Alcatel-Lucent OmniSwitch 6850 Series Скачать руководство пользователя страница 200 | Manualshive

Страница: 200 / 292

Alcatel-Lucent OmniSwitch 6850 Series Скачать руководство пользователя страница 200

Authenticated Switch Access

Managing Switch Security

page 8-4

OmniSwitch 6800/6850/9000 Switch Management Guide

December 2007

Authenticated Switch Access

Authenticated Switch Access (ASA) is a way of authenticating users who want to manage the switch. With
authenticated access, all switch login attempts using the console or modem port, Telnet, FTP, SNMP, or
HTTP require authentication via the local user database or via a third-party server.

This section describes how to configure management interfaces for authenticated access as well as how to
specify external servers that the switch can poll for login information. The type of server may be an
authentication-only mechanism or an authentication, authorization, and accounting (AAA) mechanism.

AAA Servers—RADIUS or LDAP

AAA servers are able to provide authorization for switch management users as well as authentication (they
also may be used for accounting). The AAA servers supported on the switch are Remote Authentication
Dial-In User Service (RADIUS) or Lightweight Directory Access Protocol (LDAP) servers. User login
information and user privileges may be stored on the servers.

Privileges are used for

network administrator accounts

. Instead of user privileges an end-user profile may

be associated with a user for

customer login accounts

. User information configured on an external server

may include a profile name attribute. The switch will attempt to match the profile name to a profile stored

locally on the switch.

The following illustration shows the two different user types attempting to authenticate with a AAA

server:

For more information about types of users, see

Chapter 7, “Managing Switch User Accounts.”

Authentication-only—ACE/Server

Authentication-only servers are able to authenticate users for switch management access, but authoriza-
tion (or what privileges the user has after authenticating) are determined by the switch. Authentication-
only servers cannot return user privileges or end-user profiles to the switch. The authentication-only server
supported by the switch is ACE/Server, which is a part of RSA Security’s SecurID product suite. RSA
Security’s ACE/Agent is embedded in the switch.

The switch polls the server

for login information, which

may reference a profile

name; end-user profiles are

stored on the switch.

LDAP or RADIUS

Server

AAA Server (LDAP or RADIUS)

OmniSwitch

login request

The switch polls the server

and receives login and privi-

lege information about the

user.

Customer

login request

OmniSwitch

Network Administrator

LDAP or RADIUS

Server

end-user

profile

«
...
198
199
200
201
202
...
»

Содержание OmniSwitch 6850 Series

Страница 1: ...Part No 060215 10 Rev E December 2007 OmniSwitch 6800 Series OmniSwitch 6850 Series OmniSwitch 9000 Series Switch Management Guide www alcatel lucent com...

Страница 2: ...ck and Alcatel Lucent OmniVista are registered trademarks of Alcatel Lucent OmniAccess Omni Switch Router PolicyView RouterView SwitchManager VoiceView WebView X Cell X Vision and the Xylan logo are t...

Страница 3: ...3 File Transfer 1 3 Switch Directories 1 4 File and Directory Management 1 5 Using Wildcards 1 7 Multiple Characters 1 7 Single Characters 1 7 Directory Commands 1 8 Determining Your Location in the...

Страница 4: ...FTP Client Application Example 1 32 Creating a File Directory Using Secure Shell FTP 1 34 Transfer a File Using Secure Shell FTP 1 36 Closing a Secure Shell FTP Session 1 36 Verifying Directory Conten...

Страница 5: ...ession 2 19 Modifying the Login Banner 2 20 Modifying the Text Display Before Login 2 21 Configuring Login Parameters 2 22 Configuring the Inactivity Timer 2 22 Enabling the DNS Resolver 2 23 Verifyin...

Страница 6: ...s 4 27 CMM Switching Fabric 4 28 Swapping the Primary CMM for the Secondary CMM 4 29 Show Currently Used Configuration 4 30 NI Module Behavior During Takeover 4 31 Emergency Restore of the boot cfg Fi...

Страница 7: ...ying CLI Usage 5 24 Chapter 6 Working With Configuration Files 6 1 In This Chapter 6 1 Configuration File Specifications 6 2 Tutorial for Creating a Configuration File 6 2 Quick Steps for Applying Con...

Страница 8: ...13 Specific User Password Expiration 7 14 Configuring the Password History 7 14 Configuring the Minimum Age for a Password 7 14 Configuring Global User Lockout Settings 7 15 Configuring the User Locko...

Страница 9: ...ting for ASA 8 12 Verifying the ASA Configuration 8 13 Chapter 9 Using WebView 9 1 In This Chapter 9 1 WebView CLI Defaults 9 2 Browser Setup 9 2 WebView CLI Commands 9 3 Enabling Disabling WebView 9...

Страница 10: ...Pv2 10 9 SNMPv3 10 9 SNMP Traps Table 10 10 Using SNMP For Switch Security 10 27 Community Strings SNMPv1 and SNMPv2 10 27 Configuring Community Strings 10 27 Encryption and Authentication SNMPv3 10 2...

Страница 11: ...tices A 4 A Booting and Debugging Non Proprietary Software A 4 B The OpenLDAP Public License Version 2 4 8 December 2000 A 4 C Linux A 5 D GNU GENERAL PUBLIC LICENSE Version 2 June 1991 A 5 E Universi...

Страница 12: ...Contents xii OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 13: ...ms This information in this guide applies to the following products OmniSwitch 9000 Series OmniSwitch 6850 Series OmniSwitch 6800 Series Note This OmniSwitch Switch Management Guide covers Release 6 3...

Страница 14: ...security features and basic administrative functions The features and procedures in this guide will help form a foundation that will allow you to configure more advanced switching features later What...

Страница 15: ...rmation All chapters include overview sections on software features as well as on selected topics of that software feature Topical sections may often lead into procedure sections that describe how to...

Страница 16: ...at you read this guide before connecting your switch to the network Stage 3 Integrating the Switch Into a Network Pertinent Documentation Network Configuration Guide Advanced Routing Configuration Gui...

Страница 17: ...ions OmniSwitch 9000 Series Getting Started Guide Describes the hardware and software procedures for getting an OmniSwitch 9000 Series up and running Also provides information on fundamental aspects o...

Страница 18: ...Chapters cover multicast routing DVMRP and PIM SM and OSPF OmniSwitch Transceivers Guide Includes information on Small Form Factor Pluggable SFPs and 10 Gbps Small Form Factor Plugga bles XFPs transc...

Страница 19: ...earch option look for the following button in the toolbar Note When printing pages from the documentation PDFs de select Fit to Page if it is selected in your print dialog Otherwise pages may print wi...

Страница 20: ...page xx OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 21: ...create copy move remove rename and display directory information System Date and Time set system clock CLI commands are used in the configuration examples for more details about the syntax of command...

Страница 22: ...rectory 64 MB flash memory available for switch files and directories OmniSwitch 6800 and 6850 128 MB flash memory available for switch files and directories OmniSwitch 9000 Contains the certified and...

Страница 23: ...iles The CLI also has commands for displaying creating and editing ASCII files directly on the switch You may also want to establish a file directory structure to help organize your files on the switc...

Страница 24: ...ws you to organize your config uration and text files on the switch You can also use the vi command to create files This chapter tells you how to make copy move and delete both files and directories S...

Страница 25: ...ge and display file attributes Utility commands display memory and system diagnostic information The following illustration represents a sample flash directory that contains three directories and six...

Страница 26: ...write rw permissions The second entry shows a file for which the user has read and write rw permissions The second column indicates the number of bytes of flash memory the row entry occupies drw 512...

Страница 27: ...64000 Sep 21 19 49 swlog1 log rw 64000 Aug 12 19 06 swlog2 log The following command lists all entries in the current directory that contain the i character ls i Listing Directory flash drw 2048 Aug...

Страница 28: ...representation of the file directory shown in the illustration on page 1 5 Sample Switch Directory Tree Note The directory tree on OmniSwitch 6850 and OmniSwitch 9000 switches is similar Determining...

Страница 29: ...sh certified To move up the directory tree use the cd command Enter cd cd dot dot without specifying a direc tory name and your current directory will move up one directory level If you enter cd witho...

Страница 30: ...as part of the ls or dir command your screen will list the contents of the directory at the specified path ls flash certified Listing Directory flash certified drw 2048 Oct 12 11 16 drw 2048 Oct 12 1...

Страница 31: ...ory flash drw 1024 Nov 8 08 30 WORKING rw 276 Nov 8 09 59 boot params rw 4890749 Oct 21 21 43 cs_system pmd rw 256 Nov 8 09 57 random seed rw 64000 Nov 8 09 59 swlog1 log drw 1024 Nov 8 08 31 certifie...

Страница 32: ...ween the path and the new directory name Also a slash is required at the beginning of your path specification Note Your login account must have write privileges to execute the mkdir command The follow...

Страница 33: ...048 Oct 14 17 14 drw 2048 Oct 14 17 14 Copying an Existing Directory The cp r command recursively copies directories as well as any associated subdirectories and files Before using this command you sh...

Страница 34: ...Kos img rw 4658 Oct 25 14 21 Krelease img Listing Directory flash certified working drw 2048 Oct 14 17 14 drw 2048 Oct 14 17 12 drw 2048 Oct 14 17 14 newdir1 rw 4347 Oct 2 12 25 boot cfg rw 142830 Oc...

Страница 35: ...or the new copy being created If no path is specified the command assumes the current directory The following syntax copies the Kos img file from the working directory to the certified directory cp fl...

Страница 36: ...mote switch s working directory A copy of all the image files will appear in the flash working directory of the remote switch 172 17 11 13 once the following command is executed scp flash working img...

Страница 37: ...to specify a path for the file being copied However the command syntax specifies a path to the destination directory The screen displays a warning that the file is being renamed move testfile2 flash w...

Страница 38: ...You must have read write privileges to a file to change that file s privileges To set the permission for the config1 txt file to read only use the following syntax chmod w flash config1 txt To set th...

Страница 39: ...of the switch For example to copy the boot params file to the flash directory on primary management module in a switch and name it boot params bak enter rcp cmm b flash boot params boot params bak To...

Страница 40: ...sh directory as follows fsck flash The screen displays the following prompt Do you want fsck to automatically repair any errors found CR No Press Enter to skip repairing files or enter yes to start fi...

Страница 41: ...modem transfer of large files may take several minutes to complete For details see Using Zmodem on page 1 27 Using the Switch as an FTP Server The switch can act as an FTP server for receiving files t...

Страница 42: ...configuration file you must specify the ASCII transfer mode 3 Transfer the file Use the FTP put command or click the client s download button to send the file to the switch When you use FTP to transf...

Страница 43: ...nt 1 Establish a connection to the switch as explained in your appropriate Getting Started Guide 2 Log on to the switch and enter the ftp command to start the FTP client Next enter a valid host name o...

Страница 44: ...P commands Their definitions are given in the following table ascii Set transfer type to ASCII 7 bit binary Set transfer type to binary 8 bit bye Close session gracefully cd Change to a new directory...

Страница 45: ...of the SFTPv6 server to start an SFTPv6 session over an IPv6 environment For example sftp6 fe80 a00 20ff fea8 8961 int1 login as Note SFTPv6 sessions are supported only on OmniSwitch 6850 or 9000 It...

Страница 46: ...rename oldpath newpath Rename remote file rmdir path Remove remote directory rm path Delete remote file symlink oldpath newpath Symlink remote file version Show SFTP version Synonym for help Note Alth...

Страница 47: ...y you must remove the file before transferring the new file via Zmodem To transfer a file via Zmodem complete the following steps 1 Connect your terminal emulation device containing the Zmodem protoco...

Страница 48: ...switch These are the trusted configuration and binary image files They will be used in the event of a non specified reload Do not attempt to edit these files The path to this directory is flash certi...

Страница 49: ...witch feature are noted in the table Archive File Name Base or Optional Software Description Kadvrout img Optional Advanced Routing Advanced Routing Kbase img Base Software Base Software Kdiag img Bas...

Страница 50: ...to the switch from your FTP client Where the FTP client asks for Name enter the IP address of your switch Where the FTP client asks for User ID enter admin Where the FTP client asks for Password ente...

Страница 51: ...h how to transfer files into the directory and how to list the files 1 Log onto the switch and use the mkdir command to create a new directory called resources mkdir resources 2 Verify that the new di...

Страница 52: ...e switch as an FTP client 1 Log into the switch Use the ls command to verify that your current directory is flash ls Listing Directory flash rw 272 Jun 12 15 57 boot params drw 2048 Jun 12 17 52 certi...

Страница 53: ...nected Cosmo Windows FTP server ready Name Myhost1 Note FTPv6 sessions are supported only on OmniSwitch 6850 or 9000 It is mandatory to specify the name of the particular IPv6 interface if the FTPv6 s...

Страница 54: ...r IPv6 interface if the SFTPv6 server has been specified using its link local address 2 You must have a login and password that is recognized by the IP address you are logging in to When you enter you...

Страница 55: ...e Management OmniSwitch 6800 6850 9000 Switch Management Guide December 2007 page 1 35 287 boot params 2048 certified 2048 working 64000 swlog1 log 64000 swlog2 log30 policy cfg 2048 network 206093 cs...

Страница 56: ...file1 rr 2 To verify that the file was transferred to the correct destination use the Secure Shell FTP cd command to move your login to the newssdir directory Then use the ls command to list the conte...

Страница 57: ...g CMM Directory Content Date To display the current system date for your switch use the system date command If you do not specify a new date in the command line the switch will display the current sys...

Страница 58: ...number of hours offset from UTC such as ten hours use the following command syntax system timezone 10 Values to specify hours for offset range from 13 through 12 Time To display the current local time...

Страница 59: ...position of that day in the month e g first second third fourth or last Sunday of the month The hour and minute of the day at which DST will begin The day of the week and month of the year when DST w...

Страница 60: ...ight savings time enable Note If your time zone shows No default in the Time Zone and DST Information Table refer to Daylight Savings Time Configuration on page 1 39 for information on configuring and...

Страница 61: ...at 2 00 a m 1 00 cst Central Standard Time 06 00 2nd Sunday in Mar at 2 00 a m 1st Sunday in Nov at 2 00 a m 1 00 mst Mountain Standard Time 07 00 2nd Sunday in Mar at 2 00 a m 1st Sunday in Nov at 2...

Страница 62: ...Setting the System Clock Managing System Files page 1 42 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 63: ...in both IPv4 and IPv6 environments for logging into the switch as well as information about using the switch to start a Telnet or Secure Shell session on another device It also includes information ab...

Страница 64: ...nt Guide December 2007 Creating user accounts directly on the switch Chapter 7 Managing Switch User Accounts Using the CLI Chapter 5 Using the CLI Using WebView to manage the switch Chapter 9 Using We...

Страница 65: ...pported Internet Explorer for Windows NT Windows XP and Windows 2000 version 6 0 Netscape for Windows NT Windows XP and Windows 2000 version 7 1 Netscape for Sun OS 2 8 version 4 79 Netscape for HP UX...

Страница 66: ...ent Guide December 2007 The following table describes the maximum number of sessions allowed on an OmniSwitch Session OS 9000 OS 6850 OS 6800 supports only v4 Telnet v4 or v6 4 4 4 FTP v4 or v6 4 4 4...

Страница 67: ...r terminal will automatically display the switch login prompt If you are connected remotely you must enter the switch IP address in your Telnet FTP or Secure Shell client typically the IP or IPv6 addr...

Страница 68: ...nage the switch is called Authenticated Switch Access ASA Authenticated Switch Access is described in detail in Chapter 8 Managing Switch Security An overview of management methods is listed here Logg...

Страница 69: ...or servers The accounts include a username and password In addition they also specify the user s privileges or end user profile depending on the type of user account In either case the user is given r...

Страница 70: ...lnet connection is not secure Secure Shell is recommended instead of Telnet or FTP as a secure method of accessing the switch Starting a Telnet Session from the Switch At any time during a login sessi...

Страница 71: ...6850 or 9000 i e when the switch acts as a telnet server Here you must enter a valid username and password Once login is complete the OmniSwitch welcome banner will display as follows login admin pas...

Страница 72: ...t IP address or host name and the ftp6 command to start an FTPv6 session followed by relevant IPv6 address or hostname over an IPv6 environment You have to specify the name of the particular IPv6 inte...

Страница 73: ...ame Jsmith 331 Password required for Jsmith Password 230 User Jsmith logged in Note It is mandatory to specify the name of the particular IPv6 interface if the target has been specified using the link...

Страница 74: ...l for communications over TCP IP for sending file transfers Both Telnet and FTP are available on the OmniSwitch but they do not support encrypted passwords Note Secure Shell may only be used to log in...

Страница 75: ...net to manage the OmniSwitch Here the user terminal is connected through the network to the switch The drawing below shows a slightly different application Here a terminal connected to a single OmniSw...

Страница 76: ...cluded in the Secure Shell transport layer protocol It uses a key agreement to produce a shared secret that cannot be determined by either the client or the server alone The key exchange is combined w...

Страница 77: ...erid specified as part of the filename in Step 2 is a valid user name on the OmniSwitch If the username does not already exist in the switch configuration create the user name with the appropriate pri...

Страница 78: ...ell session is established you can use the remote device specified by the IP address on a secure connection from your OmniSwitch Note The login parameters for Secure Shell session login parameters can...

Страница 79: ...een specified using its link local address SSHv6 sessions are supported only on OmniSwitch 6850 or 9000 Closing a Secure Shell Session To terminate the Secure Shell session issue the exit command The...

Страница 80: ...are supported only on OmniSwitch 6850 or 9000 3 After logging in you will receive the sftp prompt You may enter a question mark to view available Secure Shell FTP commands and their definitions as sh...

Страница 81: ...issue the exit command The following will display exit Connection to 11 133 30 135 closed This display indicates the Secure Shell FTP session with IP address 11 133 20 135 is closed The user is now lo...

Страница 82: ...niSwitch TM is a trademark of Alcatel Lucent registered in the United States Patent and Trademark Office LOGIN ALERT This switch is a secure device Unauthorized use of this switch will go on your perm...

Страница 83: ...switch does not display any text before the login prompt for any CLI session At initial bootup the switch creates a pre_banner txt file in the flash directory The file is empty and may be edited to in...

Страница 84: ...the desired number of minutes In the following example the CLI time out is changed from the default to 8 minutes session timeout cli 8 This command changes the inactivity timer for new CLI sessions to...

Страница 85: ...p domain name mycompany1 com 2 Use the ip domain lookup CLI command to enable the DNS resolver service ip domain lookup You can disable the DNS resolver by using the no ip domain lookup command For mo...

Страница 86: ...re information about these commands refer to the OmniSwitch CLI Reference Guide who Displays all active login sessions e g console Telnet FTP HTTP Secure Shell Secure Shell FTP whoami Displays the cur...

Страница 87: ...er for exam ple In This Chapter This chapter describes the basic components of the OmniSwitch implementation of Network Time Proto col and how to configure it through Command Line Interface CLI CLI co...

Страница 88: ...s RFCs supported 1305 Network Time Protocol Maximum number of NTP servers per client 3 Parameter Description Command Default Value Comments Specifies an NTP server from which this switch will receive...

Страница 89: ...own show ntp server status 198 206 181 139 IP address 198 206 181 139 Host mode client Peer mode server Prefer no Version 4 Key 0 Stratum 2 Minpoll 6 64 seconds Maxpoll 10 1024 seconds Delay 0 016 sec...

Страница 90: ...anagement Guide December 2007 5 You can check the client configuration using the show ntp client command as shown show ntp client Current time THU SEP 15 2005 17 44 54 UTC Last NTP update THU SEP 15 2...

Страница 91: ...ation about its axis and the Gregorian Calendar representing the Earth s rotation about the Sun The UTC timescale is disciplined with respect to International Atomic Time TAI by inserting leap seconds...

Страница 92: ...f several servers claiming synchronization to the standard time are in disagreement then one or more of them must be out of synchronization or not functioning correctly The stratum gradiation is used...

Страница 93: ...then check the time information with peers at the same stratum The stratum 2 machines synchronize to the stratum 1 servers but do not send time information to the stratum 1 machines Machines 2a and 2...

Страница 94: ...rmation This is done by using a key file The key file is loaded into the switch memory and consists of a text file that lists key identifiers that correspond to particular NTP entities If authenticati...

Страница 95: ...in the broadcast mode Broadcast mode specifies that a client switch listens on all interfaces for server broadcast timestamp information It uses these messages to update its time To set an OmniSwitch...

Страница 96: ...fied by the NTP protocol enter the ntp server synchronized command as shown ntp server synchronized NTP synchronization is enabled by default Note The NTP protocol discards the NTP servers that are un...

Страница 97: ...s use the ntp server command with the server IP address or domain name version keyword and version number as shown ntp server 1 1 1 1 version 3 The default setting is version 4 Marking a Server as Pre...

Страница 98: ...tion 2 Make sure the key file with the NTP server s MD5 key is loaded into the switch memory by issuing the ntp key load command as shown ntp key load 3 Set the server authentication key identificatio...

Страница 99: ...hap ter in the OmniSwitch CLI Reference Guide Examples of the show ntp client show ntp server status and show ntp client server list command outputs are given in the section NTP Quick Steps on page 3...

Страница 100: ...Verifying NTP Configuration Configuring Network Time Protocol NTP page 3 14 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 101: ...capability and CMM redundancy is also available with the OmniSwitch 6850 Series Note Mixing OmniSwitch 6800 and 6850 switches together in the same stack is not supported Management of the stack is run...

Страница 102: ...nagement Guide December 2007 CMM Specifications Size of Flash Memory 64 Megabytes OmniSwitch 6800 and 6850 128 Megabytes OmniSwitch 9000 Size of RAM Memory 256 Megabytes Maximum Length of File Names 3...

Страница 103: ...hly in OmniSwitch 9000 Getting Started Guide Modifications to the switch parameters affect or change the configuration file The image files are static for the purposes of running the switch though the...

Страница 104: ...Initially when normally booting the switch the software is loaded from the certified directory This is the repository for the most reliable software When the switch is booted the certified directory i...

Страница 105: ...the certified directory the contents of which are loaded into the running configuration Since the working and certified directories are exactly the same the switch is running from the working director...

Страница 106: ...lustrated in the diagram below Running Configuration Saved to Working Directory It is important to note that in the above scenario the switch is using the configuration file from the certi fied direct...

Страница 107: ...reboot Since the working and certified directories are exactly the same the switch is running from the working directory Running Configuration is Saved to Working then to the Certified Directory R W...

Страница 108: ...as corrupted during the FTP transfer Rather than having a disabled switch the network administrator can reboot the switch from the certified directory which has the previous more reliable version of t...

Страница 109: ...ormation on managing a stack of switches see the Managing Stacks chapter found in both the OmniSwitch 6800 Hardware Users Guide and the OmniSwitch 6850 Hardware Users Guide When two CMMs are running i...

Страница 110: ...new files The follow ing diagram illustrates the synchronization process of a working directory reboot The stack displayed is a three switch stack Booting from the Working Directory This synchronizati...

Страница 111: ...e Certified Directory on page 4 26 Note It is important to certify the working directory and synchronize the stack as soon as the validity of the software is established Stacks booted from the working...

Страница 112: ...ng diagram illustrates this idea The diagram shows a stack of three switches to which a fourth switch is added Synchronizing a Stack with Three More Switches W C W C W C W C 1 Stack is pow ered up and...

Страница 113: ...on a switch with a redundant CMM OmniSwitch 9000 do not apply to a switch without a redundant CMM Redundant command usage is covered in Managing Redundancy in a Stack and CMM on page 4 25 See the app...

Страница 114: ...mote fabric module is in up good state only the CPM will be reset If the local remote fabric module is in a down bad state then the complete CMM will be reloaded Scheduling a Reboot It is possible to...

Страница 115: ...000 Switch Management Guide December 2007 page 4 15 Checking the Status of a Scheduled Reboot You can check the status of a reboot set for a later time by entering the following command show reload or...

Страница 116: ...onfiguration and the boot cfg file in the working directory are identi cal Should the switch go down or reboot the configuration changes made can be restored Note If the switch is rebooted at this poi...

Страница 117: ...y running config working and write memory commands are described in detail in the OmniSwitch CLI Reference Guide Note The saved boot cfg file will be overwritten if the takeover command is executed af...

Страница 118: ...ectory is used to initially boot the switch 2 Changes are made to the configuration file and are saved to the configuration file in the working direc tory by using the copy running config working comm...

Страница 119: ...ties in different versions of switch software Certifying the working directory is described in Copying the Work ing Directory to the Certified Directory on page 4 21 while synchronizing the switch is...

Страница 120: ...niSwitch 6800 6850 9000 Switch Management Guide December 2007 Cancelling a Rollback Timeout To cancel a rollback time out enter the reload cancel command as shown reload primary cancel or reload cance...

Страница 121: ...e switch boots from the certified directory and changes are made to the running configuration 2 The changes are saved to the working directory as the boot cfg file 3 The contents of the working direct...

Страница 122: ...es the boot cfg file and the certs pem file should be kept in the working direc tory Note In OmniSwitch 6800 and 6850 switches only it is important to synchronize the stack as soon as the validity of...

Страница 123: ...figuration WORKING Certify Restore Status CERTIFY NEEDED SYNCHRONIZATION STATUS Flash Between CMMs SYNCHRONIZED Running Configuration NOT AVAILABLE Stacks Reload on Takeover ALL STACKs SW Activation T...

Страница 124: ...3 1 311 R01 823614 Alcatel Advanced Routing Kbase img 5 3 1 311 R01 7372509 Alcatel Base Software Kdiag img 5 3 1 311 R01 5215 Alcatel Diagnostics Archive Keni img 5 3 1 311 R01 2486643 Alcatel Ether...

Страница 125: ...uture time by setting time parame ters in conjunction with the reload command For example to schedule a reboot of the secondary CMM in 8 hours and 15 minutes on the same day enter the following at the...

Страница 126: ...software To copy the working directory to the certified directory of the primary CMM and at the same time synchronize the software of the primary and secondary CMM use the following command copy work...

Страница 127: ...reboot is then triggered on the secondary CMM loading the new contents of the work ing directory to the running configuration in OmniSwitch 9000 switches only 3 If no problems exist then the working...

Страница 128: ...Each OS9000 CMM module contains hardware and software elements to provide management functions for the OS9000 system The OS9000 CMM module also contains the switch fabric for the OS9000 system User d...

Страница 129: ...takeover To instruct the secondary CMM to takeover switch functions from the primary CMM with a complete CMM reload enter the following command at the prompt takeover with fabric Note On OmniSwitch 9...

Страница 130: ...s currently running enter the following command on OmniSwitch 9000 switches show running directory CONFIGURATION STATUS Running CMM PRIMARY CMM Mode MONO CMMs Current CMM Slot A Running configuration...

Страница 131: ...nges are not saved via the write memory command the corresponding NIs will automatically reload if a management module takeover occurs Data flow on the affected NIs will be interrupted until the reloa...

Страница 132: ...tion changes while running from the certified directory you can perform an emergency restore of your configuration by following the steps 1 Copy your current configuration to a manually generated boot...

Страница 133: ...on the resulting displays from these commands see the OmniSwitch CLI Reference Guide An example of the output for the show microcode command is given in Show Switch Files on page 4 24 show running di...

Страница 134: ...Displaying CMM Conditions Managing CMM Directory Content page 4 34 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 135: ...efined in the OmniSwitch CLI Reference Guide All command descriptions listed in the Reference Guide include command syntax definitions defaults usage guidelines example screen output and release histo...

Страница 136: ...switch see the appropriate Getting Started Guide Note If you are using an OmniSwitch 6800 or an OmniSwitch 6850 switch in a stacked configuration you must be connected to the console port of the prim...

Страница 137: ...ommand Entry Rules and Syntax When you start a session on the switch you can execute CLI commands as soon as you are logged in The following rules apply Enter only one command per line No command may...

Страница 138: ...try from a specified port on a specified VLAN with the no ip multicast static group command Using Alias Commands You may define substitute text for the switch s CLI commands by using the alias command...

Страница 139: ...keywords such that all keywords in the group share a common prefix In this case pressing Tab will cause the CLI to complete the common prefix and place the cursor at the end of the prefix Note that in...

Страница 140: ...MMAND LOG CHMOD CD AUTO ATTRIB ALIAS CMM Chassis Supervision COPY WRITE POWER TEMP THRESHOLD TAKEOVER SYSTEM SHOW RRM RPUT RLS RGET RELOAD RDF RCP NO DEBUG CONFIGURE Source Learning SOURCE LEARNING SH...

Страница 141: ...you can presume the proper command for this task will be shown in the VLAN Manager Command Set This set shows two possible keywords to follow the vlan syntax ROUTER and num Because you are assigning a...

Страница 142: ...this case the name selected for the VLAN includes spaces so you should use the syntax enclosed in quotes 4 At the command prompt enter the name of the VLAN enclosed in quotes followed by a space and a...

Страница 143: ...Deleting Characters You can delete CLI command characters by using the Backspace key or the Delete key The Backspace key deletes each character in the line one at a time from right to left Note the f...

Страница 144: ...ompt To issue the ls command press Enter ls The Up Arrow key and the bang bang command will display the last command line entered even if the command was rejected by the switch For more details on usi...

Страница 145: ...ntry In order to enable IP routing you must find another command keyword because set is not valid Prefix Recognition Prefix Recognition is a CLI feature that reduces redundant command line entry by st...

Страница 146: ...same VLAN you are only required to enter suffix information In this case you can enter the commands to accomplish tasks 2 and 3 as follows stp enable authentication enable Prefix information will be...

Страница 147: ...o view commands you have recently issued to the switch The switch has a history buffer that stores up to 30 of the most recently executed commands Note The command history feature differs from the com...

Страница 148: ...range for the history size value is 1 to 30 To view the history parameters use the show history parameters command history size 30 show history parameters History size 30 CurrentSize 10 Index Range 1...

Страница 149: ...LI Reference Guide Enabling Command Logging By default command logging is disabled To enable command logging on the switch enter the following command command log enable When command logging is enable...

Страница 150: ...must not belong to IP VLAN 67 subnet Command ip interface vlan 67 address 172 22 2 12 vlan 67 UserName admin Date MON APR 28 01 41 35 Ip Addr 128 251 19 240 Result SUCCESS Command command log enable...

Страница 151: ...r after tty defines the number of columns on the screen It must be a number between 20 and 150 You may view the current setting for your screen by using the show tty command Changing the CLI Prompt Yo...

Страница 152: ...owing command enables the more feature more After these commands are executed the CLI will display no more than 6 lines to the screen at a time followed by the More prompt The following is a sample di...

Страница 153: ...nt to your search The switch will then display the information you identified This saves you the trouble of scanning long lists of data unnecessarily The filter mode filters unwanted information from...

Страница 154: ...ights 0x00000000 0x00000000 Read only domains None Read only families Read Write domains None Read Write families Session number 1 User name admin Access type http Access port NS IP address 123 251 12...

Страница 155: ...on Number The session number assigned to the user User name User name Access type Type of access protocol used to connect to the switch Access port Switch port used for access during this session Ip A...

Страница 156: ...er 4 kill 4 The command syntax requires you to specify the number of the session you want to kill You can use the who command for a list of all current user sessions and their numbers The kill command...

Страница 157: ...owing show more The more feature is enabled and the number of line is set to 10 2 Enter the show snmp mib family command Note that 10 lines of information are displayed The switch is now in the More m...

Страница 158: ...ey To exit the table type the q character and the CLI will exit the more mode and return you to the system prompt Verifying CLI Usage To display information about CLI commands and the configuration st...

Страница 159: ...re multiple switches must be managed and monitored This chapter describes how configuration files are created how they are applied to the switch and how they can be used to enhance OmniSwitch usabilit...

Страница 160: ...ops to 3 The IP address of the DHCP server is 128 251 16 52 ip helper address 128 251 16 52 ip helper forward delay 15 ip helper maximum hops 3 2 Transfer the configuration file to the switch s file s...

Страница 161: ...ults in no changes to the saved configuration the message will state that the running configuration and saved configuration are identical To synchronize the running configuration and the saved configu...

Страница 162: ...x contained in the configuration file is printed to the console When verbose is not specified in the command line cursory information number of errors and error log file name will be printed to the co...

Страница 163: ...example the amzncom_cfg txt will be applied after 6 hours and 15 minutes have elapsed 1 Verify that there are no current timer sessions pending on the switch show configuration status File configurat...

Страница 164: ...specify a timer session In a timer session you schedule a file to be applied in the future at a specific date and time or after a specific period of time has passed like a countdown Timer sessions ar...

Страница 165: ...he keyword authkey along with a related alpha numeric text string are automatically included in many snapshot files e g configuration snapshot all The text string following the authkey keyword represe...

Страница 166: ...on file use the configuration syntax check command For example configuration syntax check asc 1 snap Errors 3 Log file name check asc 1 snap 1 err In this example the proposed asc 1 snap configuration...

Страница 167: ...lowing command will display the textfile rtf text file located in the flash working directory more flash working textfile rtf The switch will display the file text on your terminal screen until the en...

Страница 168: ...t it will capture the CLI commands for one or more switch features or for all network features To generate a snapshot file for all network features use the following syntax configuration snapshot all...

Страница 169: ...roduces a snapshot file with the name testfile snap configuration snapshot testfile snap Editing Snapshot Files Snapshot files can be viewed edited and reused as a configuration file You also have the...

Страница 170: ...disable ip interface vlan 1 address 10 255 211 70 mask 255 255 255 192 vlan 1 mtu 1500 ifindex 1 IPX IPMS AAA aaa authentication default local aaa authentication console local PARTM AVLAN 802 1x QOS P...

Страница 171: ...2007 page 6 13 Lan Power NTP RDP This file shows configuration settings for the Chassis IP AAA SNMP IP route manager Spanning tree and Bridging services Each of these services have configuration comma...

Страница 172: ...nd indicates whether the running configuration and the saved configuration files are identical or different This command also displays the number of error files that will be held in the flash director...

Страница 173: ...syntax of commands see the OmniSwitch CLI Reference Guide This chapter provides an overview of user accounts In addition configuration procedures described in this chapter include Creating a User on p...

Страница 174: ...number of end user profiles 128 Description Command Default Minimum password length user password size min 8 characters Default password expiration for any user user password expiration disabled Passw...

Страница 175: ...uring which failed login attempts are counted user lockout window 0 all attempts are counted Length of time a user account remains locked out of the switch before the account is automatically unlocked...

Страница 176: ...mands see page 7 20 Functional privileges network administration and end user profiles customer login are mutually exclu sive Both types of users may exist on the switch but any given user account can...

Страница 177: ...y default See Configuring Password Expiration on page 7 13 In addition another account default is available on the switch for default settings only this account cannot be used to log into the switch I...

Страница 178: ...read write domain network ip helper telnet For information about the default user settings see the next section For information about setting up privi leges see Configuring Privileges for a User on pa...

Страница 179: ...he display is similar to the following End user profile Profile1 Area accessible with read and write rights physical basic ip routing Slot 1 ports allowed 1 2 4 5 Slot 2 ports allowed 1 8 Vlan Id 3 8...

Страница 180: ...r SNMP access is configured for the new user For more information about configur ing privileges see Setting Up End User Profiles on page 7 20 The privilege default is particularly important for users...

Страница 181: ...tch reads the database file for user information rather than the boot cfg file The write memory copy running config working or configuration snapshot commands are not required to save user or password...

Страница 182: ...allowed password is not allowed If privileges are not specified for the user the user will inherit all of the privileges of the default user account See Default User Settings on page 7 8 Note that th...

Страница 183: ...assword reenter new password The password is now reset for the current user At the next switch login the user must enter the new pass word Note A new password cannot be identical to the current passwo...

Страница 184: ...w the current policy configuration use the show user password policy command For more infor mation about this command and those used in the configuration examples throughout this section see the OmniS...

Страница 185: ...er will have access to the switch through the console port with the currently configured password Default Password Expiration To set password expiration globally use the user password expiration comma...

Страница 186: ...y the switch This functionality prevents the user from using the same password each time their account pass word is changed For example if the password history is set to 10 and a new password entered...

Страница 187: ...ndow The lockout window is basically a moving observation window of time in which failed login attempts are counted If the number of failed login attempts exceeds the lockout threshold setting see Con...

Страница 188: ...this means that there is no automatic unlocking of a user account by the switch The locked user account remains locked until it is manually unlocked by the admin user To configure a lockout duration...

Страница 189: ...of setting up user privileges user thomas read write domain network ip helper telnet User thomas will have write access to all the configuration commands and show commands in the network domain as we...

Страница 190: ...ally on the switch By default the switch allows all SNMP requests Use the snmp security command to change the SNMP security level on the switch Note At least one user with SHA MD5 authentication and o...

Страница 191: ...with SNMP access and authentication enter the user command with the desired authentication type sha md5 sha des and md5 des user thomas password techpubs sha des When SNMP authentication is specified...

Страница 192: ...physical trap port link flow flow wait interfaces admin interfaces alias interfaces interfaces no L2 statistics show interfaces vlan table vlan vlan stp vlan authentication vlan router ipx vlan port...

Страница 193: ...profile port list command with the relevant profile name and the desired slots ports For example end user profile Profile3 port list 2 3 1 4 In this example the port list includes all ports in slot 2...

Страница 194: ...ranges and VLAN ranges specified by Profile3 Note that user information stored on an external server may include a profile name When the user attempts to log into the switch the switch will attempt to...

Страница 195: ...r User Accounts on page 7 6 show user Displays information about all users or a particular user configured in the local user database on the switch show user password size Displays the minimum number...

Страница 196: ...Verifying the User Configuration Managing Switch User Accounts page 7 24 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 197: ...security is given in this chapter In addition configuration procedures described in this chapter include Configuring Authenticated Switch Access on page 8 6 Setting Up Management Interfaces for ASA on...

Страница 198: ...ease supports IPv6 client session for Telnet FTP SSH SFTP and SNMP on OmniSwitch 6850 or 9000 Switch Security Defaults Access to managing the switch is always available for the admin user through the...

Страница 199: ...des logging statistics about user sessions For information about configuring the switch to communicate with external servers see the Managing Authentication Servers chapter in the OmniSwitch 6800 6850...

Страница 200: ...or accounts Instead of user privileges an end user profile may be associated with a user for customer login accounts User information configured on an external server may include a profile name attrib...

Страница 201: ...includes information about whether or not a user is able to log into the switch and which kinds of privileges or rights the user has for managing the switch The database may be set up by the admin us...

Страница 202: ...y mentioned in this chapter and described in detail in the Manag ing Authentication Servers chapter of the OmniSwitch 6800 6850 9000 Network Configuration Guide If you are using the local switch datab...

Страница 203: ...servers to be used for checking user login and privilege information Multiple servers of different types may be speci fied For example aaa authentication telnet rad1 ldap2 local The order of the serv...

Страница 204: ...shown here Service type Default 1rst authentication server rad1 2nd authentication server local Service type Console Authentication Use Default 1rst authentication server rad1 2nd authentication serv...

Страница 205: ...h via the aaa radius server and aaa tacacs server commands ACE Servers do not require any configuration but you must FTP the sdconf rec file from the server to the switch s network directory For more...

Страница 206: ...ple no aaa authentication ftp FTP access is now denied on the switch Note The admin user always has switch access through the console port even if access is denied through the console port To remove a...

Страница 207: ...ecure Secure Shell contains a secure FTP application that may be used after a Secure Shell session is initiated If Secure Shell is enabled it is recommended that Telnet and FTP be disabled For example...

Страница 208: ...nting logging a user session for Authenticated Switch Access use the aaa accounting session command with the relevant server name s In this example the RADIUS and LDAP servers have already been config...

Страница 209: ...he resulting displays from these commands see the OmniSwitch CLI Refer ence Guide An example of the output for the show aaa authentication command is also given in Quick Steps for Setting Up ASA on pa...

Страница 210: ...Verifying the ASA Configuration Managing Switch Security page 8 14 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 211: ...mation about setting up browser preferences and options see Browser Setup on page 9 2 In This Chapter This chapter provides an overview of WebView and WebView functionality and includes information ab...

Страница 212: ...cript must be enabled supported Java must be enabled Style sheets must be enabled that is the colors fonts backgrounds etc of web pages should always be used rather than any user configured settings C...

Страница 213: ...d instead of the http keyword to enable WebView For example https server When using this format of the command use the no https server command to disable WebView on the switch Changing the HTTP Port T...

Страница 214: ...hanging the HTTPS Port The default secure HTTP HTTPS port is 443 the well known port number for SSL You can change the port to a number in the range 0 to 65535 using the https port command Well known...

Страница 215: ...f the browser and press Enter The WebView login screen appears 5 Enter the appropriate user ID and password the initial user name is admin and the initial password is switch After successful login the...

Страница 216: ...ugh which you can access the switch for CLI configu ration Log Out Logs the user out of the switch and ends the user session After logout the login screen appears The user can log back into the switch...

Страница 217: ...formation on using the drop down menus see Configuration Page on page 9 10 View Configuration Area The View Configuration area is where switch configuration information is displayed and where configur...

Страница 218: ...Open a web browser 2 Enter the IP address of the switch you want to configure in the browser Address field and press Enter The login screen appears 3 Enter the appropriate user ID and password at the...

Страница 219: ...store Doing so will clear the certificate error message 1 Click on the certificate error message A Certificate Invalid popup window displays 2 Click on View Certificates at the bottom of the Certifica...

Страница 220: ...ay the feature s current configuration and can also be used to configure global parameters Each Home Page also provides a Site Map shown below which displays all of the configuration options available...

Страница 221: ...you complete to configure global parameters The fields display the current configuration To change the configuration 1 Select a new value from one of the drop down lists or enter a new value in a fie...

Страница 222: ...ou can delete multiple entries but you can only modify one entry at a time Adding a New Entry To add a new entry to the table 1 Click Add on the Configuration page The Add window appears e g Add IP St...

Страница 223: ...ck Apply If successful the Modify window disappears The new configuration takes effect immediately and the modified entry appears in the table If there is an error the window will remain and an error...

Страница 224: ...option is available a toggle switch appears at the bottom left corner of the table To change views click on the toggle switch e g Expanded View For example if the table is in summary view click on Exp...

Страница 225: ...o sort in descending order click on the column heading Click again to return to the ascending order To sort on a different column click on the column heading the table will sort on that column and the...

Страница 226: ...r right corner of the table the column head ings are highlighted Next click on the primary and secondary column headings the numbers 1 and 2 appear in the primary and secondary columns Click again on...

Страница 227: ...Ns have a paging feature that loads the table data in increments of 50 or 100 entries If the table reaches this threshold the first group of entries is displayed and a Next button appears at the botto...

Страница 228: ...mote slot port By clicking on a device the Web based device manager if available is displayed for that device If a Web based device manager is not available a Telnet session may be launched A route to...

Страница 229: ...he information given in this chapter Specific page Help Each help page provides a description of the page and a description for each field To access help from any global configuration page table page...

Страница 230: ...WebView Help Using WebView page 9 20 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 231: ...d only on an OmniSwitch 6850 and 9000 In This Chapter This chapter describes SNMP and how to use it through the Command Line Interface CLI CLI commands are used in the configuration examples for more...

Страница 232: ...ng compatible with SNMPv1 and v2 and supports all the SNMPv1 and SNMPv2 PDUs SNMPv1 and SNMPv2 Authentication Community Strings SNMPv1 SNMPv2 Encryption None SNMPv1 and SNMPv2 Security requests accept...

Страница 233: ...OmniSwitch 6800 6850 9000 Switch Management Guide December 2007 page 10 3 Enables or disables SNMP authentication failure trap forwarding snmp authentication trap Disabled Parameter Description Comman...

Страница 234: ...example snmp station 199 199 100 200 8010 NMSuserV3MD5DES v3 enable Use the same command as above for specifying the IPv6 address of the management station For example snmp station 300 1 enable Note...

Страница 235: ...eges for the snmp chassis and interface command families user usermark2 read only snmp chassis interface Note Optional To verify the user account enter the show user command A partial display is shown...

Страница 236: ...passed through 1 Specify the IP address for the SNMP management station and the trap identification numbers show snmp trap filter 210 1 2 1 0 1 2 3 snmp trap filter 300 1 1 3 4 Note Optional You can v...

Страница 237: ...anguage which can be monitored by the NMS The SNMP agent contains MIB variables which have values the NMS can request or change using Get GetNext GetBulk or Set operations The agent can also send unso...

Страница 238: ...witch You must identify this station to the switch by using the snmp station CLI command The following information is needed to define an SNMP management station The IP address of the SNMP management...

Страница 239: ...e characteristics and capability characteristics Protocol Operations SNMPv2 has two new PDUs not supported by SNMPv1 The GetBulkRequest PDU enables the manager to retrieve large blocks of data efficie...

Страница 240: ...p 1 if the interface is ready to transmit and receive net work traffic it should change to dormant 5 if the interface is waiting for external actions such as a serial line waiting for an incoming conn...

Страница 241: ...ns are 1 Target VLAN is an authenticated VLAN 2 update would conflict with a binding rule 3 update would create two different VLAN entries for the same protocol 4 update would create two different pro...

Страница 242: ...kind the detected fault and allows a mapping of the data contained in chassisTrapsdataInfo chassisTrapsStrcomments Comment text explaining the fault chassisTrapsStrdataInfo Additional data provided to...

Страница 243: ...ates the operational status of installed modules includes empty slots 12 chassisTrapsMacOverlap physicalIndex chasTrapMac RangeIndex module A MAC range overlap was found in the backplane eeprom physic...

Страница 244: ...or no change 16 healthMonModuleTrap healthModule Slot healthMonRx Status healthMonRx TxStatus healthMon MemorySta tus healthMonC puStatus health Indicates a module level thresh old was crossed healthM...

Страница 245: ...face number for this Ethernet port The port number has been added to be used by the private trap ifInErrors For packet oriented interfaces the number of inbound packets that contained errors preventin...

Страница 246: ...erated at most once per gen eration ID of the neighbor For example it should be generated at the time a neighbor is first heard from if the prune bit is not set It should also be generated if the loca...

Страница 247: ...equal to risingAlarm 1 or risin gOrFallingAlarm 3 25 fallingAlarm alarmIndex alarmVariable alarmSample Type alarmValue alarmFallingTh reshold rmon An Ethernet statistical variable has dipped below its...

Страница 248: ...mirMonErrorNi The NI slot number mirMonError The Error returned by the NI which failed to configure Mirroring Monitoring 29 mirrorUnlikeNi mirmonPrima rySlot mirmonPrima ryPort mirroringSlot mirrorin...

Страница 249: ...being initialized If the MAU is not jabbering the agent returns noJabber 3 This is the normal state If the MAU is in jabber state the agent returns the jabbering 4 value 35 sessionAuthenticationTrap...

Страница 250: ...ViolationTrap lpsTrapSwitch Name lpsTrapSwitchI pAddr lpsTrapSwitch Slice lpsTrapSwitch Port lpsTrapViolat ingMac lpsTrapViola tionType systemServices Date systemServices Time bridge A Learned Port Se...

Страница 251: ...or vProtoRuleProtoClass set to values other than 10 43 unused N A N A 44 unused N A N A 45 unused N A N A 46 unused N A N A 47 pethPsePortOnOff pethPsePortDe tectionStatus module Indicates if power in...

Страница 252: ...pfNbrRtrId ospfNbrState ospf Indicates a state change of the neighbor relationship ospfRouterId A 32 bit integer uniquely identifying the router in the Autonomous System By convention to ensure unique...

Страница 253: ...entPhysicalTable 1001 1008 switches operating in pass through mode 255 unassigned slot number alaStackMgrChasRole The current role of the chassis as follows unassigned 0 primary 1 secondary 2 idle 3...

Страница 254: ...wVlanRuleTableOverloadAlert gmOverloadRu leTable gmOverloadRu leType gmOverloadRu leVlanId gmOverloadRu leMacAd dress gmOverloadRu leIpAddress gmOverloadRu leProtocol gmOverloadRu leIpxNetwork vlan An...

Страница 255: ...ue of the Link Aggregate group traplnkaggIfIndex Port of the Link Aggregate group 65 pktDrop pktDropType pktDropIfIndex pktDropCount pktDropFrag IP The pktDrop trap indicates that the sending agent ha...

Страница 256: ...laVrrp3OperMasterlpAddr in this row alaVrrp3OperMasterlpAddr The master switch s real primary for vrrp over IPv4 IP address This is the Ip address listed as the source in the advertisement last receiv...

Страница 257: ...nds For detailed information on setting up user accounts refer to the Using Switch Security chapter of this manual 2 Map the user account to a community string A community string works like a password...

Страница 258: ...ied via the snmp station CLI syntax The username and password are used by the SNMP management station along with an authentication algorithm SHA or MD5 to compute a hash that is transmitted in the PDU...

Страница 259: ...n the table below snmp security authentication all The command parameters shown in the following table define security from the lowest level no security to the highest level traps only as shown Securi...

Страница 260: ...ns Designation of particular command families for user access is sometimes referred to as partition management SNMP traps are divided into functional families as shown in the SNMP Traps Table on page...

Страница 261: ...for testing or troubleshooting purposes This is useful in the event when any traps are lost in the network To replay stored traps use the snmp trap replay command followed by the IP address for an SN...

Страница 262: ...interface 77828 healthModuleTable rmon 77829 healthPortTable rmon 77830 healthThreshInfo rmon 78849 vrrpAssoIpAddrTable vrrp 78850 vrrpOperTable vrrp 78851 vrrpOperations vrrp 78852 vrrpRouterStatsTab...

Страница 263: ...I SNMPv2 TC SNMPv2 CONF IF MIB Q BRIDGE MIB ENTITY MIB RFC 2737 Entity MIB Version 2 Standardized set of managed objects representing logical and physical entities and relationships between them SNMPv...

Страница 264: ...ined by IEEE 802 1D SNMPv2 SMI SNMPv2 TC SNMPv2 CONF BRIDGE MIB IP FORWARD MIB RFC 2096 IP Forwarding Table MIB SNMPv2 SMI SNMPv2 TC IP MIB SNMPv2 CONF IP MIB RFC 2011 SNMPv2 Management Information Ba...

Страница 265: ...SMI SNMPv2 TC SNMPv2 CONF IF MIB INET ADDRESS MIB OSPF MIB PIM MIB RFC 2934 Protocol Independent Multicast MIB for IPv4 SNMPv2 SMI SNMPv2 TC SNMPv2 CONF IF MIB IPMROUTE STD MIB Q BRIDGE MIB RFC 2674 T...

Страница 266: ...CONF SNMP FRAMEWORK MIB SNMP TARGET MIB SNMP TARGET MIB RFC 2573 SNMP Applications Proxy SNMP Entity Remote Configuration SNMPv2 SMI SNMPv2 TC SNMPv2 CONF SNMP FRAMEWORK MIB SNMP USER BASED SM MIB RFC...

Страница 267: ...MIB SNMPv2 SMI SNMPv2 TC SNMPv2 CONF IF MIB UDP MIB RFC 2013 SNMPv2 Management Information Base for the User Datagram Protocol by using SMIv2 SNMPv2 SMI SNMPv2 CONF VRRP MIB RFC 2787 Definitions of M...

Страница 268: ...d objects for the Chassis Man agement subsystem SNMPv2 SMI SNMPv2 TC SNMPv2 CONF SNMP FRAMEWORK MIB ENTITY MIB ALCATEL IND1 CONFG MGR MIB Definitions of managed objects for the Configuration Manager s...

Страница 269: ...MIB Definitions of managed objects for the IP Multicast Switching IPMS subsystem SNMPv2 SMI SNMPv2 TC SNMPv2 CONF IF MIB ALCATEL IND1 IPRM MIB Definitions of managed objects for the IP Routing Manager...

Страница 270: ...SPF subsystem SNMPv2 SMI SNMPv2 TC SNMPv2 CONF ALCATEL IND1 OSPF3 MIB Definitions of managed objects for the Open Shortest Path First 3 OSPF3 subsystem SNMPv2 SMI SNMPv2 CONF ALCATEL IND1 PARTITIONED...

Страница 271: ...Load Balancing SLB subsystem SNMPv2 SMI SNMPv2 TC SNMPv2 CONF ALCATEL IND1 SNMP AGENT MIB Definitions of managed objects for the Simple Net work Management Protocol SNMP Agent sub system SNMPv2 SMI SN...

Страница 272: ...stem SNMPv2 SMI SNMPv2 TC SNMPv2 CONF INET ADDRESS MIB IF MIB ALCATEL IND1 VRRP3 MIB Definitions of managed objects for the Virtual Router Redundancy Protocol 3 VRRP3 subsystem SNMPv2 SMI SNMPv2 TC SN...

Страница 273: ...tus show snmp statistics Displays SNMP statistics Each MIB object is listed along with its status show snmp mib family Displays SNMP MIB information Information includes MIP ID num ber MIB table name...

Страница 274: ...Verifying the SNMP Configuration Using SNMP page 10 44 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Страница 275: ...system Licensee agrees not to assign sublicense transfer pledge lease rent or share their rights under this License Agreement Licensee may retain the program media for backup purposes with retention...

Страница 276: ...HE EXCLUSION OF IMPLIED WARRANTIES SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO LICENSEE THIS WARRANTY GIVES THE LICENSEE SPECIFIC LEGAL RIGHTS LICENSEE MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM STATE TO...

Страница 277: ...hall not be deemed a waiver by that party as to subsequent enforcement of rights or subsequent actions in the event of future breaches 13 Notes to United States Government Users Software and documenta...

Страница 278: ...stribution 3 Redistributions must contain a verbatim copy of this document 4 The names and trademarks of the authors and copyright holders must not be used in advertising or otherwise to promote the s...

Страница 279: ...rights These restrictions translate to certain responsibilities for you if you distribute copies of the software or if you modify it For example if you distribute copies of such a program whether gra...

Страница 280: ...the modified program normally reads commands interactively when run you must cause it when started running for such interactive use in the most ordinary way to print or display an announcement includi...

Страница 281: ...ull compliance 5 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Program or its derivative works These a...

Страница 282: ...ver published by the Free Software Foundation 10 If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different write to the author to ask for per...

Страница 283: ...Mass Ave Cambridge MA 02139 USA Also add information on how to contact you by electronic and paper mail If the program is interactive make it output a short notice like this when it starts in an inte...

Страница 284: ...yright notice and the entire permission notice in its entirety including the disclaimer of warranties 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions...

Страница 285: ...licensed from Agranat Systems Inc Agranat Agranat has granted to Alcatel Lucent certain warranties of performance which warranties or portion thereof Alcatel Lucent now extends to Licensee IN NO EVEN...

Страница 286: ...UDES LIABILITY FOR ANY SPECIAL INDIRECT PUNITIVE INCIDENTAL AND CONSE QUENTIAL DAMAGES and iv any further distribution of the Run Time Module shall be subject to the same restrictions set forth herein...

Страница 287: ...ging commands 5 15 5 16 specifications 5 2 CLI usage verify information about 5 24 CMM 4 1 application examples 4 5 boot cfg file 4 3 cancelling a reboot 4 14 4 20 4 25 certified directory 4 3 checkin...

Страница 288: ...mand 7 7 7 21 end user profile port list command 7 21 end user profile vlan range command 7 21 errors 6 7 exit command 1 26 2 17 F File Configuration verify information about 6 14 file management appl...

Страница 289: ...ation 7 13 global settings 7 8 minimum length 7 12 user configured 7 10 pre_banner txt file 2 21 Prefix Recognition 5 11 application examples 5 12 prefixes 5 11 primary CMM swapping with the secondary...

Страница 290: ...information about 10 43 snmp security command 7 18 10 29 snmp trap filter command 10 6 software rollback configuration scenarios 4 5 specifications CLI 5 2 CMM 4 2 configuration file 6 2 file manageme...

Страница 291: ...5 browser setup 9 2 CLI commands 9 3 configuring the switch 9 8 defaults 9 2 disabling 9 3 enabling 9 3 HTTP port 9 3 on line help 9 18 Secure Socket Layer 9 3 Webview Configuring the Switch 9 8 who c...

Страница 292: ...Index Index 6 OmniSwitch 6800 6850 9000 Switch Management Guide December 2007...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды