Accton Technology ES4626 Скачать руководство пользователя страница 244

Страница: 244 / 523

244

firewall disable

disable global packet filtering function

(2) Configure default action.

Command Explanation

Global Mode

firewall default permit

Set default action to “permit”

firewall default deny

Set default action to “deny”

3. Bind access-list to a specific direction of the specified port.

Command Explanation

Physical Interface Mode

ip access-group <name> {in|out }

no ip access-group <name>

{in|out}

Apply an access list to the specified direction

on the port; the “

no ip access-group <name>

{in|out}

” command deletes the access list

bound to the port.

9.2.2 ACL Configuration Commands

9.2.2.1 access-list(extended)

Command: access-list <num> {deny | permit} icmp {{<sIpAddr> <sMask>} |

any-source | {host-source <sIpAddr>}} {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [<icmp-type> [<icmp-code>]] [precedence <prec>]

[tos <tos>]

access-list <num> {deny | permit} igmp {{<sIpAddr> <sMask>} | any-source |

{host-source

<sIpAddr>}} {{<dIpAddr>

<dMask>} | any-destination |

{host-destination <dIpAddr>}} [<igmp-type>] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} tcp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} [s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>] [ack | fin | psh | rst | syn | urg]

[precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} udp {{<sIpAddr> <sMask>} | any-source |

{host-source <sIpAddr>}} [s-port <sPort>] {{<dIpAddr> <dMask>} | any-destination |

{host-destination <dIpAddr>}} [d-port <dPort>] [precedence <prec>] [tos <tos>]

access-list <num> {deny | permit} {eigrp | gre | igrp | ipinip | ip | <int>}

{{<sIpAddr> <sMask>} | any-source | {host-source <sIpAddr>}} {{<dIpAddr>

<dMask>} | any-destination | {host-destination <dIpAddr>}} [precedence <prec>]

Содержание ES4626

Страница 1: ...1 ES4626 ES4650 Layer 3 Gigabit Switch Management Guide www edge core com...

Страница 2: ...1000MB Combo fiber cable port copper cable ports and 2 10GB XFP ports ES4626 ES4650 can seamlessly support various network interfaces from 100Mb 1000Mb to 10Gb Ethernets We are providing this manual...

Страница 3: ...timeout________________________________________________________ 32 2 1 7 exit _______________________________________________________________ 33 2 1 8 help_____________________________________________...

Страница 4: ...______________________________________________ 90 2 6 1 Switch Basic Configuration ___________________________________________ 90 2 6 2 SNMP Configuration _____________________________________________...

Страница 5: ...s _________________________________ 128 4 4 Troubleshooting Help ___________________________________________ 128 4 4 1 Monitor and Debug Commands ______________________________________ 128 4 4 2 Troub...

Страница 6: ..._______________________ 184 6 4 MSTP Troubleshooting __________________________________________ 189 6 4 1 Monitoring And Debugging Command ________________________________ 189 6 4 2 MSTP Troubleshooti...

Страница 7: ...ation Task Sequence____________________________________ 240 9 2 2 ACL Configuration Commands ______________________________________ 244 9 3 ACL Example_________________________________________________...

Страница 8: ..._______________ 287 11 5 DHCP Troubleshooting Help _____________________________________ 289 11 5 1 Monitor and Debug Commands ______________________________________ 289 11 5 2 DHCP Troubleshooting He...

Страница 9: ...e configuration _______________________________________ 352 14 2 IP Forwarding ________________________________________________ 353 14 2 1 Introduction to IP Forwarding _______________________________...

Страница 10: ...P Multicast Packets Forwarding _____________________________________ 449 16 1 4 Application of Multicast_____________________________________________ 449 16 2 Common Multicast Configurations _________...

Страница 11: ...___________________________ 500 16 7 6 Multicast inspect and debug _________________________________________ 501 Chapter 17 VRRP Configuration ________________________________________ 503 17 1 Introdu...

Страница 12: ...ilable For instance the user must assign an IP address to the switch via the Console interface to be able to access the switch through Telnet The procedures for managing the switch via Console interfa...

Страница 13: ...in Windows after the connection established The example below is based on the HyperTerminal included in Windows XP 1 Click Start menu All Programs Accessories Communication HyperTerminal Fig 1 2 Open...

Страница 14: ...erty appears select 9600 for Baud rate 8 for Data bits none for Parity checksum 1 for stop bit and none for traffic control or you can also click Revert to default and click OK Fig 1 5 Opening HyperTe...

Страница 15: ...ED APR 20 09 37 52 2005 ES4626 Series Switch Operating System Software Version ES4626 1 1 0 0 Copyright C 2001 2006 by Accton Technology Corporation http www edge core com ES4626 Switch 26 Ethernet IE...

Страница 16: ...g example assumes the shipment status of the switch where only VLAN1 exists in the system The following describes the steps for a Telnet client to connect to the switch s VLAN1 interface by Telnet Fig...

Страница 17: ...switch Login to the Telnet configuration interface Valid login name and password are required otherwise the switch will reject Telnet access This is a method to protect the switch from unauthorized a...

Страница 18: ...gment 3 If 2 is not met HTTP client should connect to an IP address of the switch via other devices such as a router Similar to management via Telnet as soon as the host succeeds to ping an IP address...

Страница 19: ...word are required otherwise the switch will reject HTTP access This is a method to protect the switch from the unauthorized access Consequently in order to configure the switch via HTTP username and p...

Страница 20: ...20 Fig 1 10 Web Login Interface Input the right username and password and then the main Web configuration interface is shown as below...

Страница 21: ...ough CLI interface to manage the switch CLI Interface is supported by Shell program which consists of a set of configuration commands Those commands are categorized according to their functions in swi...

Страница 22: ...no configuration to the switch is allowed only clock time and version information of the switch can be queries 1 2 1 1 2 Admin Mode To enter Under Admin Mode see the following In user entry system if...

Страница 23: ...itch Config Use the exit command under other configuration modes such as Interface Mode VLAN mode will return to Global Mode The user can perform global configuration settings under Global Mode such a...

Страница 24: ...dhcp pool name command under Global Mode will enter the DHCP Address Pool Mode prompt Switch Config name dhcp DHCP address pool properties can be configured under DHCP Address Pool Mode Run the exit...

Страница 25: ...mdtxt variable enum1 enumN option Conventions cmdtxt in bold font indicates a command keyword variable indicates a variable parameter enum1 enumN indicates a mandatory parameter that should be selecte...

Страница 26: ...ght The cursor moves one character to the right You can use the Left and Right key to modify an entered command Ctr p The same as Up key Ctr n The same as Down key Ctr b The same as Left key Ctr f The...

Страница 27: ...by the Shell Nothing will be returned if the user entered a correct command under corresponding modes and the execution is successful 1 2 1 5 2 Returned Information error Output error message Explanat...

Страница 28: ...ES4650 has HTTP Web management function Users can configure and examine the switch through a Web browser By conducting the following configurations users can realize the Web management 1 Configure val...

Страница 29: ...2 2 Interface Panel On the top of the management page the switch interface shows the current status of the ports Click the ports which are in the state of Link Up the port statistics are shown on the...

Страница 30: ...the current date month and year or the current year month and date and the valid scope for YYYY is 1970 2100 MON meaning month and DD between 1 to 31 Command mode Admin Mode Default upon first time s...

Страница 31: ...lt level is 15 Usage Guide To prevent unauthorized access of non admin user user authentication is required i e Admin user password is required when entering Admin Mode from User Mode If the correct A...

Страница 32: ...nfigure Admin user password to prevent unauthorized access from non admin user It is recommended to set the Admin user password at the initial switch configuration Also it is recommended to exit Admin...

Страница 33: ...itch 2 1 8 help Command help Function Output brief description of the command interpreter help system Command mode All configuration modes Usage Guide An instant online help provided by the switch Hel...

Страница 34: ...ult The default prompt is ES4626 ES4650 Usage Guide With this command the user can set the command line prompt of the switch according to their own requirements Example Set the prompt to Test Switch C...

Страница 35: ...ig username admin nopassword Switch Config Related Command username password username access level show users 2 1 13 username access level Command username user_name access level level Function Config...

Страница 36: ...Are you sure Y N y Switch write Switch reload 2 1 16 setup Command setup Function Enter the Setup Mode of the switch Command mode Admin Mode Usage Guide ES4626 ES4650 provides a Setup Mode in which t...

Страница 37: ...et show and debug etc to help the users to check system configuration operating status and locate problem causes 2 2 1 ping Command ping ip addr Function The switch send ICMP packet to remote devices...

Страница 38: ...for remote login Using Telnet the user can login to a remote host with its IP address of hostname from his own workstation Telnet can send the user s keystrokes to the remote host and send the remote...

Страница 39: ...Telnet function telnet server securityip ip addr no telnet server securityip ip addr Configure the secure IP address to login to the switch through Telnet the no telnet server securityip ip addr comm...

Страница 40: ...port Function Login to a remote host with an IP address of ip addr through Telnet Parameter ip addr is the remote host IP address in dot decimal format port is the port number valid value is 0 65535...

Страница 41: ...t secure address Parameter ip addr is the secure IP address allowed to access the switch in dot decimal format Default no secure IP address is set by default Command mode Global Mode Usage Guide When...

Страница 42: ...nd password of SSH client software for logging on the switch the no ssh user user name command deletes the username ssh server timeout timeout no ssh server timeout Configure timeout value for SSH aut...

Страница 43: ...ameter username is SSH client username It can t exceed 16 characters password is SSH client password It can t exceed 8 characters 0 7 stand for unencrypted password and encrypted password Command mode...

Страница 44: ...trying SSH authentication to 5 Switch Config ssh server authentication retries 5 2 2 3 3 5 ssh server host key create rsa Command ssh server host key create rsa modulus modulus Function Generate new R...

Страница 45: ...d of on the Console terminal Example Enable to display SSH debug information on the SSH client interface Switch monitor Related command ssh user 2 2 3 4Typical SSH Server Configuration Example 1 Requi...

Страница 46: ...sion started test Related command ssh server enable no ssh server enable 2 2 3 5 3 debug ssh server Command debug ssh server no debug ssh server Function Display SSH server debugging information the n...

Страница 47: ...rmation about the system port and protocol operation This part introduces the show command that displays system information other show commands will be discussed in other chapters 2 2 5 1 show calenda...

Страница 48: ...their sizes in the Flash memory Switch dir boot rom 329 828 1900 01 01 00 00 00 SH boot conf 94 1900 01 01 00 00 00 SH nos img 2 449 496 1980 01 01 00 01 06 startup config 2 064 1980 01 01 00 30 12 2...

Страница 49: ...02120 0000 0000 0000 0000 0000 0000 0000 0000 002130 0000 0000 0000 0000 0000 0000 0000 0000 002140 0000 0000 0000 0000 0000 0000 0000 0000 002150 0000 0000 0000 0000 0000 0000 0000 0000 002160 0000 0...

Страница 50: ...is executed to save the active configuration to the Flash memory the displays of show running config and show startup config will be the same 2 2 5 8 show interfaces switchport Command show interface...

Страница 51: ...nAddress Remote address of the TCP connection ForeignPort Remote port number of the TCP connection State Current status of the TCP connection 2 2 5 10 show udp Command show udp Function Display the cu...

Страница 52: ...ion Command show version unit Parameter where the range of unit is 1 Function Display the switch version Default The default value for unit is 1 Command mode Admin Mode Usage Guide Use this command to...

Страница 53: ...hree IP address configuration methods Manual BootP DHCP Manual configuration of IP address is assign an IP address manually for the switch In BootP DHCP mode the switch operates as a BootP DHCP client...

Страница 54: ...DHCP client function 2 3 2 Commands for Configuring Switch IP Addresses 2 3 2 1 ip address Command ip address ip address mask secondary no ip address ip address mask secondary Function Set the IP add...

Страница 55: ...e To obtain IP address via DHCP a DHCP server or a BootP server is required in the network Example Get IP address through BootP Switch Config interface vlan 1 Switch Config If Vlan1 ip address bootp S...

Страница 56: ...ploys a polling mechanism of message query and transmits messages through UDP a connectionless transport layer protocol Therefore it is well supported by the existing computer networks SNMP protocol e...

Страница 57: ...smission USM employs DES CBC cryptography And HMAC MD5 and HMAC SHA are used for authentication VACM is used to classify the users access permission It puts the users with the same access permission i...

Страница 58: ...by MIB II RFC1213 MIB II expands MIB I and keeps the OID of MIB tree in MIB I MIB II contains sub trees which are called groups Objects in those groups cover all the functional domains in network man...

Страница 59: ...l events sending Trap or record in logs 2 4 4SNMP Configuration 2 4 4 1 SNMP Configuration Task Sequence 1 Enable or disable SNMP Agent server function 2 Configure SNMP community string 3 Configure IP...

Страница 60: ...ngine string Configure the local engine ID on the switch This command is used for SNMP v3 5 Configure user Command Explanation snmp server user user string group string encrypted auth md5 sha password...

Страница 61: ...rap community string for SNMP v3 this command also configures Trap user name and security level 9 Enable Disable RMON Command Explanation rmon enable no rmon enable Enable disable RMON 2 4 4 2 SNMP Co...

Страница 62: ...ample 3 Modify the read write community string named private to read only Switch config snmp server community private ro Example 4 Delete community string private Switch config no snmp server communit...

Страница 63: ...s the user name which is 1 to 32 characters group string is the group name which the user belongs to encrypted means that messages are encrypted by DES auth means that messages are authenticated md5 i...

Страница 64: ...and authentication The view named readview with read permission but without write permission Switch Config snmp server group CompanyGroup AuthPriv read readview Example 2 Delete the group Switch Confi...

Страница 65: ...Trap message for SNMP v1 v2 and it stands for user name for SNMP v3 Command mode Global Mode Usage Guide The community string in the command is also used for RMON event community string If RMON event...

Страница 66: ...lt Example Disable secure IP address check function Switch config snmp server securityip disable 2 4 4 2 11 rmon enable Command rmon enable no rmon enable Function Enable RMON the no rmon enable comma...

Страница 67: ...fig snmp server Switch Config snmp server host 1 1 1 5 ectrap Switch Config snmp server enable traps Scenario 3 NMS uses SNMP v3 to obtain information from the switch The configuration on the switch i...

Страница 68: ...0 SNMP trap PDUs Displayed information Explanation snmp packets input Total number of SNMP packet inputs bad snmp version errors Number of version information error packets unknown community name Numb...

Страница 69: ...nt trap PDUs Number of Trap packets sent 2 4 6 1 2 show snmp status Command show snmp status Function Display SNMP configuration information Command mode Admin Mode Example Switch show snmp status Tra...

Страница 70: ...oots 2 4 6 1 4 show snmp user Command show snmp user Function Display user name information Command mode Admin Mode Example Switch show snmp user User name initialsha Engine ID 1234567890 Auth Protoco...

Страница 71: ...name no writeview specified Users don t specify view names 2 4 6 1 6 show snmp view Command show snmp view Function Display view information Command mode Admin Mode Example Switch show snmp view View...

Страница 72: ...ty command are correctly configured as any of them fails SNMP will not be able to communicate with NMS properly If Trap function is required remember to enable Trap use snmp server enable traps comman...

Страница 73: ...the switch The PC should have FTP TFTP server software installed and has the img file required for the upgrade Step 2 Press ctrl b on switch boot up until the switch enters BootROM monitor mode The o...

Страница 74: ...66 FTP 1 or TFTP 2 1 2 Network interface configure OK Boot Step 4 Enable FTP TFTP server in the PC For TFTP run TFTP server program for FTP run FTP server program Before start downloading upgrade file...

Страница 75: ...ransfer Protocol TFTP Trivial File Transfer Protocol are both file transfer protocols that belonging to fourth layer application layer of the TCP IP protocol stack used for transferring files between...

Страница 76: ...client or server When ES4626 ES4650 operates as a FTP TFTP client configuration files or system files can be downloaded from the remote FTP TFTP servers can be hosts or other switches without affecti...

Страница 77: ...config startup config command so that the active configuration sequence becomes the start up configuration file which is called configuration save To prevent illicit file upload and easier configurati...

Страница 78: ...user password IP Address 2 FTP server configuration 1 Start FTP server Command Explanation Global Mode ftp server enable no ftp server enable Start FTP server the no ftp server enable command shuts d...

Страница 79: ...destination url is the target address to copy file or directory source url and destination url varies according to the file or directory location ascii Indicates the files are transferred in ASCII bi...

Страница 80: ...r 10 1 1 1 the login username for the FTP server is Switch and the password is Accton Switch copy ftp Switch sAccton 10 1 1 1 nos img nos img 3 Save active configuration file Switch copy running confi...

Страница 81: ...bal Mode Usage Guide When FTP data connection idle time exceeds this limit the FTP management connection will be disconnected Example Modify the idle threshold to 100 seconds Switch config Switch Conf...

Страница 82: ...Switch copy nos img tftp 10 1 1 1 nos img 2 Get the system file nos img from TFTP server 10 1 1 1 Switch copy tftp 10 1 1 1 nos img nos img 3 Save active configuration file Switch copy running config...

Страница 83: ...config Switch Config tftp server retransmission number 10 2 5 2 2 10 tftp server transmission timeout Command tftp server transmission timeout seconds Function Set the transmission timeout value for T...

Страница 84: ...y ftp Switch Admin 10 1 1 1 12_30_nos img nos img With the above commands the switch will have the nos img file in the computer downloaded to the FLASH TFTP Configuration Computer side configuration S...

Страница 85: ...tp server enable Computer side configuration Login to the switch with any TFTP client software use the tftp command to download nos img file from the switch to the computer Scenario 4 The switch is us...

Страница 86: ...Switch Config If Vlan1 exit Switch Config exit Switch copy tftp 10 1 1 1 Profile1 Profile1 Switch copy tftp 10 1 1 1 Profile2 Profile2 Switch copy tftp 10 1 1 1 Profile3 Profile3 Scenario 5 ES4626 ES...

Страница 87: ...TXT 226 Transfer complete Switch Config 2 5 2 4 FTP TFTP Troubleshooting Help 2 5 2 4 1 Monitor and Debug Commands 2 5 2 4 1 1 show ftp Command show ftp Function display the parameter settings for the...

Страница 88: ...ity The following is what the message displays when files are successfully transferred Otherwise please verify link connectivity and retry copy command again 220 Serv U FTP Server v2 5 build 6 for Win...

Страница 89: ...will need to check for appropriate troubleshooting information to recover the link connectivity The following is the message displays when files are successfully transferred Otherwise please verify l...

Страница 90: ...I prompt message and mapping between hosts and IP addresses Basic clock configuration Configure system date and clock See the equivalent CLI command at 2 1 1 Set HH MM SS to 23 0 0 set YY MM DD to 200...

Страница 91: ...mple Set Community string to qiantu set Access priority to Read only set State to Valid and click Apply The configuration is applied on the switch 2 6 2 2 TRAP manager configuration Click Switch Basic...

Страница 92: ...address NMS secure IP address State Valid means to set Invalid means to delete For example Set Security ip address to 41 1 1 100 set State to Valid and then click Apply The configuration is applied o...

Страница 93: ...on the switch 2 6 3Switch Upgrade Click Switch update switch upgrading configuration tree is shown TFTP Upgrade TFTP client service TFTP client configuration TFTP server service TFTP server configurat...

Страница 94: ...nable or disable See the equivalent CLI command at 2 5 2 2 10 TFTP Timeout Value of TFTP timeout See the equivalent CLI command at 2 5 2 2 12 TFTP Retransmit times Times of TFTP retransmit See the equ...

Страница 95: ...ee the equivalent CLI command at 2 5 2 2 5 FTP Timeout FTP timeout See the equivalent CLI command at 2 5 2 2 6 The explanation of each field for server configuration is as below User name User name Se...

Страница 96: ...equivalent CLI command at 2 2 4 9 Show udp Show the current UDP connection status established to the switch See the equivalent CLI command at 2 2 4 10 Show version Show switch version See the equival...

Страница 97: ...ther Other parts are quite straight forward Click the node The relevant information is shown There is no need to input or to select For example Show clock Show flash file 2 6 5Switch basic information...

Страница 98: ...2 1 Switch GVRP Status Enable or disable GVRP See the equivalent CLI command at 5 3 2 5 Check the items and click Apply The configuration is applied on the switch 2 6 7Switch maintenance On the mainp...

Страница 99: ...Telnet security IP to configure secure IP address which can configure telnet service See the equivalent CLI command at 2 2 2 3 4 Security IP address Specify secure IP address Operation Drop menu sele...

Страница 100: ...ic host configuration Set the mapping relationship between the host and IP address See the equivalent CLI command at 2 1 8 Set Hostname to London set IP address to 200 121 1 1 and then click Apply The...

Страница 101: ...ive port number Suppose operation should be performed to ports 2 3 4 5 the command can look like this interface ethernet 1 2 5 Port speed duplex mode and traffic control can also be configured under E...

Страница 102: ...d duplex mode of 100Base 1000Base TX ports The no format of this command restores the default setting i e negotiate speed and duplex mode automatically negotiation no negotiation Enable Disable the au...

Страница 103: ...e bandwidth limit set must not exceed the maximum physical connection speed possible of the port For example a bandwidth limit of 101 M or more cannot be set for a 10 100M Ethernet port But for a 10 1...

Страница 104: ...Copper cable port Fiber cable port Fiber cable port Fiber cable port Copper connected fiber not connected Copper cable port Copper cable port Fiber cable port Copper cable port Both fiber and copper...

Страница 105: ...ue that may result in HOL to prevent drastic degradation of network performance Note Port flow control function is NOT recommended unless the user needs a slow speed low performance network with low p...

Страница 106: ...t the no mdi command sets cable type auto identification This command is not supported on the ES4626 ES4650 ports of 1000MB and above these ports have auto identification set for cable types Parameter...

Страница 107: ...enabled by default Usage Guide This command applies to 1000Base FX interface only The negotiation command is not available for 1000Base TX or 100Base TX interface For combo port this command applies t...

Страница 108: ...dcast storm control function can protect the switch from broadcast storm to the best possibility Note the difference of this command in 10 Gb ports and other ports If the allowed traffic is set to 3 i...

Страница 109: ...This command applies to 1000Base TX or 100Base TX ports only speed duplex command is not available for 1000Base FX port For combo port this command applies to the 1000Base TX port only and has no effe...

Страница 110: ...d interface vlan vlan id no interface vlan vlan id Function Enter VLAN Interface Mode the no interface vlan vlan id command deletes existing VLAN interface Parameter vlan id is the VLAN ID for the est...

Страница 111: ...configured will be the secondary IP address for the VLAN interface A VLAN interface can have only one primary IP address but multiple secondary IP address Both primary IP address and secondary IP add...

Страница 112: ...support one mirror destination port only The number of mirror source port is not limited one or more ports can be used Multiple source ports can be within the same VLAN or across several VLANs The des...

Страница 113: ...he destination interface must have the same speed otherwise some packets will be lost Multiple source interfaces can be monitored on a single destination interface Example On the interface 1 11 monito...

Страница 114: ...tion port 3 3 Port Configuration Example No VLAN has been configure in the switches the default VLAN1 is used Switch Port Property SW1 2 7 Ingress bandwidth limit 150 M SW2 1 8 Mirror source port 3 9...

Страница 115: ...l ports will be cleared Example Clear the statistics for Ethernet port 1 1 Switch clear counters ethernet 1 1 3 4 1 2 show interfaces status Command show interfaces status ethernet interface number vl...

Страница 116: ...lticast and unicast for unknown destination control as well as port bandwidth limit for the same port If such combinations are set the port throughput may fall below the expected performance 3 5 WEB M...

Страница 117: ...2 1 2 2 and 3 2 1 2 10 port flow control status Configure port flow control See the equivalent CLI command at 3 2 1 2 3 Loopback Set to allow or not to allow loopback test See the equivalent CLI comm...

Страница 118: ...utput means that bandwidth control is applied to the inbound and outbound traffic input means that bandwidth control is only applied to the inbound traffic output means that bandwidth control is only...

Страница 119: ...IP address to 192 168 1 180 set Port network mask to 255 255 255 0 set Port status to no shutdown set Operation type to Add address and then click Apply The configuration is applied on the switch 3 5...

Страница 120: ...or direction to rx and then click Apply The configuration is applied on the switch Destination Interface configuration See the equivalent CLI command at 3 2 3 3 2 session Mirroring session destination...

Страница 121: ...n Port debug and maintenance Show port information The port statistics information is shown See the equivalent CLI command at 3 4 1 2 For example Select to display Ethernet1 1 and then click Refresh T...

Страница 122: ...122...

Страница 123: ...the destination port Then the MAC table is queried for the destination MAC address if hit the data frame is forwarded in the associated port otherwise the switch forwards the data frame to its broadca...

Страница 124: ...MAC table 2 At the same time the switch learns the message is destined to 00 01 33 33 33 33 as the MAC table contains only a mapping entry of MAC address 00 01 11 11 11 11 and port 1 5 and no port ma...

Страница 125: ...r the message i e drop this message Three types of frames can be forwarded by the switch Broadcast frame Multicast frame Unicast frame The following describes how the switch deals with all the three t...

Страница 126: ...lt 300 seconds Parameter age is the aging time in seconds the valid range is 10 to 100000 0 for no aging Command mode Global Mode Default The system default aging time is 300 seconds Usage Guide Too s...

Страница 127: ...rved entries Example Port 1 1 belongs to VLAN200 set a mapping to MAC address 00 03 0f f0 00 18 Switch Config mac address table static 00 03 0f f0 00 18 interface Ethernet 1 5 vlan 200 4 2 3 mac addre...

Страница 128: ...sed by any other PC that is in another physical segment PC2 and PC3 have static mapping set to port 7 and port 9 respectively The configuration steps are listed below 1 Set the MAC address 00 01 11 11...

Страница 129: ...Possible reasons The connected cable is broken replace the cable Spanning Tree is started and the port is in discarding status or the device is just connected to the port and Spanning Tree is still un...

Страница 130: ...nfiguration Task Sequence 1 Enable MAC address binding function for the ports 2 Lock the MAC addresses for a port 3 MAC address binding property configuration 1 Enable MAC address binding function for...

Страница 131: ...s for a port the no switchport port security maximum command restores the default value port security actionshutdown no port security violation Set the violation mode for the port the no switchport po...

Страница 132: ...he port will be converted to static secure MAC addresses The command does not reserve configuration Example Convert MAC addresses in port 1 to static secure MAC addresses Switch Config interface Ether...

Страница 133: ...ar port security dynamic address mac addr interface interface id Function Clear the Dynamic MAC addresses of the specified port Command mode Admin Mode Parameter mac addr stands MAC address interface...

Страница 134: ...t security actionshutdown no port security action Function Set the violation mode for the port the no command restores the violation mode to protect mode Command mode Interface Mode Default The defaul...

Страница 135: ...ion Explanation Security Port Name of port that is configured as a secure port MaxSecurityAddr The maximum secure MAC address number set for the secure port CurrentAddr Current secure MAC address numb...

Страница 136: ...port Total MAC Addresses Current secure MAC address number for the port Configured MAC Addresses Current secure static MAC address number for the port Lock Timer Whether locking timer timer timeout is...

Страница 137: ...e sure the port is not executing Spanning tree port aggregation and is not configured as a Trunk port MAC address binding is exclusive to such configurations If MAC address binding is to be enabled th...

Страница 138: ...ging time to 400 seconds select Operation type to add mac address and then click Add This configuration is to add static MAC address 00 11 11 11 11 11 to interface Ethernet 1 1 with VID of 1 4 6 1 2 R...

Страница 139: ...C address Check Search box to search MAC address according to VID Query by MAC Search MAC address Check Search box to search MAC address according to MAC address typed Query by port Specify port to se...

Страница 140: ...ale port Mac binding Click MAC address table configuration MAC address binding configuration Enable port Mac binding Enable port Mac binding Users can enable or disable switch port MAC binding See the...

Страница 141: ...and then click Apply The dynamic MAC address of port Ethernet1 1 is converted to the secure static address Click Reset to select the new port 4 6 2 2 3 Enable port security timeout Click MAC address...

Страница 142: ...equivalent CLI command at 8 5 1 2 2 6 Mac Specify the MAC Port Specify the port For example Select port Ethernet1 1 and then click Apply The MAC address of the port Ethernet1 1 is deleted Note This f...

Страница 143: ...protect mode or shutdown mode For example Select port Ethernet1 1 set Violation mode to protect and then click Apply The configuration is applied on the switch Click Remove to restore the default set...

Страница 144: ...ecure port configuration See the equivalent CLI command at 8 5 1 3 1 1 Show all port security address Show secure port MAC address See the equivalent CLI command at 4 5 1 3 1 3 Click Show Port Configu...

Страница 145: ...The characteristics of VLAN technology is a big LAN can be partitioned into many separate broadcast domains dynamically to meet the demands Fig 5 1 A VLAN network defined logically Each broadcast doma...

Страница 146: ...rt type for the switch 5 Set Trunk port 6 Set Access port 7 Enable Disable VLAN ingress rules on ports 1 Creating or deleting VLAN 2 Assigning Switch ports for VLAN 3 Set The Switch Port Type Command...

Страница 147: ...ID for Trunk port Command Explanation Interface Mode switchport allowed add vlan vlan id no switchport access vlan Add the current port to specified VLAN the specified VLANs The no command restores th...

Страница 148: ...should be noted that dynamic VLANs learnt by GVRP cannot be deleted by this command Example Create VLAN100 and enter the configuration mode for VLAN 100 Switch Config vlan 100 Switch Config Vlan100 5...

Страница 149: ...t port 1 3 4 7 8 of slot 1 to VLAN100 Switch Config Vlan100 switchport interface ethernet 1 1 3 4 7 8 5 2 2 4 switchport mode Command switchport mode trunk access Function Set the port in access mode...

Страница 150: ...3 5 20 Switch Config interface ethernet 1 5 Switch Config ethernet1 5 switchport mode trunk Switch Config ethernet1 5 switchport trunk allowed vlan 1 3 5 20 Switch Config ethernet1 5 exit 5 2 2 6 swit...

Страница 151: ...AN to Isolated VLAN community sets the current VLAN to Community VLAN Command mode VLAN Mode Usage Guide There are three types of VLANs Primary VLAN Isolated VLAN and Community VLAN The ports in Prima...

Страница 152: ...ary VLAN by Command mode VLAN Mode Default There is no Private VLAN association by default Usage Guide This command can only used for Private VLAN The ports in Secondary VLANs which are associated to...

Страница 153: ...ween the two switches Configuration Item Configuration description VLAN2 Site A and site B switch port 2 4 VLAN100 Site A and site B switch port 5 7 VLAN200 Site A and site B switch port 8 10 Trunk po...

Страница 154: ...fig vlan 200 Switch Config Vlan200 switchport interface ethernet 1 8 10 Switch Config Vlan200 exit Switch Config interface ethernet 1 11 Switch Config Ethernet1 11 switchport mode trunk Switch Config...

Страница 155: ...on consistency can be achieved among all GVRP enabled switches 5 3 1 GVRP Configuration Task Sequence 1 Configuring GARP Timer Parameters 2 Enable GVRP function 1 Configuring GARP Timer parameters 2 E...

Страница 156: ...in 1000 5 3 2 2 garp timer leave Command garp timer leave timer value no garp timer leave Function Set the leave timer for GARP the no garp timer leave command restores the default timer setting Param...

Страница 157: ...500 ms Switch Config Ethernet1 10 garp timer hold 500 5 3 2 4 garp timer leaveall Command garp timer leaveall timer value no garp timer leaveall Function Set the leaveall timer for GARP the no garp t...

Страница 158: ...P can only be enabled after global GVRP is enabled When global GVRP is disabled port GVRP configurations also void Note GVRP can only be enabled on Trunk ports Example Enable the GVRP function globall...

Страница 159: ...11 of Switch A to port 10 of Switch B and port 11 of Switch B to port 11 of Switch C All ports are on slots 1 of Switch A B and C The configuration steps are listed below Switch A Switch Config bridg...

Страница 160: ...nds for brief information summary for VLAN statistics vlan id for VLAN ID of the VLAN to display status information the valid range is 1 to 4094 vlan name is the VLAN name for the VLAN to display stat...

Страница 161: ...ace name Function Display the global and port information for GARP Parameter interface nam stands for the name of the Trunk port to be displayed Command mode Admin Mode Usage Guide N A Example Display...

Страница 162: ...gvrp 5 4 2 VLAN Troubleshooting Help The GARP counter setting in for Trunk ports in both ends of Trunk link must be the same otherwise GVRP will not work properly It is recommended to avoid enabling...

Страница 163: ...then click Apply The new VLAN 100 is created The current VLAN information is shown in VLAN ID information window 5 5 1 1 2 VID attribution configuration Click Vlan configuration Vlan configuration Cr...

Страница 164: ...VLAN See the equivalent CLI command at 5 2 2 4 For example Select VLAN ID as 1 set Port to 1 1 and then click Apply Ethernet 1 1 is added to VLAN 1 The current VLAN information is shown in VLAN ID in...

Страница 165: ...ct Type to Trunk select Enable Vlan ingress rules and then click Apply The configuration is applied on the switch The port mode information is shown in Port mode configuration window 5 5 1 4 Trunk por...

Страница 166: ...t trunk allow vlan Set the allow vlan of the port See the equivalent CLI command at 5 2 2 6 Port Specify the port Trunk allow vlan list Specify allow vlan id list Operation type Set allow vlan Add new...

Страница 167: ...splay window 5 5 1 6 Allocate port for Vlan Click Vlan configuration Vlan configuration Enable Disable Vlan ingress rule Users can configure VLAN ingress rules 5 5 1 6 1 Disable Vlan ingress rules Cli...

Страница 168: ...and then click Apply The GVRP is enabled on Ethernet 1 1 Note The GVRP can only be enabled on the trunk port 5 5 2 3 GVRP configuration Click Vlan configuration GVRP configuration GVRP configuration U...

Страница 169: ...3 1 show Vlan Click Vlan configuration VLan debug and maintenance show Vlan The Vlan information is shown on Information display window See the equivalent CLI command at 5 4 1 1 5 5 3 2 show garp Cli...

Страница 170: ...170 5 5 3 3show gvrp Click Vlan configuration VLan debug and maintenance show gvrp The GVRP information is shown on Information display window See the equivalent CLI command at 5 4 1 3...

Страница 171: ...he number of spanning tree instances which consumes less CPU resources and reduces the bandwidth consumption 6 1 1MSTP Region Because multiple VLANs can be mapped to a single spanning tree instance IE...

Страница 172: ...ot of the CST and the IST master with both of the path costs to the CST root and to the IST master set to zero The bridge also initializes all of its MST instances and claims to be the root for all of...

Страница 173: ...rnate port and backup port are defined in the same ways as those in the RSTP 6 1 3MSTP Load Balance In a MSTP region VLANs can by mapped to various instances That can form various topologies Each inst...

Страница 174: ...lobal Mode spanning tree mst instance id priority bridge priority no spanning tree mst instance id priority Set bridge priority for specified instance Interface Mode spanning tree mst instance id cost...

Страница 175: ...level no revision level Set MSTP region revision level abort Quit MSTP region mode and return to Global mode without saving MSTP region configuration exit Quit MSTP region mode and return to Global mo...

Страница 176: ...abort Switch Config 6 2 2 2 exit Command exit Function Save current MSTP region configuration quit MSTP region mode and return to global mode Command mode MSTP Region Mode Usage Guide This command is...

Страница 177: ...other attributes are same the switches are considered in the same MSTP region Before setting any instances all the VLANs belong to the instance 0 MSTP can support maximum 48 MSTIs except for CISTs CI...

Страница 178: ...interface mode The command no spanning tree is to disable MSTP Command mode Global Mode and Interface Mode Default MSTP is not enabled by default Usage Guide If the MSTP is enabled in global mode the...

Страница 179: ...ward delay and max age The parameters should meet the following conditions Otherwise the MSTP may work incorrectly 2 Bridge_Forward_Delay 1 0 seconds Bridge_Max_Age Bridge_Max_Age 2 Bridge_Hello_Time...

Страница 180: ...x age time to 25 seconds Switch Config spanning tree maxage 25 6 2 2 11 spanning tree max hop Command spanning tree max hop hop count no spanning tree max hop Function Set maximum hops of BPDU in the...

Страница 181: ...e switch The command no spanning tree mode restores the default setting Parameter mstp sets the switch in IEEE802 1s MSTP mode stp sets the switch in IEEE802 1D STP mode Command mode Global Mode Defau...

Страница 182: ...e mst instance id cost restores the default setting Parameter instance id sets the instance ID The valid range is from 0 to 48 cost sets path cost The valid range is from 1 to 200 000 000 Command mode...

Страница 183: ...stance 1 Switch Config interface ethernet 1 2 Switch Config Ethernet1 2 spanning tree mst 1 port priority 32 6 2 2 17 spanning tree mst priority Command spanning tree mst instance id priority bridge p...

Страница 184: ...ary port Example Set port 1 5 6 as boundary ports Switch Config interface ethernet 1 5 6 Switch Config Port Range spanning tree portfast 6 3 MSTP Example The following is a typical MSTP application sc...

Страница 185: ...er ports are in the forwarding status Configurations Steps Step 1 Configure port to VLAN mapping z Create VLAN 20 30 40 50 in SW2 SW3 and SW4 z Set ports 1 7 as trunk ports in SW2 SW3 and SW4 Step 2 S...

Страница 186: ...onfig Port Range exit SW2 Config spanning tree SW3 SW3 Config vlan 20 SW3 Config Vlan20 exit SW3 Config vlan 30 SW3 Config Vlan30 exit SW3 Config vlan 40 SW3 Config Vlan40 exit SW3 Config vlan 50 SW3...

Страница 187: ...h SW2 SW3 and SW4 belong to SW2 is the region root of the instance 0 SW3 is the region root of the instance 3 and SW4 is the region root of the instance 4 The traffic of VLAN 20 and VLAN 30 is sent th...

Страница 188: ...1 2 2 3 5 4 2 3 1 6 7 5 4 6 7 x x x x x Figure 6 3 The Topology Of the Instance 0 after the MSTP Calculation SW2 SW3 SW4 2 3 5 4 2 3 6 7 5 4 6 7 x x x x Figure 6 4 The Topology Of the Instance 3 after...

Страница 189: ...ction Display the MSTP Information Parameter instance id sets the instance ID The valid range is from 0 to 48 interface list sets interface list detail sets the detailed spanning tree information Comm...

Страница 190: ...007 Ethernet1 2 128 002 0 0 BLK ALTR 16384 00030f010f52 128 011 Instance 3 Self Bridge Id 0 00 03 0f 01 0e 30 Region Root Id this switch Int RootPathCost 0 Root Port ID 0 Current port list in Instance...

Страница 191: ...Ext RootPathCost Total cost from the current bridge to the root of the entire network Int RootPathCost Cost from the current bridge to the region root of the current instance Root Port ID Root port of...

Страница 192: ...4 1 3 show mst pending Command show mst pending Function In the MSTP region mode display the configuration of the current MSTP region Command mode MSTP Region Mode Usage Guide In the MSTP region mode...

Страница 193: ...tch debug spanning tree bpdu rx interface e1 1 6 4 2 MSTP Troubleshooting Help In order to run the MSTP on the switch port the MSTP has to be enabled globally If the MSTP is not enabled globally it ca...

Страница 194: ...ost membership reports a message IGMP Snooping is also referred to as IGMP listening The switch prevents multicast traffic from flooding through IGMP Snooping multicast traffic is forwarded to ports a...

Страница 195: ...d static multicast ip addr Configure static multicast address and port member to join 3 Configure IGMP to send Query Command Explanation Global Mode ip igmp snooping vlan vlan id query no ip igmp snoo...

Страница 196: ...vlan id no ip igmp snooping vlan vlan id Function Enable the IGMP Snooping function for the specified VLAN the no ip igmp snooping vlan vlan id command disables the IGMP Snooping function for the spec...

Страница 197: ...the IGMP Snooping static multicast group membership the no ip igmp snooping vlan vlan id static multicast ip addr command disables the function Parameter mac id stands for the specified VLAN number mu...

Страница 198: ...Command mode Global Mode Default IGMP Query is disabled by default Usage Guide Before enabling the IGMP Query function for the specified VLAN the switch must have a corresponding VLAN configured and I...

Страница 199: ...nge is 1 to 65535 Command mode Global Mode Default The default interval is 125 seconds Example Set the IGMP Query interval for VLAN 100 to 60 seconds Switch Config ip igmp snooping vlan 100 query inte...

Страница 200: ...er port The configuration steps are listed below Switch config Switch Config ip igmp snooping Switch Config ip igmp snooping vlan 100 Switch Config ip igmp snooping vlan 100 mrouter interface ethernet...

Страница 201: ...witch1 including port 1 2 6 10 and 12 Port 1 connects to the multicast server and port 2 connects to Switch2 In order to send Query at regular interval IGMP query must enable in Global mode and in VLA...

Страница 202: ...or IGMP Snooping and Query in all VLAN will be displayed If VLAN id is specified then detailed information for IGMP Snooping and Query of the specified VLAN will be displayed Example 1 Display the sum...

Страница 203: ...igmp snooping vlan mrouter port null Displayed information Explanation igmp snooping status whether igmp snooping function is enabled igmp snooping vlan status igmp snooping status of all VLANs in the...

Страница 204: ...lticast information MAC address Member port list 01 00 5E 7F 28 B3 Ethernet1 5 01 00 5E 7F 30 BD Ethernet1 4 Ethernet1 5 Sort by port Port State Type Group Address Life Ethernet1 4 MEMBERS_PRESENT Sno...

Страница 205: ...icast vlan vlan id Function Display information for the multicast MAC address table Parameter vlan id is the VLAN ID to be included in the display result Command mode Admin Mode Default Multicast MAC...

Страница 206: ...Snooping configuration and IGMP Snooping static multicast configuration are shown On IGMP Snooping configuration page users can configure IGMP snooping and query on IGMP Snooping static multicast con...

Страница 207: ...menu select Query State as Open set other attributes and then click Apply 7 5 2 2snooping configuration The explanation of each field is as below VLAN ID Configure snooping vlan ID snooping status Sno...

Страница 208: ...lticast address Configure multicast address Operation type Add Add static multicast member port Remove Remove static multicast member port See the equivalent CLI command at 7 2 2 4 For example Select...

Страница 209: ...209...

Страница 210: ...f LAN is not available to be visited which is equal to physical disconnection IEEE 802 1x defines the port based network access control protocol It shall be noted that the protocol is applicable not o...

Страница 211: ...cess equipment is equipment with 802 1x customer end software authentication server generally resides in the AAA center of operators and Radius server is adopted If there are several user access equip...

Страница 212: ...l configuration mode aaa enable no aaa enable Enable switch AAA authentication function use the no command to disable switch AAA authentication function aaa accounting enable no aaa accounting enable...

Страница 213: ...dot1x port control auto force authorized force una uthorized no dot1x port control Configure port 802 1x authorize status use the no command to restore default configuration Command Explanation port c...

Страница 214: ...use the no command to restore default dot1x timeout re authperiod seconds no dot1x timeout re authperiod Configure the timeout interval of switch suppliant re authentication use the no command to rest...

Страница 215: ...key use the no command to remove RADIUS server authentication key 2 Configure RADIUS Server Command Explanation Global configuration mode radius server authentication host IPaddress port portNum prima...

Страница 216: ...able switch AAA authentication function Example enable switch AAA function Switch Config aaa enable 8 2 2 2 aaa accounting enable Command aaa accounting enable no aaa accounting enable Function Enable...

Страница 217: ...unction is enable switch filter the authentication MAC address Only the authentication requirement which from dot1x address filter list will be accept otherwise will be refuse Example Add MAC address...

Страница 218: ...function and enable port 1 12 802 1x function Switch Config dot1x enable Switch Config interface ethernet 1 12 Switch Config Ethernet1 12 dot1x enable 8 2 2 6 dot1x privateclient enable Command dot1x...

Страница 219: ...count is the times of sending EAP request MD5 frame The range 1 10 Command mode global configuration mode Default Maximum is 2 times Instructions When user configure the maximum times of sending EAP...

Страница 220: ...802 1x authentication to user must configure port authentication status as auto Example Configure port 1 1 as 802 1x authentication status Switch Config interface ethernet 1 1 Switch Config Ethernet1...

Страница 221: ...command to disable this function Command mode global configuration mode Default The periodicity re authentication function is disabled in default mode Instructions When enable periodicity re authentic...

Страница 222: ...ot1x timeout tx period Function Configure the time interval which of switch retransmit EAP request identity frame to suppliant use the no command to restore default Parameter seconds is the time inter...

Страница 223: ...adius server authentication host Command radius server authentication host ip address port port number primary no radius server authentication host ip address Function Configure RADIUS server IP addre...

Страница 224: ...id Example Configure RADIUS server dead time as 3 minutes Switch Config radius server dead time 3 8 2 2 20 radius server key Command radius server key string no radius server key Function Configure RA...

Страница 225: ...annot access Example Configure RADIUS authentication message retransmit times as 5 times Switch Config radius server retransmit 5 8 2 2 22 radius server timeout Command radius server timeout seconds n...

Страница 226: ...g port default is port 1812 and port 1813 Setup IEEE802 1x authentication client software in computer and achieve IEEE802 1x authentication by using this software Configuration steps as below Switch C...

Страница 227: ...ation key authentication accounting server information etc Example Switch show aaa config If it is Boolean 1 means TRUE 0 means FALSE AAA config data Is Aaa Enabled 1 Is Account Enabled 1 MD5 Server K...

Страница 228: ...erver sum authentication server X Host IP Udp Port Is Primary Is Server Dead Socket No Display authentication server ID and corresponding IP address UDP port ID whether is Primary server the server wh...

Страница 229: ...ged mode Instructions Normally use is for information of authenticating users technical support engineers can use other information for trouble diagnosis and troubleshooting Example Switch show aaa au...

Страница 230: ...show dot1x interface interface list Function Display dot1x parameter information if add parameter information it will display dot1x status of relevant port Parameter interface list is port list If the...

Страница 231: ...Quiet period time interval tx period EAP data packet retransmit time interval max req EAP data packet retransmit times authenticator mode switch authenticator mode Mac Filter switch whether is enable...

Страница 232: ...g information use the no command to close dot1x debug information Command mode privileged configuration mode Parameter None Instructions Enable dot1x debug information may check the negotiation proces...

Страница 233: ...ns on RADIUS data The user may be forced offline during authentication again because over frequent use of RADIUS data If users make authentication requests or online users are authenticated again it i...

Страница 234: ...be applied to switch 8 5 1 2 RADIUS authentication configuration Click Authentication configuration RADIUS client configuration RADIUS authentication configuration Configure RADIUS authentication ser...

Страница 235: ...The range 0 65535 the 0 means that it s not work as authentication server z Primary accounting server Primary Accounting server is primary server Non Primary Accounting server is non primary server z...

Страница 236: ...eauthenticate client interval 1 65535 second Configure time interval of switch reauthentication client It is equivalent to CLI command 8 2 2 14 z Resending EAP request identity interval 1 65535 second...

Страница 237: ...unauthenticated data to pass across the port force unauthorized is configure port unauthenticated status switch not provide suppliant authentication service in this port not permit any port pass acros...

Страница 238: ...on type as Add mac filter entry Click Apply button and apply this configuration to switch 8 5 2 4 802 1x port status list Click Authentication configuration 802 1X configuration 802 1x port status lis...

Страница 239: ...e in a rule is the effective combination of conditions such as source IP destination IP IP protocol number and TCP port Access list can be categorized by the following criteria z Filter information ba...

Страница 240: ...ACL is bound to that port or no binding ACL matches z When an access list is bound to the outgoing direction of a port the action in the rule can only be deny 9 2 ACL configuration 9 2 1 ACL Configur...

Страница 241: ...this number access list num deny permit igmp sIpAddr sMask any source host source sIpAddr dIpAddr dMask any destination host destination dIpAddr igmp type precedence prec tos tos Create a numbered IG...

Страница 242: ...nomenclature the no ip access standard name command delete the name based standard IP access list b Specify multiple permit or deny rules Command Explanation Standard IP ACL Mode no deny permit sIpAd...

Страница 243: ...P IP access rule the no form command deletes this name based extended IP access rule no deny permit udp sIpAddr sMask any source host source sIpAddr s port sPort dIpAddr dMask any destination host des...

Страница 244: ...y source host source sIpAddr dIpAddr dMask any destination host destination dIpAddr icmp type icmp code precedence prec tos tos access list num deny permit igmp sIpAddr sMask any source host source sI...

Страница 245: ...l Mode Default No IP address is configured by default Usage Guide When the user first specifies a specific num the ACL of this number will be created and entries can be added to that ACL Example Creat...

Страница 246: ...status But the rules can only be applied to the specified direction of specified ports when the firewall is enabled When the firewall is disabled all ACL bound to the ports will be deleted Example ena...

Страница 247: ...me based standard IP access list including all entries Parameter name is the name for access list the character string length is 1 8 Command mode Global Mode Default No IP address is configured by def...

Страница 248: ...Addr precedence prec tos tos Function Create or delete a name based extended IP access rule for a specified IP protocol or all IP protocols Parameter sIpAddr is the source IP address in dot decimal fo...

Страница 249: ...ig access list ip standard ipFlow Switch Config Std Nacl ipFlow permit 10 1 1 0 0 0 0 255 Switch Config Std Nacl ipFlow deny 10 1 1 0 0 0 255 255 9 3 ACL Example Scenario 1 The user has the following...

Страница 250: ...Function Displays the access list configured Parameter acl name is the specified access list naming string num is the specified access list number Default N A Command mode Admin Mode Usage Guide When...

Страница 251: ...Mode Usage Guide If no port is specified then ACL bound in all ports will be displayed Example Switch show access group interface name Ethernet1 2 Ingress access list used is 111 interface name Ethern...

Страница 252: ...no effect on other types of packets One port can bind only one incoming ACL The number of ACL that can be successfully bound depends on the content of ACL bound and hardware resource limit The user wi...

Страница 253: ...ddress type Specified IP address or allow any address Source IP address Source IP address Reverse network mask Reverse network mask For example Add a standard numeric IP ACL Input number in ACL number...

Страница 254: ...y source address Source IP address Specify source IP address Reverse network mask Specify reverse network mask Target address type Specify target address type Specify destination address or set to any...

Страница 255: ...110 set Rule to deny set Source address type to Specified IP address set Source IP address to IP10 0 0 0 set Reverse network mask to 0 0 0 255 set Target address type to Any set Target port to 21 and...

Страница 256: ...e configuration ICMP extended ACL name configuration IGMP extended ACL name configuration TCP extended ACL name configuration UDP extended ACL name configuration Other protocols extended ACL name conf...

Страница 257: ...n click Apply 9 5 7ACL port binding configuration Click Filter configuration The configuration page is shown See the equivalent CLI command at 9 2 2 7 The explanation of each field is as below Port Co...

Страница 258: ...by the user and can not only add network bandwidth but also provide link backup Port aggregation is usually used when the switch is connected to routers PCs or other switches Fig 10 1 Port aggregatio...

Страница 259: ...dware ES4626 ES4650 series allow physical port aggregation of any two switches maximum 8 port groups and 8 ports in each port group are supported Once ports are aggregated they can be used as a normal...

Страница 260: ...the group number of a port channel from 1 to 8 if the group number already exists an error message will be given dst mac performs load balance according to destination MAC src mac performs load balan...

Страница 261: ...mode which is that of the first port of the port group The ports which have the port mode as on are imperative That means the port trunking doesn t rely on the port information As soon as there are mo...

Страница 262: ...hannel Example Scenario 1 Configuring Port Channel in LACP Fig 10 2 Configuring Port Channel in LACP The switches in the description below are all ES4626 ES4650 switches As shown in the figure port 1...

Страница 263: ...f Switch2 forms an aggregated port named Port Channel2 configurations can be made in their respective aggregated port configuration mode Scenario 2 Configuring Port Channel in ON mode Fig 10 3 Configu...

Страница 264: ...rt group1 is entered port 1 and port 2 aggregates to be port channel1 when port 3 joins port group1 port channel1 of port 1 and 2 are ungrouped and re aggregate with port 3 to form port channel1 it sh...

Страница 265: ...r not Max port channels Maximum port channel number can be formed by port group 2 Display detailed information for port group 1 Switch show port group 1 detail Sorted by the ports in the group 1 port...

Страница 266: ...d Number of the channel to add the port If the port cannot be added to the channel due to inconsistent parameter between the port and the channel 3 will be displayed partner_oper_sys System ID of the...

Страница 267: ...8000 aggregator id 0 port key 0x0100 0x0101 port state LACP activety 1 LACP timeout Aggregation 1 1 Synchronization Collecting Distributing Defaulted 1 1 Expired Partner part Administrative Operationa...

Страница 268: ...status machine is collecting or not Distributing Whether status of port bound status machine is distributing or not Defaulted Whether the local port is using default partner end parameter Expired Whe...

Страница 269: ...e whether they are in full duplex mode forced to the same speed and have the same VLAN properties etc If inconsistency occurs make sure to correct Some commands cannot be used on port in port channel...

Страница 270: ...er ports 10 5 1 LACP port group configuration Click LACP port group configuration The configuration page is shown See the equivalent CLI command at 10 2 2 1 The explanation of each field is as below G...

Страница 271: ...ort mode active passive or on Operation type Add port to group or Remove port from group For example Set group num to 1 set Port to Ethernet 1 1 set Port mode to active set Operation type to Add port...

Страница 272: ...ress and configuration parameters for the clients if DHCP server and clients are located in different subnets DHCP relay is required for DHCP packets to be transferred between the DHCP client and DHCP...

Страница 273: ...ol and is limited the lease of manually bound IP address is theoretically endless 3 Dynamically allocated address cannot be bound manually 4 Dynamic DHCP address pool can inherit the network configura...

Страница 274: ...WINS server netbios node type b node h node m node p node typ e number no netbios node type Configures node type for DHCP clients bootfile filename no bootfile Configures the file to be imported for D...

Страница 275: ...ogging for address conflicts Command Explanation Global Mode ip dhcp conflict logging no ip dhcp conflict logging Enables logging for DHCP address to detect address conflicts Admin Mode clear ip dhcp...

Страница 276: ...fied identifier DHCP server assigns the IP address defined in host command to the client Example Specify IP address 10 1 128 160 to be bound to user with the unique id of 00 10 5a 60 af 12 in manual a...

Страница 277: ...100 11 2 2 5 dns server Command dns server address1 address2 address8 no dns server Function Configure DNS servers for DHCP clients the no dns server command deletes the default gateway Parameter add...

Страница 278: ...atches the specified hardware address the DHCP server assigns the IP address defined in host command to the client Example Specify IP address 10 1 128 160 to be bound to user with hardware address 00...

Страница 279: ...detected by the DHCP server the no ip dhcp conflict logging command disables the logging Default Logging for address conflict is enabled by default Command mode Global Mode Usage Guide When logging i...

Страница 280: ...Guide This command is used to configure a DHCP address pool under Global Mode and enter the DHCP address configuration mode Example Define an address pool named 1 Switch Config ip dhcp pool 1 Switch...

Страница 281: ...etwork traffic and overhead The default lease duration of ES4626 ES4650 is 1 day Example Set the lease of DHCP pool 1 to 3 days 12 hours and 30 minutes Switch dhcp 1 config lease 3 12 30 11 2 2 14 net...

Страница 282: ...et the scope for assignment for addresses in the pool the no network address command cancels the setting Parameter network number is the network number mask is the subnet mask in the dotted decimal fo...

Страница 283: ...ess ipaddress no option code Function Set the network parameter specified by the option code the no option code command cancels the setting for option Parameter code is the code for network parameters...

Страница 284: ...hich is not only cost effective but also management effective Fig 11 2 DHCP relay As shown in the above figure the DHCP client and the DHCP server are in different networks the DHCP client performs th...

Страница 285: ...the destination IP address for DHCP relay forwarding the no ip helper address ipaddress command cancels the setting 3 Configure DHCP relay to forward other UDP broadcast packet Command Explanation Gl...

Страница 286: ...ommand cancels the setting Default Address for forwarding DHCP broadcast packet is set on DHCP relay by default Command mode Interface Mode Usage Guide The DHCP relay forwarding server address corresp...

Страница 287: ...ding to the office locations The network configurations for location A and B are shown below PoolA network 10 16 1 0 PoolB network 10 16 2 0 Device IP address Device IP address Default gateway 10 16 1...

Страница 288: ...ip 10 16 2 209 Switch dhcp config exit Switch Config ip dhcp excluded address 10 16 2 200 10 16 2 210 Switch Config ip dhcp pool A1 Switch dhcp A1 config host 10 16 1 210 Switch dhcp A1 config hardwar...

Страница 289: ...rward protocol udp port and ip helper address ipaddress ip help address can only be configured for ports on layer 3 and cannot be configured on layer 2 ports directly Usage Guide When a DHCP BootP cli...

Страница 290: ...g records will be deleted thus all addresses in the DHCP address pool will be reallocated Example Remove all IP hardware address binding records Switch clear ip dhcp binding all Related command show i...

Страница 291: ...w ip dhcp binding ip addr type all manual dynamic count Function display IP MAC binding information Parameter ip addr is a specified IP address in dotted decimal format all stands for all binding type...

Страница 292: ...n method Method in which the conflict is detected Detection Time Time when the conflict is detected 11 5 1 6 show ip dhcp server statistics Command show ip dhcp server statistics Function Display stat...

Страница 293: ...re expired Malformed message Number of error messages Message Received Statistics for DHCP packets received BOOTREQUEST Total packets received DHCPDISCOVER Number of DHCPDISCOVER packets DHCPREQUEST N...

Страница 294: ...r it is recommended to replace the router or upgrade its software to one that has a DHCP relay function In such case DHCP server should be examined for an address pool that is in the same segment of t...

Страница 295: ...Apply The configuration is applied on the switch 11 6 1 2 Address pool configuration Click DHCP configuration DHCP server configuration Address pool configuration Users can configure DHCP address poo...

Страница 296: ...efault gateway configuration Users can configure DHCP client s default gateway See the equivalent CLI command at 11 2 2 4 DHCP pool name Select a DHCP pool Gateway Configure default gateway The defaul...

Страница 297: ...1 to 10 1 128 3 and then click Apply The configuration is applied on the switch 11 6 1 5 Client WINS server configuration Click DHCP configuration DHCP server configuration Client WINS server configur...

Страница 298: ...DHCP pool name Select DHCP pool name DHCP client bootfile name 1 128 character Specify bootfile name See the equivalent CLI command at 11 2 2 1 File server Specify file server See the equivalent CLI...

Страница 299: ...type to Set network parameter and then click Apply The configuration is applied on the switch 11 6 1 8 Manual address pool configuration Click DHCP configuration DHCP server configuration Manual addr...

Страница 300: ...ess Specify ending address Operation type Apply or delete the operation For example Set Starting address to 10 1 128 1 set Ending address to 10 1 128 10 set Operation type to Add address not for alloc...

Страница 301: ...P relay configuration DHCP relay configuration Users can configure DHCP relay DHCP forward UDP configuration Configure DHCP port to forward UDP packets See the equivalent CLI command at 11 3 2 1 Port...

Страница 302: ...d on the switch 11 6 3 DHCP debugging Click DHCP configuration DHCP debugging Users can display DHCP debug information 11 6 3 1 Delete binding log Click DHCP configuration DHCP debugging Delete bindin...

Страница 303: ...tatistics and restore the counter to zero For example Click Apply All the DHCP statistics are deleted 11 6 3 4 Show IP MAC binding Click DHCP configuration DHCP debugging Show IP MAC binding Users can...

Страница 304: ...her NTP hosts through the Internet and use those hosts to provide time synchronization service for other clients in LAN ES4626 ES4650 has SNTPv4 client implemented and support SNTP client unicast desc...

Страница 305: ...s before utc after utc Function Set the time difference between the time zone in which the SNTP client resides and UTC The no sntp timezone command cancels the time zone set and restores the default s...

Страница 306: ...the two SNTP NTP servers Assume the IP addresses of the SNTP NTP servers are 10 1 1 1 and 20 1 1 1 respectively and SNTP NTP server function such as NTP master is enabled then configurations for any E...

Страница 307: ...Admin Mode Example Display debugging information for SNTP packets Switch debug sntp packets 12 4 WEB Management Click SNTP configuration Users can configure SNTP on the switch 12 4 1 12 4 1 SNTP NTP s...

Страница 308: ...erence See the equivalent CLI command at 12 1 3 Time zone Configure time zone Time difference Configure time difference Before_utc Specify the hours added to UTC After_utc Specify the hours which UTC...

Страница 309: ...idth management according to the application requirement and network management policy 13 1 1 1 QoS Terms CoS Class of Service the classification information carried by Layer 2 802 1Q frames taking 3...

Страница 310: ...ate new bandwidth but can maximize the adjustment and configuration for the current bandwidth resource Fully implemented QoS can achieve complete management over the network traffic The following is a...

Страница 311: ...e policed and remarked Policing can be performed based on DSCP value to configure different policies that allocate bandwidth to classified traffic If the traffic exceeds the bandwidth set in the polic...

Страница 312: ...of the 8 egress queues bandwidth and mapping from internal priority to egress queue 6 Configure QoS mapping Configure the mapping from CoS to DSCP DSCP to CoS DSCP to DSCP mutation IP precedence to DS...

Страница 313: ...policy to classify traffic data stream exceeding the limit will be dropped or degraded the no police rate kbps burst kbyte exceed action drop policed dscp transmit command deletes the specified polic...

Страница 314: ...mls qos dscp mutation dscp mutation name command restores the DSCP mutation mapping default 5 Configure queue out method and weight Command Explanation Interface Mode queue bandwidth weight1 weight2 w...

Страница 315: ...Command mls qos no mls qos Function Enables QoS in Global Mode the no mls qos command disables the global QoS Command mode Global Mode Default QoS is disabled by default Usage Guide QoS provides 8 que...

Страница 316: ...ities ranging from 0 to 7 vlan vlan list stands for matching specified VLAN ID list consisting of up to 8 VLAN Ids Default No matching criterion is configured by default Command mode Class map configu...

Страница 317: ...ode classification and policy configuration can be performed on packet traffic classified by class map Example Enter a policy class mode Switch Config policy map p1 Switch Config PolicyMap class c1 Sw...

Страница 318: ...ced dscp transmit specifies to mark down packet DSCP value according to policed dscp mapping when specified speed is exceeded Default There is no policy by default Command mode Policy class map config...

Страница 319: ...with no police aggregate aggregate policer name command The delete should be performed in Global Mode with no mls qos aggregate policer aggregate policer name command Example Set a policy set named ag...

Страница 320: ...ity cos assign a priority to the physical port cos is the priority to assign Priority of all incoming packets through the port will be set to this cos value This is irrelevant to the priority of the p...

Страница 321: ...itch port output policy map name applies the specified policy map to the egress of switch port Default No policy map is bound to ports by default Command mode Interface Mode Usage Guide Configuring po...

Страница 322: ...dwidth Command queue bandwidth weight1 weight2 weight3 weight4 weight5 weight6 weight7 weight8 no queue bandwidth Function Set the WRR weight for specified egress queue the no wrr queue bandwidth comm...

Страница 323: ...ores the default setting Parameter queue id is the ID of queue out ranging from 1 to 8 cos1 cos8 are CoS values mapping to the queue out ranging from 0 7 up to 8 values are supported Default Default C...

Страница 324: ...d in incoming DSCP will be converted to outgoing DSCP values ip prec dscp dscp1 dscp8 defines the conversion from IP precedence to DSCP value dscp1 dscp8 are 8 DSCP values corresponding to IP preceden...

Страница 325: ...ndwidth proportion of port ethernet 1 1 is 1 1 2 2 4 4 8 8 When packets have CoS value coming in through port ethernet 1 1 it will be map to the queue out according to the CoS value CoS value 0 to 7 c...

Страница 326: ...o limit bandwidth and burst value Apply this policy map on port ethernet 1 2 After the above settings done bandwidth for packets from segment 192 168 1 0 through port ethernet 1 2 is set to 10 Mb s wi...

Страница 327: ...ch Config PolicyMap class c1 Switch Config Policy Class set ip precedence 5 Switch Config Policy Class exit Switch Config PolicyMap exit Switch Config interface ethernet 1 1 Switch Config Ethernet1 1...

Страница 328: ...yed information Explanation aggregate policer policer1 80000 80 exceed action drop Configuration for this policy set Not used by any policy map Time of this policy set being referred to 13 1 4 1 3 sho...

Страница 329: ...buffers ethernet 1 2 Ethernet1 2 packet number of 8 queue 0x200 0x200 0x200 0x200 0x200 0x200 0x200 0x200 Displayed information Explanation packet number of 8 queue 0x200 0x200 0x200 0x200 0x200 0x200...

Страница 330: ...ified Total data packets match this class map in profile Total in profile data packets match this class map out profile Total out profile data packets match this class map 13 1 4 1 4 show mls qos maps...

Страница 331: ...0 1 2 3 4 5 6 7 8 9 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35 36 37 38 39 4 40 41 42 43 44 45 46 47 48 49 5 50 51 52 53 54 55 56 57 58 59 6 60 61 62 63 13 1 4...

Страница 332: ...1 Name of the class map referred to police 16000000 8000 exceed action drop Policy implemented 13 1 4 2 QoS Troubleshooting Help QoS is disabled on switch ports by default 8 sending queues are set by...

Страница 333: ...cy map configuration z Apply QoS to port z Egress queue configuration z QoS mapping configuration 13 1 5 1 Enable QoS Click Enable QoS to display the extension select Enable Disable QoS then entry the...

Страница 334: ...ns describe as following z Class map name z Match action which including 9 access group First valid mapping to ACL table Parameter is the assign number or name of ACL First valid means Match value 1 i...

Страница 335: ...nfiguration z Add Remove aggregate policer z Apply aggregate policer 13 1 5 3 1 Add Remove Policy map Click Add Remove policy map then entry the configure page It is equivalent to CLI command 13 1 2 2...

Страница 336: ...input c1 to Class map name select IP precedence value to Priority type input 3 to Priority value select Set to Operation type then click Apply 13 1 5 3 3 Policy map Bandwidth Configuration Click Poli...

Страница 337: ...2 2 8 All sections describe as following z Aggregate policer name z Rate average baud rate for classified bandwidth K bit s per unit z Burst burst rate for classified bandwidth K byte per unit z Excee...

Страница 338: ...configuration z Port default CoS configuration z Apply policy map to port z Apply DSCP mutation mapping 13 1 5 4 1 Port Trust Mode Configuration Click Port trust mode configuration to entry the confi...

Страница 339: ...ivalent to CLI command 13 1 2 2 11 All sections describe as following z Port z Default CoS value Startup CoS value z Reset Will set column as startup defaults This command will not modify the configur...

Страница 340: ...mutation mapping to entry the configure page It is equivalent to CLI command 13 1 2 2 13 All sections describe as following z Port name z DSCP mutation name z Operation Set or Remove If would like to...

Страница 341: ...ue for each queue select Set for operation then click Apply 13 1 5 5 2 Egress queue Work Mode Configuration Click Egress queue work mode configuration to entry the configure page It is equivalent to C...

Страница 342: ...ket with CoS value 2 3 to mapping egress queue 1 the Queue ID should be set as 1 and CoS value be set with value 2 3 then click Apply 13 1 5 6 QoS Mapping Configuration Click QoS mapping configuration...

Страница 343: ...cribe as following z DSCP 1 8 DSCP value z CoS Value DSCP value mapping to CoS value z Operation type Add or Remove If would like applying DSCP value 20 mapping to CoS value 2 it should input the CoS...

Страница 344: ...ping to DSCP value z Operation type Set or Remove If would like to set the IP precedence value 2 mapping to DSCP value 20 it should input the DSCP value 20 in IP precedence value 2 column selecting Se...

Страница 345: ...e ToS IP protocol source port number and destination port number etc 13 2 2 PBR Configuration 13 2 2 1 PBR Configuration Step 1 Enable the PBR When the QoS is enabled and disabled globally the PBR is...

Страница 346: ...tch config mls qos Switch config no mls qos 13 2 2 2 2 class map Command class map class map name no class map class map name Function Create a class map and enter class map mode The command no class...

Страница 347: ...lassMap match access group acl1 Switch config ClassMap exit 13 2 2 2 4 policy map Command policy map policy map name no policy map policy map name Function Create a policy map and enter policy map mod...

Страница 348: ...set ip nexthop cancels the next hop setting Parameter nexthop ip sets the next hop IP address Default By default there are no next hop settings Command mode Policy class Mode Usage guide Users can on...

Страница 349: ...PBR for the traffic which has the source IP address as 192 168 1 0 24 Set the next hop for the above traffic to 218 31 1 119 For the traffic which has the source IP address as 192 168 1 0 24 and has t...

Страница 350: ...globally Create a class map called c1 Set the match for the ACL a1 in the class map c1 Create a policy map called p1 Quote c1 in the policy map p1 Set the next hop IP address as 218 31 1 119 Apply the...

Страница 351: ...ng chip rather than processing by the CPU in router the forwarding of traffic will be completely handled by hardware As a result forwarding speed can be greatly improved even to line speed 14 1 Layer...

Страница 352: ...LAN interface a Layer3 interface the no interface vlan vlan id command deletes the Layer3 interface specified Parameter vlan id is the VLAN ID of the established VLAN Default No Layer3 interface is co...

Страница 353: ...Route Aggregation Configuration 14 2 2 1 IP Route Aggregation Configuration Task Set whether IP route aggregation algorithm with without optimization should be used 1 Set whether IP route aggregation...

Страница 354: ...of the next hop Example Disable optimized IP route aggregation algorithm Switch Config no ip fib optimize 14 2 3 IP Forwarding Troubleshooting Help 14 2 3 1 Monitor and Debug Commands 14 2 3 1 1 show...

Страница 355: ...0 discards Statistics of total packets received number of packets reached local destination number of packets have header errors number of erroneous addresses number of packets of unknown protocols n...

Страница 356: ...ug ip packet Function Enable the IP packet debug function the no debug IP packet command disables this debug function Default IP packet debug information is disabled by default Command mode Admin Mode...

Страница 357: ...2 ARP configuration 14 3 2 1 ARP Configuration Task Sequence 1 Configure static ARP 2 Configure proxy ARP 1 Configure static ARP Command Explanation arp ip_address mac_address ethernet portName no ar...

Страница 358: ...face would reply to the ARP its own MAC address and forward the actual packets received Enabling this function allows machines physically separated but of the same IP segment ignores the physical sepa...

Страница 359: ...00 58 fc 48 9f Vlan150 Ethernet3 4 Dynamic Displayed information Explanation Total arp items Total number of Arp entries the matched ARP entry number matching the filter conditions InCompleted ARP en...

Страница 360: ...P rcvd type 1 src 192 168 2 100 000A EB5B 780C dst 192 168 2 1 0000 0000 0000 flag 0x0 Apr 19 15 59 42 2005 IP ARP sent type 2 src 192 168 2 1 0003 0F02 310A dst 192 168 2 100 000A EB5B 780C 14 3 3 2...

Страница 361: ...with no calculation Static route is the manually specified path to a network or a host Static routes cannot be changed freely Static routes are simple consistent and can limit illegal route modificati...

Страница 362: ...rward IP packets z IP address of the next layer3 switch next hop specify the next layer3 switch the IP packet will pass z Route entry priority There may be several different next hop routes leading to...

Страница 363: ...in dynamic route and change the priority of the static route introduced 15 2 2 Introduction to Default Route Default route is a static route which is used only when no matching route is found In the...

Страница 364: ...address for the next hop in dot decimal format preference is the route priority ranging from 1 to 255 the smaller preference indicates higher priority Default The default priority for static route of...

Страница 365: ...Guide Display the content of core route table including route type destination network mask next hop address and interface etc Example Switch show ip route Codes C connected S static R RIP derived O...

Страница 366: ...are connected via the static route set in Swtich1 and Switch3 PC3 and PC2 are connected via the static route set in Swtich3 to Switch2 PC1 and PC3 is connected via the default route set in Switch2 SW...

Страница 367: ...ce etc Use the show ip route command to display the information about static route in the route table destination IP address network mask next hop IP address and forwarding interface etc For example S...

Страница 368: ...eighboring RIP layer3 switch will not send route update packets at once instead it waits until the update interval timeout every 30 seconds and sends the update packets containing that route If before...

Страница 369: ...ormation 2 The Layer3 switch modifies its local route table on receiving the reply packets and sends triggered update packets to the neighbor devices to advertise route update information On receiving...

Страница 370: ...4 Disable RIP 1 Enable RIP The basic configuration for running RIP on ES4626 ES4650 is quite simple usually the user need only enable RIP and enable sending and receiving RIP packets i e send and rece...

Страница 371: ...redistribute static ospf bgp Introduces static OSPF or BGP routes to RIP packets the no redistribute static ospf bgp command cancels the introduced routes of specified protocol c Enable interface to s...

Страница 372: ...or zero field timer basic update invalid holddown no timer basic Adjusts the time of RIP timers for update expire and hold down the no timer basic command restores the default setting 3 Configure RIP...

Страница 373: ...IP exchanges routing information by UDP packet advertisement route update information is sent every 30 seconds It uses hop number to be the standard of choosing route route of fewer hops to the same d...

Страница 374: ...son route aggregation is always enabled for RIP I If you are using RIP II you can use no auto summary command to disable route aggregation If subnet route needs to be broadcasted route aggregation can...

Страница 375: ...e RIP authentication Related command ip rip authentication 15 3 2 2 4 ip rip authentication mode Command ip rip authentiaction mode text md5 type cisco usual no ip rip authentication mode Function Set...

Страница 376: ...Default The default additional route metric used for RIP to send packets is 0 Command mode Interface Mode Example Set on interface vlan1 the additional route metric of receiving RIP packets to 5 and...

Страница 377: ...p rip receive version command restores the default setting enables receiving RIP packets on the interface Parameter 1 and 2 stands for RIP version1 and RIP version 2 respectively 12 stands for both RI...

Страница 378: ...ip split horizon Command ip split horizon no ip split horizon Function Set to enable split horizon the no ip split horizon command disables split horizon Default split horizon is enabled by default C...

Страница 379: ...st multicast packets instead only neighbor layer3 switches can exchange RIP packets Default RIP broadcast packets are sent by default Command mode RIP configuration Mode 15 3 2 2 15 rip checkzero Comm...

Страница 380: ...Enable RIP and enter RIP configuration mode the no router rip command disables RIP Default RIP is disabled by default Command mode Global Mode Usage Guide This command is the enabling switch for RIP...

Страница 381: ...timer basic 20 80 60 15 3 2 2 19 version Command version 1 2 no version Function Configure the RIP version to send receive on all ports the no version command restores the default setting Parameter 1...

Страница 382: ...ayer3 switch connecting to this RIP switch Preference RIP routing priority rip version information Display the version information for RIP including the RIP version of sending V1 for RIP I V2 for RIP...

Страница 383: ...bug ip rip packet Function Enable the RIP packet debug function for sending receiving the no debug IP packet command disables this debug function Default Debug is disabled by default Command mode Admi...

Страница 384: ...ebug is disabled by default Command mode Admin Mode Example Switch debug ip rip rec start at 230 received a rip packet from 159 226 42 1 rip packet cmd 2 version 1 00 03 59 start at 238 received a rip...

Страница 385: ...d response version 1 no dest dest_mask gatedway metric 1 159 222 0 0 0 0 0 0 0 0 0 0 2 2 11 11 11 2 0 0 0 0 0 0 0 0 2 15 3 3 Typical RIP Scenario SW ITCHA SW ITCHB SW ITCHC vl an2 20 1 1 2 24 vl an1 1...

Страница 386: ...ip rip work SwitchA Config If vlan1 exit Enable vlan2 to send receive RIP packets SwitchA Config If vlan2 ip rip work SwitchA Config If vlan2 exit SwitchA Config exit SwitchA b Configuration of layer3...

Страница 387: ...tion Admin Mode show ip rip Display the current running status and configuration information for RIP The user can decide whether the configurations are correct or not and perform RIP troubleshooting a...

Страница 388: ...static R RIP derived O OSPF derived A OSPF ASE B BGP derived D DVMRP derived Destination Mask Nexthop Interface Pref C 2 2 2 0 255 255 255 0 0 0 0 0 vlan1 0 R 7 7 7 0 255 255 255 0 2 2 2 8 vlan2 100 R...

Страница 389: ...nection All interface and link protocols are in the UP state use show interface status command Enable RIP use router rip command first then configure RIP parameters in the appropriate ports such as us...

Страница 390: ...of the link and can even add metric by the administrator for better assessment of the link state 1 When a link state layer3 switch enters a link state interconnected network it sends a HELLO packet t...

Страница 391: ...the internal network structure of an autonomous system while external routes describe the routing information to destination outside the autonomous system The first type of exterior route corresponds...

Страница 392: ...description to the network topology structure of the whole network The layer3 switches can easily create a weighted vector map according to the LS database Obviously all layer3 switches in the same au...

Страница 393: ...f the interface when electing designated layer3 switch DR 3 Disable OSPF protocol 1 Enable OSPF protocol Basic configuration of OSPF routing protocol on route switch is quite simple usually only enabl...

Страница 394: ...invalid timeout timer of LSA transmission delay and timer of LSA retransmission Command Explanation Interface Mode ip ospf hello interval time no ip ospf hello interval Sets interval for sending HELL...

Страница 395: ...ther protocols to introduce to OSPF Command Explanation OSPF protocol configuration mode redistribute ospfase bgp connected static rip type 1 2 tag tag metric cost_value no redistribute ospfase bgp co...

Страница 396: ...the priority of the interface in designated layer3 switch election the no ip ospf priority command restores the default setting 3 Disable OSPF protocol Command Explanation Global Mode no router ospf D...

Страница 397: ...tion mode Usage Guide When OSPF routing protocol introduce the routes discovered by the other routing protocols those routes are regarded as the exterior autonomous system routing information Introduc...

Страница 398: ...nformation regularly and advertise the information throughout the autonomous system This command mandates the maximum exterior routes allowed in one route introduction Example Set the maximum exterior...

Страница 399: ...redistribute type 1 15 4 2 2 6 ip ospf authentication Command ip ospf authentication simple auth_key md5 auth_key key_id no ip ospf authentication Function Configure authentication method for the int...

Страница 400: ...age Guide If no HELLO packet is received from a neighbor layer3 switch within the dead interval time that switch is considered unreachable and invalid This command allows the user to set default time...

Страница 401: ...e hello interval value set will be written to the HELLO packet and send with it Smaller hello interval enables faster discovery of network topology changes and incurs greater routing overhead For OSPF...

Страница 402: ...n1 from the election i e set the priority to 0 Switch Config If Vlan1 ip ospf priority 0 15 4 2 2 13 ip ospf retransmit interval Command ip ospf retransmit interval time no ip ospf retransmit interval...

Страница 403: ...h the no network network mask area area_id command deletes the setting Parameter network and mask are the network IP address and mask in dotted decimal format area_id is the area number from 0 to 4294...

Страница 404: ...e bgp connected static rip Function Introduce BGP routes direct routes static routes and RIP routes as external routing information the no redistribute ospfase bgp connected static rip command cancels...

Страница 405: ...d to specify the layer3 switch ID number otherwise OSPF would not work Changes to a layer3 switch ID number will apply only after the restart of OSPF Example Configure the ID of the layer3 switch to 1...

Страница 406: ...7 295 the rest four parameters are optional intervals that has the same meaning as those in OSPF interface mode Default No virtual link is configured by default Command Mode OSPF protocol configuratio...

Страница 407: ...layer3 switch preference Routing protocol priority ase perference Exterior routes priority for introduction export metric The metrics for output from the port export tag The route tag for output from...

Страница 408: ...ve Function Display OSPF statistics Default Not displayed Command mode Admin Mode Example Switch show ip ospf cumulative IO cumulative type in out HELLO 1048 253 DD 338 337 LS Req 62 219 LS Update 753...

Страница 409: ...abase asb summary external network router summary Function Display OSPF link state database information Default Not displayed Command mode Admin Mode Usage Guide OSPF link state database information c...

Страница 410: ...1 11 11 2 1 1 2147483698 1 6777215 14 14 14 1 14 14 14 1 1 2147483662 1 14831 11 11 4 1 11 11 4 1 0 2147483669 0 33875 Router LSA 11 11 2 1 11 11 2 1 1 2147483698 1 6777215 14 14 14 1 14 14 14 1 1 214...

Страница 411: ...unction Display OSPF interface information Parameter interface stands for the interface name Default Not displayed Command mode Admin Mode Example Switch show ip ospf interface vlan 1 IP address 11 11...

Страница 412: ...f Adjacencies The number of neighboring route interfaces Adjacencies Neighboring interface IP address 15 4 2 2 27 show ip ospf neighbor Command show ip ospf neighbor Function Display OSPF neighbor nod...

Страница 413: ...ddress of the interface in the neighbor layer3 switch state Link state status priority Priority DR ID of the designated layer3 switch BDR ID of the backup designated layer3 switch last hello The last...

Страница 414: ...irtual links Function Display OSPF virtual link information Default Not displayed Command mode Admin Mode Example Switch show ip ospf virtual links no virtual link 15 4 2 2 30 show ip protocols Comman...

Страница 415: ...nt Number of interface running OSPF routing protocol N times spf has been run for this area The layer3 switch performs minimum tree spanning calculation Net range The network scope for running OSPF pr...

Страница 416: ...acket length 44 02 40 54 receive ACK from 11 11 1 3 02 40 56 receive a packet from 11 11 1 2 packet length 44 02 40 56 receive ACK from 11 11 1 2 02 40 58 receive a packet from 11 11 4 2 packet length...

Страница 417: ...W IT Fig 15 3 Network topology of OSPF autonomous system The configuration for layer3 switch Switch1 and Switch5 is shown below Layer3 switch Switch1 Configuration of the IP address for interface vlan...

Страница 418: ...interfaces vlan1 and vlan3 in Switch2 Config router ospf Switch2 Config router ospf exit Switch2 Config interface vlan 1 Switch2 Config if vlan1 ip ospf enable area 0 Switch2 Config if vlan1 exit Swi...

Страница 419: ...h Switch5 Configuration of the IP address for interface vlan2 Switch5 config Switch5 Config interface vlan 2 Switch5 Config if vlan2 ip address 30 1 1 1 255 255 255 0 Switch5 Config if vlan2 no shut d...

Страница 420: ...layer3 switch Switch9 Switch11 and Switch12 and network N8 N10 share a same summary route with host H1 i e define area3 and a STUB area Layer3 switch Switch1 Switch2 Switch5 Switch6 Switch8 Switch9 S...

Страница 421: ...2 IP address of layer3 switch Switch3 interface VLAN2 is 10 1 1 3 IP address of layer3 switch Switch4 interface VLAN2 is 10 1 1 4 Switch1 is connecting to network N1 through Ethernet interface VLAN1 I...

Страница 422: ...ure simple key authentication Switch2 Config If Vlan2 ip ospf authentication simple key Switch2 Config If Vlan2 exit Configuration of the IP address and area number for interface vlan1 Switch2 Config...

Страница 423: ...he IP address for interface vlan2 Switch4 config Switch4 Config interface vlan 2 Switch4 Config If Vlan2 ip address 10 1 1 4 255 255 255 0 Switch4 Config If Vlan2 exit Enable OSPF protocol configure t...

Страница 424: ...how ip ospf database Displays OSPF link state database information Show ip ospf interface Displays OSPF information for the specified interface Show ip ospf neighbor Displays OSPF neighbor information...

Страница 425: ...he hops for output from the port export tag The route tag for output from the port area ID interface count imes spf has been run for this area net range OSPF area number including statistics for inter...

Страница 426: ...More Where O stands for OSPF route i e the OSPF route with the destination network address of 5 1 17 0 network mask of 255 255 255 0 the next hop address of 12 1 1 2 and the forwarding interface of E...

Страница 427: ...SUM_NET 1 LS_SUM_ASB 0 LS_ASE 3 AS internal route 4 AS external route 0 Displayed information Explanation IO cumulative Statistics for OSPF packets in out type Packet type including HELLO packet DD pa...

Страница 428: ...1 0 2147483656 1 6777215 11 11 2 255 11 11 4 1 0 2147483649 1 6777215 11 11 3 255 11 11 4 1 0 2147483680 1 6777215 ASBR Summary LSAs LS ID ADV rtr Age Sequence Cost Checksum ASBR s Rtr ID Area 2 Area...

Страница 429: ...rea 0 to area 0 Router LSAs Route LSA Network LSAs Network LSA Summary Network LSAs Summary network LSA ASBR Summary LSAs Autonomous system exterior LSA 6 show ip ospf interface The show ip ospf inter...

Страница 430: ...es The number of neighboring route interfaces Adjacencies Neighboring interface IP address 7 show ip ospf neighbor The show ip ospf neighbor command can be used to display information about the neighb...

Страница 431: ...lay information about the OSPF route table For example displayed information can be Switch show ip ospf routing AS internal routes Destination Area Cost Dest Type Next Hop ADV rtr 11 11 1 0 1 1 0 11 1...

Страница 432: ...mber of the layer3 switch running Preference OSPF routing priority Ase perference Autonomous system exterior routes priority Export metric Metrics for exporting OSPF routes Export tag Tag value for ex...

Страница 433: ...k designated layer3 switch DR should be elected 15 5 Web Management Click Route configuration Users can configure routing protocols Static route configuration Static route configuration RIP configurat...

Страница 434: ...te RIP port imported route sending receiving RIP version send receive packet Split horizon status RIP authentication RIP mode configuration Global RIP mode configuration RIP version Auto summary Rip p...

Страница 435: ...elow Import other routing protocol to RIP Protocol imported Static OSPF and BGP Redistribute imported route cost Route cost Operation type Add or Remove For example Import OSPF route with cost of 5 to...

Страница 436: ...e packet Configure if the port is allowed to receive RIP packet yes or no See the equivalent CLI command at 15 3 2 2 7 Send packet Configure if the port is allowed to send RIP packet yes or no See the...

Страница 437: ...uto summary apply and cancel See the equivalent CLI command at 15 3 2 2 1 Rip priority 0 255 Specify rip priority See the equivalent CLI command at 15 3 2 2 16 Set default route cost for imported rout...

Страница 438: ...OSPF configuration Users can configure OSPF OSPF enable Enable OSPF protocol OSPF Tx parameter configuration Configure OSPF transmitting parameters Imported route parameter configuration Configure OS...

Страница 439: ...n of each field is as below Router ID configuration Configure Router ID Reset Reset parameter Default Delete Router ID For example Input ID and then click Apply 15 5 3 1 3 OSPF network range configura...

Страница 440: ...r configuration Users can configure OSPF transmitting parameters OSPF authentication parameter configuration Configure OSPF authentication parameter Passive interface configuration Set OSPF port to re...

Страница 441: ...onfigure passive interface Cancel Cancel the configuration Reset Restore the default value For example Set vlan1 to OSFP passive interface Set Port to Vlan1 select Passive interface configuration and...

Страница 442: ...nformation Import external routing information to OSPF 15 5 3 3 1 Imported route parameter configuration Click Imported route parameter configuration The configuration page is shown The explanation of...

Страница 443: ...ue 15 5 3 4 Other OSFP parameter configuration Click Other parameter configuration The configuration page is shown OSPF priority configuration Configure OSPF priority OSPF STUB area and default route...

Страница 444: ...rea default cost areaID Stub area ID 15 5 3 4 3 OSPF virtual link configuration Click OSPF virtual link configuration The configuration page is shown See the equivalent CLI command at 15 4 2 2 21 The...

Страница 445: ...spf cumulative Show OSPF statistics See the equivalent CLI command at 15 4 2 2 24 show ip ospf database Show OSPF link state database See the equivalent CLI command at 15 4 2 2 25 show ip ospf neighbo...

Страница 446: ...446...

Страница 447: ...logy solved this problem Multicast source sends the information only once and the multicast routing protocol create a tree route for the multicast packet the information being transferred will start d...

Страница 448: ...group The IP address of a perpetual multicast group remains the same but the membership can be changed A perpetual multicast group can have any number of members even zero The IP multicast addresses n...

Страница 449: ...cast forwarding is more complex than unicast forwarding To ensure the multicast packets reach the routers in the shortest route the multicast protocols must check the receiving interfaces of the multi...

Страница 450: ...6 2 1 1 show ip mroute Command show ip mroute group_address source_address Function Display the IP multicast packet forwarding entries Parameter group_address specifies the group address for the forwa...

Страница 451: ...members are relatively concentrated in such network environment The work process of PIM DM can be summarized as the following phases neighbor discovery flooding prune grafting 1 Neighbor discovery PIM...

Страница 452: ...not dependent on specific unicast routing protocol but can be the route information of any unicast routing protocols such as route discovered by RIP OSPF etc 4 Assert mechanism If two routes A and B i...

Страница 453: ...al seconds no ip pim hello interval Set interval for sending PIM DM HELLO packets in the interface the no ip pim query interval command restores the default setting 3 Disable PIM DM protocol Command E...

Страница 454: ...ranging from 1 to 18724s Parameter The default interval for sending PIM DM HELLO is 10s Command mode Interface Mode Usage Guide The HELLO message enable PIM DM switches to locate each other and estab...

Страница 455: ...g interface vlan2 Switch Config If Vlan1 ip pim dense mode 2 Configuration of SwitchB Switch Config interface vlan 1 Switch Config If Vlan1 ip pim dense mode Switch Config If Vlan1 exit Switch Config...

Страница 456: ...ay all PIM DM packet forwarding entries Switch sh ip pim mroute dm BIT Proto DVMRP 0x2 PIM 0x8 PIMSM 0x10 PIMDM 0x20 Flags RPT 0x1 WC 0x2 SPT 0x4 NEG CACHE 0x8 JOIN SUPP 0x10 Downstream IGMP 0x1 NBR 0...

Страница 457: ...de If no interface name is specified then neighbor information for all interfaces will be displayed Example Display neighbor information for all interfaces do not specify the interface name Switch sh...

Страница 458: ...ce index to the interface Hello Interval The HELLO packet interval configured on the interface in seconds Neighbor Address Neighbor address Interface the latter The neighbor interface discovered Uptim...

Страница 459: ...y request for the packets By setting rendezvous points RP and bootstrap routers PIM SM announces multicast information to all PIM SM routers and builds up RP rooted shared tree with the router join pr...

Страница 460: ...S direction and cause the toggling from RPT to SPT 2 Pre PIM SM configuration work 1 Configure candidate RP In PIM SM networks multiple RPs are allowed they are referred to as the candidate RP C RP Ea...

Страница 461: ...arse mode command disables PIM SM protocol required 2 Configure PIM SM sub parameters 1 Configure PIM SM interface parameters 1 Configure PIM SM HELLO packet interval Command Explanation Interface Mod...

Страница 462: ...im rp candidate ifname This command is a global candidate RP configuration command It is used to configure information for PIM SM candidate RP and to comtend for the RP router with the other candidate...

Страница 463: ...cancels the BSR border configuration Parameter N A Default BSR border configuration on interfaces is disabled by default Command mode Interface Mode Usage Guide This command is the configuration comm...

Страница 464: ...her candidate BSRs the no ip pim bsr candidate command cancels the BSR configuration Parameter ifname is the name of the specified interface hash mask length is the mask length of the specified hash a...

Страница 465: ...ion for PIM SM candidate RP and to comtend for the RP router with the other candidate RPs The switch will be a RP candidate router only when this command is configured Example Set the interface vlan1...

Страница 466: ...im rp candidate vlan2 group list 5 Switch Config access list 5 permit 239 255 2 0 0 0 0 255 3 Configuration of SWITCHC Switch Config interface vlan 1 Switch Config If Vlan1 ip pim sparse mode Switch C...

Страница 467: ...otstrap information BSR address 192 4 1 3 Priority 192 Hash mask length 30 Expires 00 02 13 Switch Displayed information Explanation BSR address Bsr router address Priority Bsr router priority Hash ma...

Страница 468: ...Interface the latter The neighbor interface discovered Uptime The up time of the neighbor since discovery Expires The remaining time before considering the neighbor to be invalid 16 4 4 1 3 show ip p...

Страница 469: ...Command mode Admin Mode Usage Guide If no interface name is specified then neighbor information for all interfaces will be displayed Example Display neighbor information for all interfaces do not spe...

Страница 470: ...ameter N A Default Disabled Command mode Admin Mode Usage Guide If detailed information about PIM packets etc is required this debug command can be used Example Switch debug ip pim PIM debug is on 00...

Страница 471: ...essage on vlan4 00 16 23 PIM Transmit the BSR message on vlan3 00 16 23 PIM Transmit the BSR message on vlan2 16 4 4 2 PIM SM Troubleshooting Help In configuring and using PIM SM protocol the PIM SM p...

Страница 472: ...ce network If the interface at which the packet arrives is the interface to send unicast information to the source then the RPF check is success and the packet is forwarded from all down stream interf...

Страница 473: ...he DVMRP switch fulfills the poison reverse by adding infinite 32 to the route metric of a certain source broadcasted by it in replying its upstream switches Hence correct metric value can be 1 to 2 x...

Страница 474: ...guring DVMRP neighbor timeout time Command Explanation Interface Mode ip dvmrp metric metric_val no ip dvmrp metric Set interval for sending DVMRP report packets in the interface the no ip dvmrp metri...

Страница 475: ...ion Interface Mode ip dvmrp tunnel A B C D metric metric_val no ip dvmrp tunnel A B C D Configure tunneling to neighbor A B C D the no ip dvmrp tunnel command removes the tunnel to neighbor A B C D 5...

Страница 476: ...nd enables the switch to tell neighbor timeout by report packet intervals if no report message format a CISCO neighbor is received in an interval three times of the report interval that neighbor is co...

Страница 477: ...The routing information in a DVMRP report packet includes a list of source network addresses and metrics When DVMRP report packet metric is configured on the interface all route entries received on th...

Страница 478: ...al Mode Usage Guide The probe message enables DVMRP switches to locate each other and establish the neighborhood and to learn the capability of each other DVMRP switches claim their existence by sendi...

Страница 479: ...ed interval then the route is considered to be invalid This timeout interval must be greater than that for sending report messages Example Configure the DVMRP route timeout interval to 100s Switch Con...

Страница 480: ...an and DVMRP protocol is enabled on each vlan interface SWITCHA SWITCHB Et hernet 1 1 vl an1 Et hernet 1 1 vl an1 Et hernet 1 2 vl an2 Fig 16 3 DVMRP network topology The followings are the configurat...

Страница 481: ...HE 0x8 JOIN SUPP 0x10 Downstream IGMP 0x1 NBR 0x2 WC 0x4 RP 0x8 STATIC 0x10 DVMRP Multicast Routing Table inodes 1 routes 1 192 168 1 0 224 1 1 1 protos 0x2 flags 0x0 Incoming interface Vlan1 RPF Nbr...

Страница 482: ...discovered Uptime The up time of the neighbor since discovery Expires The remaining time before considering the neighbor to be invalid 16 5 4 1 3 show ip dvmrp route Command show ip dvmrp route Functi...

Страница 483: ...Ethernet interface vlan1 Switch show ip dvmrp tunnel vlan1 Name dvmrp2 Index 7 State 1195 Parent 3 Localaddr 192 168 1 11 Remote 1 1 1 1 Switch Displayed information Explanation Name Tunnel interface...

Страница 484: ...to 224 0 0 4 len 12 01 18 09 40 DVMRP probe Vers majorv 3 minorv 255 01 18 09 40 DVMRP probe flags PG 01 18 09 40 DVMRP probe genid 0x24f29 16 5 4 1 6 debug ip dvmrp pruning Command debug ip dvmrp pru...

Страница 485: ...rp route command to view that table If connectivity with CISCO is required make sure the CISCO connex command is configured use ip dvmrp cisco compatible command 16 6 IGMP 16 6 1 Introduction to IGMP...

Страница 486: ...hanism added in IGMP v2 In IGMP v1 the hosts quit the multicast without giving any message to any multicast switch And multicast switches have to decide the quit of multicast member by multicast group...

Страница 487: ...ameters a Configuring IGMP group filtering criteria b Configure IGMP groups c Configure static IGMP groups Command Explanation Interface Mode ip igmp access group acl_num acl_name no ip igmp access gr...

Страница 488: ...esponse to a IGMP query the no ip igmp query timeout command restores the default setting 3 Configure IGMP version Command Explanation Interface Mode ip igmp version version no ip igmp version Configu...

Страница 489: ...Switch Config interface vlan 1 Switch Config If Vlan1 ip igmp access group 1 16 6 2 2 2 ip igmp join group Command ip igmp join group A B C D no ip igmp join group A B C D Function Join the interface...

Страница 490: ...nse time command restores the default setting Parameter time_val is the maximum interface response time for IGMP queries ranging from 1 to 25s Default The default value is 10 seconds Command mode Inte...

Страница 491: ...s Default Do not join static groups Command mode Interface Mode Usage Guide After an interface joins a static group then the interface will receive multicast packet about that static group regardless...

Страница 492: ...witchB are added to the appropriate vlan and PIM DM protocol is enabled on each vlan interface SWITCHA SWITCHB Et hernet 1 1 vl an1 Et hernet 1 1 vl an1 Et hernet 1 2 vl an2 Fig 16 4 IGMP network topo...

Страница 493: ...ress Interface Uptime Expires Last Reporter 239 255 255 250 Vlan123 02 57 30 00 03 36 123 1 1 2 Switch Displayed information Explanation Group Address Multicast group IP address Interface Interface of...

Страница 494: ...igmp event Function Enable the debug function for displaying IGMP events the no format of this command disables this debug function Parameter N A Default Disabled Command mode Admin Mode Usage Guide I...

Страница 495: ...g configurations The user should ensure the following Good condition of the physical connection All interface and link protocols are in the UP state use show interfaces status command Ensure at least...

Страница 496: ...ify the layer 3 port Apply Apply the configuration Default Disable PIM DM on the layer 3 interface Click PIM DM parameter configuration Users can configure PIM DM parameters on the layer 3 port See th...

Страница 497: ...R border Users can configure the border port of PIM SM area which can prevent BSR messages from advertising outside the PIM SM area See the equivalent CLI command at 16 4 2 2 2 Vlan Port Specify the l...

Страница 498: ...MRP configuration In DVMRP configuration mode users can enable DVMRP or disable DVMRP protocol on the port See the equivalent CLI command at 16 5 2 2 2 Enable DVMRP yes is used to enable DVMRP protoco...

Страница 499: ...ll valid Click DVMRP global parameter configuration Users can configure global DVMRP parameters See the equivalent CLI command at 16 5 2 2 3 16 5 2 2 6 16 5 2 2 7 and 16 5 2 2 8 DVMRP graft interval c...

Страница 500: ...CLI command at 16 6 2 2 1 16 6 2 2 2 16 6 2 2 3 16 6 2 2 4 16 6 2 2 5 and 16 6 2 2 6 Set Acl for IGMP group Configure Acl for IGMP group See the equivalent CLI command at 16 6 2 2 1 Add interface to...

Страница 501: ...on configuration Specify IGMP version Vlan Port Specify the layer 3 port Apply Apply the configuration Default Restore the default IGMP version 16 7 6 Multicast inspect and debug In Inspect and debug...

Страница 502: ...502 Click Show ip dvmrp route See the equivalent CLI command at 16 5 4 1 3 Click Show ip dvmrp tunnel See the equivalent CLI command at 16 5 4 1 4...

Страница 503: ...y group In the standby group there are one active router called Master and one or several backup routers called Backup The master router is responsible for forwarding the packets whereas the backup ro...

Страница 504: ...1 Create Delete virtual router Command Explanation Global Mode no router vrrp vrid Create Delete virtual router 2 Configure VRRP virtual IP address and interface Command Explanation VRRP Mode virtual...

Страница 505: ...nd Explanation VRRP Mode preempt mode true false Configure VRRP preempt mode 2 Configure VRRP priority Command Explanation VRRP Mode priority priority Configure VRRP priority 3 Configure VRRP timer Co...

Страница 506: ...ess has two attributes master and backup If the virtual IP address is set to master it has to be the same as the IP address of a router interface in the group Accordingly its VRRP priority is 255 auto...

Страница 507: ...e Disable the relevant virtual router Users have to disable VRRP before they change the VRRP configurations Example Disable the virtual router with the sequence number 10 Switch config router vrrp 10...

Страница 508: ...ntication string by default Usage Guide This command is used to avoid the interference of non group members If all the routers in the same standby group are set to the plain text authentication mode t...

Страница 509: ...Function Configure VRRP timer value the no advertisement interval command restores the default setting Parameter adver_interva is the interval of sending VRRP message in seconds valid range is 1 to 1...

Страница 510: ...an expanded feature of the VRRP backup to ensure the successful new master router election When the master router is down and the VRRP priority of the backup interfaces is lower than that of the faile...

Страница 511: ...rface vlan 1 SwitchA Config Router Vrrp enable SWITCHB SwitchB config interface vlan 1 SwitchB Config if Vlan1 ip address 10 1 1 7 255 255 255 0 SwitchB Config if Vlan1 exit SwitchB config router vrrp...

Страница 512: ...r interface Monitored interface information 17 2 4 1 2 debug vrrp Command debug vrrp all event packet recv send no debug vrrp all event packet recv send Function Display the state changes and messages...

Страница 513: ...e up Make sure VRRP is enabled on the interface Examine the routers or layer 3 switches in the same standby group are configured for the same authentication Examine the routers or layer 3 switches in...

Страница 514: ...es candidate switches Network managers can statically or dynamically add the candidate switches to the cluster which is already established Accordingly they can configure and manage the member switche...

Страница 515: ...ically 2 Set holdtime of heartbeat of the cluster 3 Set interval of sending heartbeat packets among the switches of the cluster 4 Clear the list of candidate switches discovered by the commander switc...

Страница 516: ...d pass no cluster member mem id Add or remove a member switch Command Explanation Global Mode cluster auto add enable no cluster auto add enable Enable or disable adding newly discovered candidate swi...

Страница 517: ...le cluster function in the local switch Switch Config no cluster run 18 2 2 2 cluster register timer Command cluster register timer time value no cluster register timer Command Explanation Admin Mode...

Страница 518: ...IP address pool by default Usage Guide Before creating the cluster users have to set the private IP address pool in the commander switch The cluster can t be created if the private IP address pool is...

Страница 519: ...ig cluster commander admin vlan 2 18 2 2 5 cluster member Command cluster member candidate sn cand sn mac address mac add mem id password pass no cluster member mem id Function Add a candidate switch...

Страница 520: ...switch an error will be displayed Example Enable the auto adding function in the commander switch Switch config cluster auto add enable 18 2 2 7 rcommand member Command rcommand member mem id Functio...

Страница 521: ...error will be displayed Example In the commander switch reset the member switch 16 Switch cluster reset member 16 18 2 2 10 cluster update member Command cluster update member mem id src url dst url a...

Страница 522: ...holdtime of heartbeat of the cluster the no cluster holdtime command restores the default setting Parameter second is the holdtime of heartbeat of the cluster valid range is 20 to 65535 The holdtime o...

Страница 523: ...a non commander switch and the value is more than the current holdtime the setting is invalid and an error is displayed Example Set the interval of sending heartbeat packets of the cluster to 10 seco...

Результаты поиска

Содержание ES4626

Отзывы:

Похожие инструкции для ES4626

Бренды по названию

Популярные бренды

Accton Technology ES4626, Руководство по управлению

Результаты поиска

Содержание ES4626

Отзывы:

Похожие инструкции для ES4626

Бренды по названию

Популярные бренды