickly and automatically takes over the task of the main link and becomes the active link The resilient link pair is defined by specifying a main port and a standby port at one end of the link During normal operation the main port is enabled a...

Страница 47: ...have security enabled Neither of the ports have network login enabled Neither of the ports are part of an aggregated link Neither of the ports belong to another resilient link pair The port state of ports in a resilient link pair cannot be manually changed Spanning Tree Protocol STP The Spanning Tree Protocol STP makes your network more resilient to link failure and also provides a protection from...

Страница 48: ...conds RSTP or STP will detect any misconfiguration that may cause a temporary loop and react accordingly If you have Fast Start disabled on a port the Switch will wait for 30 seconds before RSTP or STP lets the port forward traffic Easy deployment throughout a legacy network through backward compatibility it will default to sending 802 1D style BPDU s on a port if it receives packets of this forma...

Страница 49: ... creates loops that cause the network to overload Figure 9 A network configuration that creates loops Figure 10 shows the result of enabling STP on the bridges in the configuration STP detects the duplicate paths and prevents or blocks one of them from forwarding traffic so this configuration will work satisfactorily STP has determined that traffic from LAN segment 2 to LAN segment 1 can only flow...

Страница 50: ...TP re evaluated the situation and opened the path through Bridge B How STP Works When enabled STP determines the most appropriate path for traffic through a network It does this as outlined in the sections below STP Requirements Before it can configure the network the STP system requires Communication between all the bridges This communication is carried out using Bridge Protocol Data Units BPDUs ...

Страница 51: ...st Note that the Root Bridge does not have a Root Port The identity of the bridge that is to be the Designated Bridge of each LAN segment The Designated Bridge is the one that has the lowest Root Path Cost from that segment Note that if several bridges have the same Root Path Cost the one with the lowest Bridge Identifier becomes the Designated Bridge Port Speed Link Type Path Cost 802 1D 1998 Edi...

Страница 52: ... SNMP trap destination when the topology of your network changes the first bridge to detect the change sends out an SNMP trap CAUTION Network loops can occur if aggregated links are manually configured incorrectly that is the physical connections do not match the assignment of ports to an aggregated link RSTP and STP may not detect these loops So that RSTP and STP can detect all network loops you ...

Страница 53: ...selected as the Designated Bridge Port for LAN Segment 1 Port 1 of Bridges B C X and Y have been defined as Root Ports because they are the nearest to the Root Bridge and therefore have the most efficient path Bridges B and X offer the same Root Path Cost for LAN segment 2 however Bridge B has been selected as the Designated Bridge for the segment because it has a lower Bridge Identifier Port 2 on...

Страница 54: ...es both have STP enabled and are connected by two links STP discovers a duplicate path and blocks one of the links If the enabled link breaks the disabled link becomes re enabled therefore maintaining connectivity Configuration 2 Redundancy through Meshed Backbone In this configuration four Switch units are connected in a way that creates multiple paths between each one STP discovers the duplicate...

Страница 55: ...How STP Works 55 Figure 13 STP configurations ...

Страница 56: ...version 2 0 default settings including RSTP enabled If you connect a new Switch with version 2 0 already loaded to a stack of upgraded units all the upgraded units will assume the default settings of the new Switch that is they will have RSTP enabled by default Fast Start Default Behavior When using the Fast Start feature on version 2 0 or later software note the following A Switch with version 2 ...

Страница 57: ...ted using the 802 1Q tagged link between Switch B and Switch C By default this link has a path cost of 100 and is automatically blocked because the other Switch to Switch connections have a path cost of 36 18 18 This means that both VLANs are now subdivided VLAN 1 on Switch units A and B cannot communicate with VLAN 1 on Switch C and VLAN 2 on Switch units A and C cannot communicate with VLAN 2 on...

Страница 58: ...58 CHAPTER 4 USING RESILIENCE FEATURES ...

Страница 59: ...g Started Guide that accompanies your Switch For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch How Switch Database Entries Get Added Entries are added to the Switch Database in one of tw...

Страница 60: ...tion is removed from the network its entry is also removed from the database Learned entries are removed from the Switch Database if the Switch is reset or powered down Non aging learned If the aging time is set to 0 seconds all learned entries in the Switch Database become non aging learned entries This means that they are not aged out but they are still removed from the database if the Switch is...

Страница 61: ...applications devices users and types of traffic allows you to have more control over your network There are two different categories of rules Application based rules describe how to deal with traffic for a specific application for example Netmeeting or Lotus Notes Device based rules describe how to deal with traffic that flows to and from specific devices for example servers or server farms This c...

Страница 62: ...te for the same bandwidth a network can quickly become overloaded resulting in slow response times long latency and application time outs Traffic prioritization is a mechanism that allows you to prioritize data so that time sensitive and system critical data can be transferred smoothly and with minimal delay over a network The benefits of using traffic prioritization are You can control a wide var...

Страница 63: ...its priority level for onward transmission across the network or The level of service configured at the Switch for incoming traffic the network administrator configures the Switch to prioritize or discard traffic from applications or devices For example converged network applications such as voice or video conferencing or business critical software such as Oracle may require a high level of servic...

Страница 64: ...raffic The Switch employs several methods of classifying identifying traffic These can be based on any combination of fields in the first 64 bytes of the packet and at different levels of the OSI 7 layer model as shown in Table 5 Table 5 Attributes on which incoming traffic can be classified identified OSI Layer and Protocols Summary of Protocols Layer 2 IEEE 802 1D priority EtherType Chatty proto...

Страница 65: ... follows the destination MAC address and Source MAC address The IEEE Std 802 1D 1998 Edition priority marking scheme assigns each frame with an IEEE 802 1p priority level between 0 and 7 which determines the level of service that type of traffic should receive Refer to Table 6 for an example of how different traffic types can be mapped to the eight IEEE 802 1p priority levels Table 6 IEEE recommen...

Страница 66: ...tiated Services DiffServ Traffic Marking DiffServ is a Layer 3 marking scheme that uses the DiffServ Code Point DSCP field in the IP header to store the packet priority information DSCP is an advanced intelligent method of traffic marking because you can choose how your network prioritizes different types of traffic DSCP uses 64 values that map to user defined service levels allowing you to establ...

Страница 67: ...the rules set up by the network administrator Basic Traffic Prioritization Incoming traffic is classified based upon the IEEE 802 1D frame and is assigned to the appropriate priority queue based upon the IEEE 802 1p service level value defined in that packet Service level markings values are defined in the IEEE 802 1Q 4 byte tag and therefore traffic will only contain 802 1p priority markings if t...

Страница 68: ...to traffic queue in the Switch is proprietary and is slightly different to the recommended IEEE mapping Figure 15 IEEE 802 1p priority levels and recommended IEEE 802 1D traffic types The number of queues and their mappings to the 8 levels is proprietary and can even vary between Switches from the same vendor You cannot alter the mapping between the IEEE 802 1p priorities and the traffic queues Th...

Страница 69: ...f the current applications for example Microsoft Word Lotus Notes and NetMeeting are not QoS aware and do not apply a service level to the traffic that they send Being an intelligent Switch your Switch can use its own rules to classify and mark the traffic If the incoming traffic has pre defined service level markings however the advanced traffic prioritization of your Switch allows you to modify ...

Страница 70: ...ket 4 Remarking the 802 1p tag DSCP field or dropping the packet are optional and have to be configured by the network administrator 5 It is the priority associated with the packet that is used to direct it to the appropriate queue This is determined as follows If the packet matches a classifier with a configured service level specifying that the DSCP or 802 1p tag should be re marked then the pac...

Страница 71: ...cedence over low priority but in the event that high priority traffic exceeds the link capacity lower priority traffic is not blocked Traffic queues cannot be enabled on a per port basis on the Switch 4400 Configuring Traffic Prioritization on the Switch Your Switch allows you to discard and prioritize applications as well as devices to obtain Quality of Service QoS for your network Configuring tr...

Страница 72: ...re stack the QoS configuration defined in the profile will immediately become active Methods of Configuring Traffic Prioritization QoS can be configured on your Switch using 3Com Network Supervisor or via the Command Line Interface CLI The 3Com Network Supervisor application supplied on the CD ROM accompanying your Switch is the main tool for configuring QoS and 3Com recommends that you use this a...

Страница 73: ...e recommended configuration for most networks is 10 100 Mbps switching to the desktop Gigabit connections for servers and non blocking Gigabit backbones QoS requires the support of every network device from end to end All devices in the network should support QoS If there is just one section in the data path that does not support QoS it can produce bottlenecks and slowdowns although a performance ...

Страница 74: ...ith IP TOS based networks Default QoS Configurations The Switch has some pre configured defaults which are listed in Table 7 and Table 8 Table 7 Default traffic classifiers configured in your Switch Table 8 Default service levels configured in your Switch Classifier Name Classifier Type Protocol Identifier Used in QoS Profile 1 All traffic Basic All traffic None 2 3Com NBX Voice LAN EtherType 0x80...

Страница 75: ...witch port Figure 17 University campus QoS network example See Utilizing the Traffic Prioritization Features of Your Network on page 133 for a further network example Some examples of rules that can be set up and added to a QoS profile are shown in Table 9 on page 76 Switch 4400 Endstations on 10 100 Mbps switched connections Student Web Access Blocked Network Games Blocked Lecturer All Traffic Hi...

Страница 76: ...lan_ph one pdf correct at time of publication For additional troubleshooting information and technical solutions visit the 3Com Knowledgebase The Knowledgebase has solutions addressing the blocking of network games and the prioritization of video traffic among its topics To find these articles visit the Knowledgebase at http knowledgebase 3com com and search for appropriate keywords Rule Example P...

Страница 77: ... it to monitor the traffic of other ports on the Switch The system works by enabling you to define an analysis port the port that is connected to the analyzer and a monitor port the port that is to be monitored Once the pair are defined and you start monitoring the Switch takes all the traffic going in and out of the monitor port and copies it to the analysis port Roving analysis is used when you ...

Страница 78: ...ts statistics about a LAN segment or VLAN and transfers the information to a management workstation on request or when a pre defined threshold is crossed The workstation does not have to be on the same network as the Switch and can manage the Switch by in band or out of band connections The RMON Groups The IETF define groups of Ethernet RMON statistics This section describes the four groups suppor...

Страница 79: ...eshold and falling threshold Effective use of the Events group saves you time rather than having to watch real time graphs for important occurrences you can depend on the Event group for notification Through the SNMP traps events can trigger other actions therefore providing a way to automatically respond to certain occurrences Benefits of RMON Using the RMON features of your Switch has three main...

Страница 80: ...tics No Statistics sessions per VLAN supported on Switch 4400 other than VLAN 1 A new or initialized Switch has one Statistics session per port and one default Statistics session for VLAN 1 History No History sessions per VLAN supported on Switch 4400 other than VLAN 1 A new or initialized Switch has two History sessions per port and one default History session for VLAN 1 These sessions provide th...

Страница 81: ...ted in Table 11 The Default Alarm Settings A new or initialized Switch has the following alarm defined for each port Number of errors over 10 seconds The default values and actions for this alarm is given in Table 12 Table 11 Alarm Events Event Action No action Notify only Send Trap Notify and filter port Send Trap Block broadcast and multicast traffic on the port Recovers with the unfilter port e...

Страница 82: ...cur You can receive notification via email SMS Short Message Service or pager of the event that has occurred This feature uses an SMTP Simple Mail Transfer Protocol email client to send the notification email The Short Message Service SMS and pager messages are constrained on message size so they are sent to a different email address which creates the message to be displayed and then forwards it o...

Страница 83: ...raps continue to be sent in addition to any email notifications you may receive The events that can generate email notification are Unit powers up Fan in the unit fails Unit in the stack fails A link fails or returns to service you can select specific links that you wish to receive messages for for example a mission critical link to a server A resilient link activates A security violation occurs ...

Страница 84: ...84 CHAPTER 7 STATUS MONITORING AND STATISTICS ...

Страница 85: ...e Guide supplied in HTML format on the CD ROM that accompanies your Switch What are VLANs A VLAN is a flexible group of devices that can be located anywhere in a network but which communicate as if they are on the same physical segment With VLANs you can segment your network without being restricted by physical connections a limitation of traditional network design As an example with VLANs you can...

Страница 86: ...ust be updated manually With a VLAN setup if an endstation in VLAN Marketing for example is moved to a port in another part of the network and retains its original subnet membership you only need to specify that the new port is in VLAN Marketing You do not need to carry out any re cabling VLANs provide extra security Devices within each VLAN can only communicate with other devices in the same VLAN...

Страница 87: ...llowing information about each VLAN on your Switch before the Switch can use it to forward traffic VLAN Name This is a descriptive name for the VLAN for example Marketing or Management 802 1Q VLAN ID This is used to identify the VLAN if you use 802 1Q tagging across your network The Default VLAN A new or initialized Switch contains a single VLAN the Default VLAN This VLAN has the following definit...

Страница 88: ... if a port is in a single VLAN it can be an untagged member but if the port needs to be a member of multiple VLANs tagged membership must be defined Typically endstations for example clients will be untagged members of one VLAN while inter Switch connections will be tagged members of all VLANs The IEEE Std 802 1Q 1998 defines how VLANs operate within an open packet switched network An 802 1Q compl...

Страница 89: ...e switch In this network there is no requirement to pass traffic for multiple VLANs across a link All traffic is handled by the single Switch and therefore untagged connections can be used The example shown in Figure 20 illustrates a single Switch connected to endstations and servers using untagged connections Ports 1 2 and 3 of the Switch belong to VLAN 1 ports 10 11 and 12 belong to VLAN 2 VLANs...

Страница 90: ...t use 802 1Q tagged connections so that all VLAN traffic can be passed along the links between the Switches 802 1Q tagging can only be used if the devices at both ends of a link support IEEE 802 1Q The example shown in Figure 21 illustrates two Switch units Each Switch has endstations and a server in VLAN 1 and VLAN 2 All endstations in VLAN 1 need to be able to connect to the server in VLAN1 whic...

Страница 91: ...he VLANs on Switch 2 Define VLAN 2 VLAN 1 is the default VLAN and already exists 5 Add endstation ports on Switch 2 to the VLANs Place the endstation ports in the appropriate VLANs as untagged members 6 Add port 11 on Switch 2 to the VLANs Add port 11 on Switch 2 as a tagged member of both VLANs 1 and 2 so that all VLAN traffic is passed over the link to Switch 1 7 Check the VLAN membership for bo...

Страница 92: ...92 CHAPTER 8 SETTING UP VIRTUAL LANS ...

Страница 93: ... is Webcache Support Webcache support is a feature that allows local storage caching of frequently accessed web pages on a Webcache attached to your network This means your network users can access these locally stored web pages without going over a WAN connection The Webcache periodically checks live web pages to find out if the current cached pages are out of date and replaces them accordingly B...

Страница 94: ...iple units are configured in this way then the master unit will select the first unit that responds to be the polling unit The polling unit polls for the Webcache using the Webcache health check URL see Cache Health Checks on page 95 for more information When the polling unit receives a response from the Webcache it resolves the Webcache s IP address to a MAC address and a port and passes it to ot...

Страница 95: ... health check works as follows 1 The health check requests a factory defined URL from the Webcache every eleven seconds and expects to receive a reply to confirm that the cache is operating normally 2 If a reply is not received from the Webcache the Switch will start polling the Webcache at three second intervals 3 If the Webcache fails three health check attempts the Webcache is deemed to have fa...

Страница 96: ...s follows 1 A PC sends a request for a web page in the form of HTTP traffic 2 The Switch receives the request from the PC it detects that the traffic is HTTP and redirects it to the Webcache instead of the WAN 3 The Webcache receives the request If it has the required web page cached it will send it directly back to the requesting PC If it does not have the page cached it will return the request t...

Страница 97: ...ack On the Switch 4400 the Webcache must reside on VLAN1 The SuperStack 3 Webcache 1000 3000 can only receive untagged packets therefore it must be connected to an untagged port on the Switch 4400 The Switch 4400 only redirects HTTP requests it recognizes in VLAN1 and sends them untagged to the Webcache The traffic between any two pairs of IP addresses must always be redirected through the same We...

Страница 98: ...98 CHAPTER 9 USING WEBCACHE SUPPORT ...

Страница 99: ...s For detailed information on setting up your Switch for management see the Getting Started Guide that accompanies your Switch For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch For backg...

Страница 100: ...ic configuration methods The Switch tries each method in a specified order Manual IP Configuration you can manually input the IP information IP address subnet mask and default gateway If you select an option for no IP configuration the Switch will not be accessible from a remote management workstation on the LAN In addition the Switch will not be able to respond to SNMP requests How Automatic IP C...

Страница 101: ...ocol ARP to check to make sure this address is not already in use on the network If not it will allocate this default address to the Switch If this IP address is already in use Auto IP will check once every second for three seconds for an IP address on the 169 254 x y subnet where x 1 254 and y 0 255 Auto IP only uses addresses in the range 169 254 1 0 through to 169 254 254 255 as valid addresses...

Страница 102: ...systems Microsoft Windows 2000 Server Microsoft Windows NT4 Server Sun Solaris v2 5 1 If you want DHCP or BOOTP to be the method for automatic configuration make sure that your DHCP or BOOTP servers are operating normally before you power on your Switch Event Log Entries and Traps An event log will be generated and an SNMP trap will be sent if any of the following changes occur in the IP configura...

Страница 103: ...ese features and gives examples of how and why you would use them in your network For detailed descriptions of the Web interface operations and the Command Line Interface CLI commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD ROM that accompanies your Switch ...

Страница 104: ...information see What is Disconnect Unauthorized Device DUD on page 107 Network Login When the user has been successfully authorized all network traffic is forwarded through the port without any restrictions For further information see What is Network Login on page 105 Network Login Secure When the user has been successfully authorized only network traffic that is received from the authorized clien...

Страница 105: ...he client device is granted access to the network For further information about RADIUS see What is RADIUS on page 112 The client device must be directly connected to the Switch port no intervening switch or hub as the Switch uses the link status to determine if an authorized client device is connected Network Login will not operate correctly if there is a bridge device between the client device an...

Страница 106: ...as shown in Figure 23 The Switch does not interpret or store this information Figure 23 Network Login Operation When the client device and RADIUS server have exchanged authentication information the Switch receives either an authentication succeeded or failed message from the server and then configures the port to forward or filter traffic as appropriate If access is granted the Spanning Tree Prot...

Страница 107: ...h port may not support the authentication service for example printers You should configure the Switch port to operate in Automatic Learning mode so that network traffic that does not match the MAC address for the client device is filtered You should enable Network Login on all relevant Switch ports Failure to enable authentication on a single port could compromise the security of the entire netwo...

Страница 108: ...t Login If you intend to manage the Switch using the Web interface or the Command Line Interface you need to log in with a valid user name and password For further information on managing the Switch see the Setting Up For Management chapter in the Switch 4400 Getting Started Guide The user name and password information can be stored in either a RADIUS server recommended If you enable RADIUS as the...

Страница 109: ...in bad configurations and lapses in security RADIUS authentication provides centralized secure access and removes the need to physically visit each network device Changes to user names and passwords require only a single action on the RADIUS database and are reflected immediately The Switch 4400 is fully compliant with the industry standard RADIUS protocol For further information about RADIUS see ...

Страница 110: ...ecify the access level required for each user account The configurable attribute values are Monitor 1 the user can view all manageable parameters except special security features but cannot change any manageable parameters Manager 2 the user can access and change the operational parameters but not special security features Administrator 3 the user can access and change all manageable parameters Th...

Страница 111: ...uthentication Vendor Specific Attribute VSA The Vendor ID for 3Com is 43 If the Switch is unable to contact the RADIUS server the Command Line Interface automatically reverts to using the local Switch database for user authentication This allows a user with admin access to login to the Switch via the console port and continue to manage it The Web interface and Telnet do not revert to the local dat...

Страница 112: ...Transactions between each network device and the server are authenticated by the use of a shared secret Additional security is provided by encryption of passwords to prevent interception by a network snooper RADIUS is defined in the RFCs 2865 and 2866 Remote Authentication Dial in User Service RADIUS and RADIUS Accounting Network Login a method of port based access control and Switch Management Lo...

Страница 113: ...ply the power required by the device providing that the total power budget for the Switch would not be exceeded by doing so Benefits of Power over Ethernet A Power over Ethernet Switch combines the functionality of a standard Ethernet Switch with a single power supply that can power multiple devices Using a Power over Ethernet Switch has the following advantages over an unpowered network Reduced C...

Страница 114: ...power delivered does not exceed 150 watts When you plan your network you need to calculate the maximum power that you will need and make sure that the Switch is not expected to supply more than its maximum capacity To calculate the power budget for the Switch add together the power requirements of the devices that will be connected at any one time The power requirements of 3Com Power over Ethernet...

Страница 115: ...his is the case you may choose to Add additional Power over Ethernet switches This will enable to you guarantee power to each port on the Switch that supplies a Power over Ethernet device The remaining ports can be used to supply networking to those devices that are powered by other means Prioritize Power over Ethernet devices Since the Switch supplies power to the lowest numbered port first you s...

Страница 116: ...Ethernet device To ensure that the Switch is able to supply power to each device for which it has guaranteed power the Switch reserves the maximum power that each guaranteed device can draw regardless of whether the device is in use Typically this results in the Switch reserving more power for guaranteed devices than is actually supplied to these devices If the Switch is not able to supply power t...

Страница 117: ...thernet information See Introducing the Superstack 3 Switch 4400 in the Getting Started Guide There is a Power over Ethernet fault Push the LED Mode button to change to power mode and see the details of the fault see Table 14 on page 118 or look at the PoE Detail screen in the Web interface see Monitoring Power Usage using the Web Interface on page 118 When the Port LED Status LED lights green pow...

Страница 118: ...ower that has been supplied to the device since the meter was last reset If a device had been switched off for part of the time it will register a lower average Peak Power displays the most power supplied to the device since the meter was last reset Current Power displays the power currently being supplied to the device Table 14 Port Status and Port Packet LEDs Power over Ethernet information LED ...

Страница 119: ...f the port is active The height of the bar shows the level of power being drawn Gray if the port has been disabled Red if there is a Power over Ethernet fault on the port Problem Solving If a device is not supplied with power after you have connected it to the Switch 4400 PWR check the following The device is Power over Ethernet compliant and is configured to receive its power over Ethernet See th...

Страница 120: ...120 CHAPTER 12 POWER MANAGEMENT AND CONTROL ...

Страница 121: ...II APPENDICES AND INDEX Appendix A Configuration Rules Appendix B Network Configuration Examples Appendix C IP Addressing Glossary Index ...

Страница 122: ...122 ...

Страница 123: ...4 ft Category 5 cabling with connections up to 100 m 328 ft The different types of Gigabit Ethernet media and their specifications are detailed in Table 15 Table 15 Gigabit Ethernet cabling Gigabit Ethernet Transceivers Fiber Type Modal Bandwidth MHz km Lengths Supported Specified by IEEE meters 1000BASE LX 1000BASE SX 1000BASE T MM Multimode 62 5 µm MM 50 µm MM 50 µm MM 10 µm SM 62 5 µm MM 62 5 µ...

Страница 124: ...ure 26 illustrates the key topology rules and provides examples of how they allow for large scale Fast Ethernet networks Figure 26 Fast Ethernet configuration rules The key topology rules are Maximum UTP cable length is 100 m 328 ft over Category 5 cable A 412 m 1352 ft fiber link is allowed for connecting switch to switch or endstation to switch using half duplex 100BASE FX ...

Страница 125: ... to the endstations Configuration Rules with Full Duplex The Switch provides full duplex support for all its ports including Expansion Module ports Full duplex allows packets to be transmitted and received simultaneously and in effect doubles the potential throughput of a link With full duplex the Ethernet topology rules are the same but the Fast Ethernet rules are Maximum UTP cable length is 100 ...

Страница 126: ...126 APPENDIX A CONFIGURATION RULES ...

Страница 127: ... Configuration Examples Segmentation Switch Example Collapsed Backbone Switch Example Desktop Switch Example Advanced Network Configuration Examples Improving the Resilience of Your Network Enhancing the Performance of Your Network Utilizing the Traffic Prioritization Features of Your Network ...

Страница 128: ...an be used in your network Segmentation Switch Example The example in Figure 27 shows how a 10 100 Switch such as the Switch 4400 stack can segment a network of shared 10 Mbps and 100 Mbps connections There is a 10 100 shared segment on each floor and these segments are connected to the Switch which is positioned in the basement Figure 27 Using the Switch 4400 to segment your network ...

Страница 129: ...on Examples 129 Collapsed Backbone Switch Example The example in Figure 28 shows how a Switch 4400 stack can act as a backbone for both shared and switched network segments Figure 28 Using the Switch 4400 as a collapsed backbone ...

Страница 130: ...Switch 4400 can be used for a group of users that require dedicated 10 Mbps or 100 Mbps connections to the desktop The Switch 4400 stack has a 1000BASE T Module fitted that allows it to provide a Gigabit Ethernet link to a Switch 4900 in the basement Figure 29 Using the Switch 4400 in a desktop environment ...

Страница 131: ...witch Improving the Resilience of Your Network Figure 30 shows how you can set up your network to improve its resilience using resilient links Alternatively instead of setting up resilient links you can enable Spanning Tree Protocol STP Aggregated links have also been setup from the Core Switch this increases the bandwidth available for the backbone connection and also provides extra resilience Fi...

Страница 132: ...t auto sensing and will therefore pass data across the network at the optimum available speed and duplex mode Flow control will help avoid packet loss during periods of network congestion A Gigabit Ethernet backbone is set up between the Switch 4900 and each Switch in the workgroups to increase the bandwidth and therefore the overall network performance Figure 31 Network set up to enhance performa...

Страница 133: ...guration that demonstrates how you can utilize the different types of Quality of Service QoS profiles to ensure a high level of service and prioritization across the network for certain applications users or locations For more information on using QoS see Chapter 6 Using Traffic Prioritization Figure 32 Network set up to utilize traffic prioritization ...

Страница 134: ...134 APPENDIX B NETWORK CONFIGURATION EXAMPLES ...

Страница 135: ...dress is Advanced Overview Gives a more in depth explanation of IP addresses and the way they are structured Simple Overview To operate correctly each device on your network must have a unique IP address IP addresses have the format n n n n where n is a decimal number between 0 and 255 An example IP address is 192 168 100 8 The IP address can be split into two parts The first part called the netwo...

Страница 136: ... Registration Services is the organization responsible for supplying registered IP addresses The following contact information is correct at time of publication World Wide Web site http www internic net Advanced Overview IP addresses are 32 bit addresses that consist of a network part the address of the network where the host is located and a host part the address of the host on that network Figur...

Страница 137: ...classes of IP addresses are as follows Class A address Uses 8 bits for the network part and 24 bits for the host part Although only a few Class A networks can be created each can contain a very large number of hosts Class B address Uses 16 bits for the network part and 16 bits for the host part Class C address Uses 24 bits for the network part and 8 bits for the host part Each Class C network can ...

Страница 138: ...ns a subnetwork part a subnet mask identifies the bits that constitute the subnetwork address and the bits that constitute the host address A subnet mask is a 32 bit number in the IP address format The 1 bits in the subnet mask indicate the network and subnetwork part of the address The 0 bits in the subnet mask indicate the host part of the IP address as shown in Figure 35 Figure 35 Subnet Maskin...

Страница 139: ...0 The number that includes both the Class B natural network mask 255 255 and the subnet mask 255 240 is sometimes called the extended network prefix Continuing with the previous example the subnetwork part of the mask uses 12 bits and the host part uses the remaining 4 bits Because the octets are actually binary numbers the number of subnetworks that are possible with this mask is 4 096 212 and th...

Страница 140: ...gments When it receives the IP packets the gateway determines the next network hop on the path to the remote destination and sends the packets to that hop This could either be the remote destination or another gateway closer towards the destination This hop by hop process continues until the IP packets reach the remote destination If manually configuring IP information for the Switch enter the IP ...

Страница 141: ...Ethernet over fiber optic cable 802 11af The IEEE specification for Power over Ethernet See Power over Ethernet aging The automatic removal of dynamic entries from the Switch Database which have timed out and are no longer valid Aggregated Links Aggregated links allow a user to increase the bandwidth and resilience between switches by using a group of ports to carry traffic between the switches au...

Страница 142: ... packet sent to all devices on a network broadcast storm Multiple simultaneous broadcasts that typically absorb all the available network bandwidth and can cause a network to fail Broadcast storms can be due to faulty network devices cache Stores copies of frequently accessed objects locally to users and serves them to users when requested collision A term used to describe two colliding packets in...

Страница 143: ...tion using a networking device Forwarding Database See Switch Database filtering The process of screening a packet for certain characteristics such as source address destination address or protocol Filtering is used to determine whether traffic is to be forwarded and can also prevent unauthorized access to a network or network devices flow control A mechanism that prevents packet loss during perio...

Страница 144: ... relevant sections of the IEEE Std 802 1D 1998 Edition IEEE Std 802 1Q 1998 A standard that defines VLAN tagging IEEE Std 802 3ad A standard that defines link aggregation 802 3ad is now incorporated into the relevant sections of the IEEE Std 802 3 2002 IEEE Std 802 3x A standard that defines a system of flow control for ports that operate in full duplex 802 3x is now incorporated into the relevant...

Страница 145: ...ernetwork Packet Exchange IPX is a layer 3 and 4 network protocol designed for networks that use Novell Netware IP address Internet Protocol address A unique identifier for a device attached to a network using TCP IP The address is written as four octets separated with periods full stops and is made up of a network section an optional subnet section and a host section Jitter An expression often us...

Страница 146: ...the receiver of another device MDI X Medium Dependent Interface Cross over An Ethernet port connection where the internal transmit and receive lines are crossed MIB Management Information Base A collection of information about the management characteristics and parameters of a networking device MIBs are used by the Simple Network Management Protocol SNMP to gather information about the devices on ...

Страница 147: ...ir of ports that can be configured so that one takes over data transmission should the other fail See also main port and standby port RMON IETF Remote Monitoring MIB A MIB that allows you to remotely monitor LANs by addressing up to nine different groups of information router A router is a device on your network which is used to forward IP packets to a remote destination An alternative name for a ...

Страница 148: ...m a single logical device standby port The port in a resilient link that takes over data transmission if the main port in the link fails STP See Spanning Tree Protocol STP subnet mask A subnet mask is used to divide the device part of the IP address into two further parts The first part identifies the subnet number The second part identifies the device on that subnet switch A device that interconn...

Страница 149: ...the local management capabilities of the Switch traffic prioritization A system which allows data that has been assigned a high priority to be forwarded through a switch without being obstructed by other data unicast A packet sent to a single endstation on a network VLAN Virtual LAN A group of location and topology independent devices that communicate as if they are on the same physical LAN VLAN t...

Страница 150: ...150 GLOSSARY ...

Страница 151: ...tart 56 RSTP 56 default gateway 140 Default VLAN 87 Designated Bridge 51 Designated Bridge Port 52 DHCP 100 Disconnect Unauthorized Device DUD 18 107 E event notification 22 82 Events RMON group 79 80 extended network prefix 139 F Fast Ethernet configuration rules 124 Filter RMON group 79 80 flow control 28 full duplex configuration rules 125 G Gigabit Ethernet configuration rules 123 glossary 141...

Страница 152: ...16 power budgets 114 power LEDs 117 power management 18 Power over Ethernet 113 advantages 113 power plan 116 power usage 116 monitoring 118 priority in STP 50 Q QoS see Quality of Service 21 61 Quality of Service 21 61 profiles 72 R RADIUS 108 112 authentication 109 Rapid Spanning Tree Protocol RSTP 20 48 registered IP address obtaining 136 Remote Monitoring See RMON resilient links 46 Restore 23...

Страница 153: ...ogy rules for Fast Ethernet 124 topology rules with full duplex 125 traffic prioritization 21 61 62 advanced 69 basic 67 classification 64 default configurations 74 differentiated services 65 66 DiffServ Code Point DSCP 66 example configurations 75 IEEE Std 802 1D 1998 Edition 65 marking 65 queues 71 re marking 67 rules application based 61 rules device based 61 traffic queues 63 V Vendor Specific...

Отзывы: