Brocade Communications Systems FastIron Скачать руководство пользователя страница 150 | Manualshive

Страница: 150 / 388

Brocade Communications Systems FastIron Скачать руководство пользователя страница 150

The command in the first example indicates that ACL group 2 will filter incoming SNMP packets;
whereas, the command in the second example uses the ACL group called "myACL" to filter incoming
packets.Refer to "Using ACLs to restrict SNMP access" section in the

FastIron Ethernet Switch

Security Configuration Guide

for more information.

NOTE

To make configuration changes, including changes involving SNMP community strings, you must first
configure a read-write community string using the CLI. Alternatively, you must configure another
authentication method and log on to the CLI using a valid password for that method.

Displaying the SNMP community strings

To display the configured community strings, enter the following command at any CLI level.

device#show snmp server

Contact: Marshall

Location: Copy Center

Community(ro): public

Community(rw): private

Traps

Cold start: Enable

Link up: Enable

Link down: Enable

Authentication: Enable

Locked address violation: Enable

Power supply failure: Enable

Fan failure: Enable

Temperature warning: Enable

STP new root: Enable

STP topology change: Enable

ospf: Enable

Total Trap-Receiver Entries: 4

Trap-Receiver IP Address Community

1 10.95.6.211

2 10.95.5.21

Syntax:

show snmp

server

NOTE

If display of the strings is encrypted, the strings are not displayed. Encryption is enabled by default.

User-based security model

SNMP version 3 (RFC 2570 through 2575) introduces a User-Based Security model (RFC 2574) for
authentication and privacy services.

SNMP version 1 and version 2 use community strings to authenticate SNMP access to management
modules. This method can still be used for authentication. In SNMP version 3, the User-Based
Security model of SNMP can be used to secure against the following threats:

• Modification of information
• Masquerading the identity of an authorized entity
• Message stream modification
• Disclosure of information

Displaying the SNMP community strings

150

FastIron Ethernet Switch Administration Guide

53-1003625-01

«
...
148
149
150
151
152
...
»

Содержание FastIron

Страница 1: ...53 1003625 01 31 March 2015 FastIron Ethernet Switch Administration Guide Supporting FastIron Software Release 08 0 30...

Страница 2: ...r its use This informational document describes features that may not be currently available Contact a Brocade sales office for information on feature and product availability Export of technical data...

Страница 3: ...management applications 22 Configuring a global management VRF 24 Displaying management VRF information 25 Basic Software Features 29 Basic system parameter configuration 29 Entering system administr...

Страница 4: ...e Enter key after the message of the day banner 87 Setting a privileged EXEC CLI level banner 88 Displaying a console message when an incoming Telnet session is detected 88 Operations Administration a...

Страница 5: ...nfiguration notes and feature limitations 125 Hitless reload or switchover requirements and limitations 126 What happens during a Hitless switchover or failover 126 Enabling hitless failover on the FS...

Страница 6: ...views 154 SNMP version 3 traps 155 Defining an SNMP group and specifying which view is notified of traps 156 Defining the UDP port for SNMP v3 traps 156 Trap MIB changes 157 Specifying an IPv6 host a...

Страница 7: ...MED configuration 196 Enabling LLDP MED 197 Enabling SNMP notifications and Syslog messagesfor LLDP MED topology changes 197 Changing the fast start repeat count 197 Defining a location id 198 Definin...

Страница 8: ...version 5 245 sFlow support for IPv6 packets 246 sFlow configuration considerations 247 Configuring and enabling sFlow 249 Enabling sFlow forwarding 254 sFlow version 5 feature configuration 256 Confi...

Страница 9: ...297 Brocade Syslog messages 297 Power over Ethernet 339 Power over Ethernet overview 339 Power over Ethernet terms used in this chapter 339 Methods for delivering Power over Ethernet 340 PoE autodisc...

Страница 10: ...PoE ports 373 Decoupling of PoE and datalink operations on PoE LAG ports 373 Decoupling of PoE and datalink operations on regular PoE ports 374 40 Gbps Breakout Ports 377 Overview of 40 Gbps breakout...

Страница 11: ...and operands Identifies the names of user manipulated GUI elements Identifies text to enter at the GUI italic text Identifies emphasis Identifies variables Identifies document titles Courier font Iden...

Страница 12: ...backslash Notes cautions and warnings Notes cautions and warning statements may be used in this document They are listed in the order of increasing severity of potential hazards NOTE A Note provides a...

Страница 13: ...tion on contacting the Technical Assistance Center go to http www brocade com services support index html If you have purchased Brocade product support directly from Brocade use one of the following m...

Страница 14: ...oncern at Brocade and we have made every effort to ensure the accuracy and completeness of this document However if you find an error or an omission or you think that a topic needs further development...

Страница 15: ...Series ICX 7450 Series ICX 7750 Series NOTE The Brocade ICX 6430 C switch supports the same feature set as the Brocade ICX 6430 switch unless otherwise noted NOTE The Brocade ICX 6450 C12 PD switch s...

Страница 16: ...link operation health and improve fault isolation of Ethernet network to increase management capability Refer to IEEE 802 3ah EFM OAM on page 114 sFlow sample mode The sample mode can be changed to in...

Страница 17: ...betical order and follow a standard format to present syntax parameters usage guidelines examples and command history NOTE Many commands from previous FastIron releases are also included in the comman...

Страница 18: ...How command information is presented in this guide 18 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 19: ...pply to management ports Only packets that are specifically addressed to the management port MAC address or the broadcast MAC address are processed by the Layer 2 switch or Layer 3 switch All other pa...

Страница 20: ...ber of any configured trunks No port name IPG MII 0 bits time IPG GMII 0 bits time IP MTU 1500 bytes 300 second input rate 83728 bits sec 130 packets sec 0 01 utilization 300 second output rate 24 bit...

Страница 21: ...o maintain multiple routing tables and forwarding tables on the same router A management VRF can be configured to control the flow of management traffic as described in this section NOTE For informati...

Страница 22: ...bility check fails while either the management VRF or the source interface is being configured the following warning message is displayed However the configuration command is accepted The source inter...

Страница 23: ...vrf command does not affect the existing SSH connections The changes are be applied only to new incoming connection requests Telnet client When the VRF name is specified in the telnet vrf command the...

Страница 24: ...y for TFTP You cannot change in the management VRF configuration while TFTP is in progress NOTE The TFTP source interface configuration command ip tftp source interface must be compatible with the man...

Страница 25: ...gement vrf If you try to delete a management VRF that was not configured the system displays the following error message device config no management vrf red Error VRF red is not the current management...

Страница 26: ...nabled Telnet connections inbound 1 established client ip address 10 53 1 181 user is lab privilege super user using vrf default vrf 2 minutes 46 seconds in idle 2 established client ip address 10 20...

Страница 27: ...plication Displays the management application names Rx Drop Pkts Displays the number of packets dropped in the inbound traffic Tx Drop Pkts Displays the number of packets dropped in the outbound traff...

Страница 28: ...Displaying management VRF information 28 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 29: ...NOTE Before assigning or modifying any router parameters you must assign the IP subnet interface addresses for each port NOTE For information about configuring IP addresses DNS resolver DHCP assist an...

Страница 30: ...community strings refer to Security Access chapter in the FastIron Ethernet Switch Security Configuration Guide Specifying an SNMP trap receiver You can specify a trap receiver to ensure that all SNMP...

Страница 31: ...host 10 2 2 2 0 FastIron 12 device config write memory The port value parameter allows you to specify which UDP port will be used by the trap receiver This parameter allows you to configure several tr...

Страница 32: ...SNMP traps are enabled at system startup SNMP Layer 2 traps The following traps are generated on devices running Layer 2 software SNMP authentication keys Power supply failure Fan failure Cold start L...

Страница 33: ...isabled The counters include traffic that is denied by ACLs or MAC address filters To enable SNMP to display VE statistics enter the enable snmp ve statistics command device config enable snmp ve stat...

Страница 34: ...ector failed Dynamic Log Buffer 50 entries Oct 15 18 01 11 info dg logout from USER EXEC mode Oct 15 17 59 22 info dg logout from PRIVILEGE EXEC mode Oct 15 17 38 07 info dg login to PRIVILEGE EXEC mo...

Страница 35: ...tes on a client server basis The current implementation runs NTP as a secondary server and or a NTP Client As a secondary server the device operates with one or more upstream servers and one or more d...

Страница 36: ...NTP server and client can communicate using IPv4 or IPv6 address NTP implementation supports below association modes Client Server Symmetric active passive Broadcast server Broadcast client NTP suppor...

Страница 37: ...The second reason for leap seconds is that the speed of the Earth s rotation is not constant It sometimes speeds up and sometimes slows down but when averaged over long intervals the trend indicates...

Страница 38: ...SNTP configuration is already removed When the NTP server is enabled it will start listening on the NTP port for client requests and responds with the reference time Its stratum number will be the up...

Страница 39: ...m number is configured Configuring multiple machines in the same network with the master command can cause instability in timekeeping if the machines do not agree on the time NTP Client An NTP client...

Страница 40: ...red master command is not configured system clock is synchronized and the reference time is the NTP time If the local clock is not valid the system clock is not synchronized If the local clock is vali...

Страница 41: ...s of associations poll based and broadcast based NTP poll based associations The following modes are the NTP polling based associations 1 Server mode 2 Client mode 3 Symmetric Active Passive The serve...

Страница 42: ...rations involving potentially large client population Broadcast based NTP associations are also recommended for use on networks that have limited bandwidth system memory or CPU resources The devices o...

Страница 43: ...in to configure NTP you must use the clock set command to set the time on your device to within 1000 seconds of the coordinated Universal Time UTC Disable SNTP by removing all the SNTP configurations...

Страница 44: ...Enabling NTP authentication To enable Network Time Protocol NTP strict authentication use the authenticate command To disable the function use the no form of this command By default authentication is...

Страница 45: ...ment for NTP To enable or disable the VLAN containment for NTP use the access control vlan command To remove the specified NTP VLAN configuration use the no form of this command NOTE The management in...

Страница 46: ...figure the software clock to synchronize a peer or to be synchronized by a peer use the peer command A maximum of 8 NTP peers can be configured To disable this capability use the no form of this comma...

Страница 47: ...ntp ve 100 Syntax no ntp interface management 1 ethernet port ve id The management 1 parameter is the management port 1 The ethernet port parameter specifies the ethernet port number Specify the port...

Страница 48: ...80000000 03 21 29 3653007907 GMT 00 Thu Dec 01 2011 clock offset is 2 3307 msec root delay is 24 6646 msec root dispersion is 130 3376 msec peer dispersion is 84 3335 msec system poll interval is 64...

Страница 49: ...h delay offset disp 172 19 69 1 172 24 114 33 3 25 64 3 2 89 0 234 39377 2001 235 234 INIT 16 64 0 0 00 0 000 15937 synced selected candidate outlayer x falseticker configured The following table prov...

Страница 50: ...481 16 4453 18 4423 22 0025 filter disp 15 6660 0 0030 17 7730 17 7700 17 6670 17 6640 17 6610 16 6635 filter epoch 55824 56866 55686 55688 55690 55692 55694 55759 Use the show ntp associations detail...

Страница 51: ...e server to which the peer is synchronized Time Last time stamp that the peer received from its master our mode This system s mode relative to peer active passive client server bdcast bdcast client pe...

Страница 52: ...0 100 12 67 Brocade config ntp peer 10 100 12 83 NTP client mode configuration Sample CLI commands to configure the Brocade device in NTP client mode Brocade config ntp server 10 1 2 3 minpoll 5 maxpo...

Страница 53: ...n describe how to configure the port parameters shown in Basic Software Features on page 29 All Brocade ports are pre configured with default values that allow the device to be fully operational at in...

Страница 54: ...ice is not part of a stack the stack unit ID is 1 slot Specifies the slot number Can be 1 or 3 port Specifies the port number in the slot Range is from 1 to 24 24 port models or 1 to 48 48 port models...

Страница 55: ...he port number in the slot Default stacking ports in slot 2 and slot 3 are ports 1 and 2 This example shows how to specify port 2 in slot 2 of unit 3 in a stack Brocade config interface ethernet 3 2 2...

Страница 56: ...onfig interface ethernet 1 1 1 to 1 1 10 Brocade config mif 1 1 1 1 1 10 port name connected to the nearest device Syntax no port name text To remove the assigned port name use no form of the command...

Страница 57: ...information The management option specifies the management port for which you want to display the interface information The slot option specifies all the ports in a slot for which you want to display...

Страница 58: ...opper ports on devices that do not support 803 3u must be configured with like parameters such as speed 10 100 1000 duplex half full MDI MDIX and Flow Control Port speed and duplex mode configuration...

Страница 59: ...s come up they may not receive any In or Out Errors When both local and remote partners have a force mode configuration such as 100 full half or 10 full half for example ICX6610 24F 1 1 1 local link 1...

Страница 60: ...um port speed advertisement works only when auto negotiation is enabled CLI command speed duplex auto If auto negotiation is OFF the device will reject the maximum port speed advertisement configurati...

Страница 61: ...itches stack unit slotnum portnum FSX 800 and FSX 1600 chassis devices slotnum portnum FESX compact switches portnum You can list all of the ports individually use the keyword to to specify ranges of...

Страница 62: ...se the keyword in order to specify ranges of ports or a combination of both You can enable port speed down shift on one or two ports at a time 3 To disable port speed down shift enter the no form of t...

Страница 63: ...ce mode configuration MDI and MDIX configuration Brocade devices support automatic Media Dependent Interface MDI and Media Dependent Interface Crossover MDIX detection on all Gbps Ethernet Copper port...

Страница 64: ...ve v1 device config vif 1 disable Syntax disable To re enable a virtual interface enter the enable command at the Interface configuration level For example to re enable virtual interface v1 enter the...

Страница 65: ...th or without flow control Flow control is enabled by default globally and on all full duplex ports You can disable and re enable flow control at the Global CONFIG level for all ports When flow contro...

Страница 66: ...n Stackable device issuing the command for 10 100 1000M port 0 1 21 displays the following output device show interfaces ethernet 0 1 21 GigabitEthernet0 1 21 is up line protocol is up Port up for 30...

Страница 67: ...will resemble one of the following depending on the configuration If flow control negotiation is enabled and a neighbor advertises Pause Not Capable the display shows Flow Control is config enabled op...

Страница 68: ...nd XOFF default thresholds TABLE 8 Limit when Jumbo disabled of buffer limit Limit when Jumbo enabled of buffer limit 1G ports Total buffers 272 272 XOFF 240 91 216 82 XON 200 75 184 70 10G ports Tota...

Страница 69: ...d 802 3x Pause frames whether or not symmetric flow control is enabled To enable symmetric flow control globally on all full duplex data ports of a standalone unit enter the symmetric flow control ena...

Страница 70: ...enter a command such as the following device config symmetric flow control set 2 buffers 128 Total buffers modified 1G 320 10G 128 Syntax symmetric flow control set 1 2 buffers value symmetric flow c...

Страница 71: ...command you use depends on the interface type on which IPG is being configured The default interpacket gap is 96 bits time which is 9 6 microseconds for 10 Mbps Ethernet 960 nanoseconds for 100 Mbps E...

Страница 72: ...port 9 1 Syntax no ipg xgmii bit time Enter 96 192 for bit time The default is 96 bit time IPG on FastIron Stackable devices On FCX and ICX devices you can configure an IPG for each port An IPG is a...

Страница 73: ...abled oper enabled negotiation disabled Mirror disabled Monitor disabled Not member of any active trunks Not member of any configured trunks No port name Inter Packet Gap IPG is 112 bit times IP MTU 1...

Страница 74: ...and SFP transceivers on ICX devices refer to the Brocade Optics Family Datasheet on the Brocade website Enabling and disabling 100BaseFX on Chassis based and stackable devices NOTE The following proce...

Страница 75: ...1 4 gig default auto gig This command overrides the global setting and sets the negotiation mode to auto Gbps for ports 1 4 Syntax gig default neg full auto auto gig neg off NOTE When Gbps negotiation...

Страница 76: ...D For example if your VoIP phone queries for VLAN information only once upon boot up you must reboot the VoIP phone before it can accept the VLAN configuration If your phone is powered by a PoE device...

Страница 77: ...e primary port flap dampening configuration regardless of any previous configuration The Brocade device counts the number of times a port link state toggles from up to down and not from down to up The...

Страница 78: ...rror disable Port 2 1 is forced down by link error disable Use the show link error disable all command to display the ports with the port flap dampening feature enabled For FastIron Stackabledevices t...

Страница 79: ...tEthernet15 is up line protocol is up Link Error Dampening is Enabled Port up for 6 seconds Hardware is GigabitEthernet address is 0000 0000 010e bia 0000 0000 010e Configured speed auto actual 1Gbit...

Страница 80: ...where packets are echoed back to the input port In Strict Mode loop detection must be configured on the physical port In Loose Mode loop detection is configured on the VLAN of the receiving port Loose...

Страница 81: ...in one VLAN and receive packets in another VLAN In this way loop detection running in Loose Mode disables both ingress and egress ports Enabling loop detection Use the loop detection command to enabl...

Страница 82: ...cifying the recovery time interval on page 82 Syntax no errdisable recovery cause loop detection Use the no form of the command to disable this feature Specifying the recovery time interval The recove...

Страница 83: ...ports 3 You can re enable err disable ports one by one by disable then enable under interface config re enable all by clear loop detect or configure errdisable recovery cause loop detection for autom...

Страница 84: ...x actual fdx Member of 9 L2 VLANs port is tagged port state is FORWARDING BPDU guard is Disabled ROOT protect is Disabled Link Error Dampening is Disabled STP configured to ON priority is level0 Loop...

Страница 85: ...ction shutdown disable command 3 Enter the loop detection shutdown disable command Brocade config interface ethe 1 7 Brocade config if e1000 1 7 loop detection shutdown disable Periodic log message ge...

Страница 86: ...ed Brocade config banner motd Press Return Enter TEXT message End with the character Welcome to FESX A delimiting character is established on the first line of the banner motd command You begin and en...

Страница 87: ...nly Username The user can then login to the device However if the requirement to press the Enter key is enabled the following messages are displayed when accessing the switch from Telnet Authorized Ac...

Страница 88: ...re the Brocade device to display a message on the Console when a user establishes a Telnet session This message indicates where the user is connecting from and displays a configurable text message Bro...

Страница 89: ...al USB Hotplug 136 Commands 137 OAM Overview For easy software image management all Brocade devices support the download and upload of software images between the flash modules on the devices and a Tr...

Страница 90: ...c 1996 2012 Brocade Communications Systems Inc All rights reserved UNIT 1 compiled on Mar 2 2012 at 12 38 17 labeled as ICX64S07400 10360844 bytes from Primary ICX64S07400 bin SW Version 07 4 00T311 B...

Страница 91: ...P ASIC 2 type C300 rev 00 subrev 00 SL 8 SX FI 48GPP 48 port Gig Copper PoE Serial BFVxxxxxxxx P ASIC 14 type C300 rev 00 subrev 00 SL 9 SX FIZMR6 0 port Management Serial Wxxxxxxxxx License SX_V6_HW...

Страница 92: ...ash code version installed in the secondary flash area The Boot Monitor Image size line lists the boot code version installed in flash memory The device does not have separate primary and secondary fl...

Страница 93: ...commands device verify md5 secondary 01c410d6d153189a4a5d36c955653861 device Done Size 2044830 MD5 01c410d6d153189a4a5d36c955653862 Verification FAILED In the previous example the codes did not match...

Страница 94: ...r SWRxxxxx bin Layer 3 Flash timeout The operations that require access to the flash device are expected to be completed within the default flash timeout value of 12 minutes If the operations exceed t...

Страница 95: ...entered at the CLI To display a list of files stored in flash memory do one of the following For devices other than FCX and ICX enter the dir command at the monitor mode To enter monitor mode from an...

Страница 96: ...module 3 fcx xfp 2 port 10g module stack port 2 2 1 2 2 2 stack enable vlan 1 name DEFAULT VLAN by port no spanning tree metro rings 1 metro ring 1 master ring interfaces ethernet 1 1 2 ethernet 1 1...

Страница 97: ...sr OV bin snmpset c rw community string brcd ip addr 1 3 6 1 4 1 1991 1 1 2 1 5 0 ipaddress tftp ip addr 1 3 6 1 4 1 1991 1 1 2 1 6 0 octetstringascii file name 1 3 6 1 4 1 1991 1 1 2 1 7 0 integer co...

Страница 98: ...system tftp command is not supported in a stacking environment Displaying the boot preference Use the show boot preference command to display the boot sequence in the startup config and running confi...

Страница 99: ...config or write terminal command at any CLI prompt Each device can have one startup configuration file and one running configuration file The startup configuration file is shared by both flash module...

Страница 100: ...the IPv6 copy command on page 104 NOTE You can name the configuration file when you copy it to a TFTP server However when you copy a configuration file from the server to a Brocade device the file is...

Страница 101: ...configuration file that you create must follow the same syntax rules as the startup config file the device creates The configuration file is a script containing CLI configuration commands The CLI reac...

Страница 102: ...t 2 no spanning tree The CLI responds like this device config interface ethernet 2 Error cannot configure secondary ports of a trunk device config no spanning tree device config If the file contains c...

Страница 103: ...sizes for startup config file and running config Each Brocade device has a maximum allowable size for the running config and the startup config file If you use TFTP to load additional information int...

Страница 104: ...s the name of the file you want to copy to the IPv6 TFTP server The primary keyword specifies the primary boot image while the secondary keyword specifies the secondary boot image Copying a file from...

Страница 105: ...ory Copying a file to the running or startup configuration For example to copy a configuration file from an IPv6 TFTP server to the running or startup configuration enter a command such as the followi...

Страница 106: ...FC 2373 The source file name parameter specifies the name of the file you want to copy from flash memory Copying the running or startup configuration to an IPv6 TFTP server For example to copy a devic...

Страница 107: ...tftp ipv6 address source file name running config startup config The tftp ipv6 address parameter specifies the address of the TFTP server You must specify this address in hexadecimal using 16 bit valu...

Страница 108: ...r 21 Download a startup config file from a TFTP server to the flash memory of the Brocade device 22 Upload the running config from the flash memory of the Brocade device to the TFTP server 23 Download...

Страница 109: ...to occur from the primary code flash module or the secondary code flash module The default is primary Reloading after a specific amount of time To schedule a system reload to occur after a specific am...

Страница 110: ...device or TFTP server If you are copying an image file to flash first copy the other image to your TFTP server then delete it from flash Use the erase flash CLI command at the Privileged EXEC level to...

Страница 111: ...2 3at PoE Plus controller type Each PoE firmware file delivered by Brocade is meant to be used on the specific platform only If the file is used on a platform for which it is not meant then this error...

Страница 112: ...ing Configuration Guide The required parameter is the IP address or host name of the device The source ip addr specifies an IP address to be used as the origin of the ping packets The count num parame...

Страница 113: ...shown in the display as Success rate is XX percent X Y The optional max print per sec number parameter specifies the maximum number of target responses the Brocade device can display per second while...

Страница 114: ...t links in the first mile The OAM capabilities facilitate network operation and troubleshooting Basic 802 3 frames convey OAM data between two ends of the physical link EFM OAM is optional and can be...

Страница 115: ...delivery In combination with the limited rate of 10 frames per second this information can be used to limit the bandwidth allocated to OAM traffic Timers Two configurable timers control the protocol o...

Страница 116: ...mode Waits for the remote device to initiate the Discovery process Sends information PDUs May send event notification PDUs May respond to variable request PDUs May react to received loopback control...

Страница 117: ...the errdisable recovery cause loam critical event command to enable automatic recovery of ports from error disabled state The ports will recover automatically from the error disabled state upon the e...

Страница 118: ...lot port command to start or stop the remote loopback procedure on a remote device device config link oam remote loopback ethernet 2 1 1 start device config link oam remote loopback ethernet 2 1 1 sto...

Страница 119: ...10 1 4 link oam mode active link status up oam status up Local information multiplexer action forward parse action forward stable satisfied state up loopback state disabled dying gasp false critical...

Страница 120: ...s 0 dying gasp records 0 Rx statistics information OAMPDUs 377967 loopback control OAMPDUs 0 loopback control OAMPDUs dropped 0 variable request OAMPDUs 0 variable response OAMPDUs 0 unique event noti...

Страница 121: ...ollowing sample output of the show link oam statistics detail ethernet command displays detailed OAM statistics on a specific Ethernet port device config show link oam statistics detail ethernet 1 1 3...

Страница 122: ...availability feature set that ensures no loss of data traffic during the following events Management module failure or role change Software failure Addition or removal of modules Operating system upg...

Страница 123: ...nt module Some advantages of a hitless switchover over a hitless software reload are A manual switchover is quicker since the standby module does not have to reboot Switched traffic through the Ethern...

Страница 124: ...bers in hardware After the new active management module becomes operational new switched flows are learned and forwarded accordingly The Layer 2 control protocol states are not interrupted during the...

Страница 125: ...with dynamic ACLs and VLANs IPv4 ACLs IPv6 ACLs DHCP snooping Dynamic ARP inspection EAP with RADIUS IP source guard Multi device port authentication including use with dynamic ACLs and VLANs Supporte...

Страница 126: ...uration must not be classified as too large greater than 512KB A TFTP session must not be in progress An image sync session must not be in progress The current active management card cannot have a mem...

Страница 127: ...PFv2 and OSPFv3 information is copied to the standby As baseline synchronization is performed the console of the active management module displays the progress of the synchronization ACTIVE Detected S...

Страница 128: ...ync with an interface module information on the interface module can be overwritten in some cases which can cause an interruption of traffic forwarding How a Hitless switchover or failover impacts sys...

Страница 129: ...fig enter y or n n Please save the running config and try switch over again Syntax switch over activerole If this command is entered when hitless failover is disabled the following message will appear...

Страница 130: ...on fast reboot For a description of how this feature impacts major system functions refer to Supported protocols and services for hitless management events on page 123 You must have both active and st...

Страница 131: ...he hitless reload command to perform the hitless upgrade you must first copy the software image that supports hitless software upgrade onto the flash memory of the active and standby management module...

Страница 132: ...0 0 0 0 There is 0 current jumbo IPC session Possible errors recv msg no callback 2 last msg_type 20 from stack0 e1 9 Syntax show ipc device show ipc_stat Total available Hsync channel space 1048580...

Страница 133: ...r Once this period elapses the route purging starts if by then all other protocols have finished non stop routing or graceful restart When switchover occurs the route purge timer starts If non stop ro...

Страница 134: ...n mode using the vrf command 2 Configure route distinguisher using the rd command 3 Enter the IPv6 address family configuration mode using the address family ipv6 command 4 Configure the router purge...

Страница 135: ...and 10G copper module ports On ICX 7250 devices EEE is supported on 1G copper ports You may notice port flap on the port when EEE is enabled EEE is not supported on 1G fiber ports ICX7450 48F 4x10F m...

Страница 136: ...l USB and the internal flash External USB Hotplug considerations Only USB drives of up to 128 GB of any vendor type are supported USB 3 0 is not supported You can copy files of less than 2 GB only Mak...

Страница 137: ...xternal USB drive to the system s startup configuration file Refer to the FastIron Command Reference Guide for details on using the External USB Hotplug commands Commands ip hitless route purge timer...

Страница 138: ...ult is 45 seconds Modes Global configuration IPv6 address family configuration Usage Guidelines Under normal circumstances you may not need to change the value of the route purge timer If you anticipa...

Страница 139: ...a static IPv6 route for a destination network with the prefix 2001 DB8 0 32 a next hop gateway with the global address 2001 DB8 0 ee44 1 and an administrative distance of 110 enter the following comma...

Страница 140: ...port number associated with the interface If you specify a VE or tunnel interface also specify the VE or tunnel number You can also specify the next hop gateway as a tunnel interface If you specify a...

Страница 141: ...router gateway for the route The next hop ip addr is the IPv6 address of the next hop router gateway for the route NOTE The vrf needs to be a valid VRF to be used in this command IPv6 over IPv4 tunne...

Страница 142: ...nfig interface tunnel 1 device config tnif 1 tunnel source ethernet 1 3 1 device config tnif 1 tunnel destination 10 162 100 1 device config tnif 1 tunnel mode ipv6ip device config tnif 1 ipv6 enable...

Страница 143: ...all IPv6 tunnels or for a specific tunnel interface For example to clear statistics for tunnel 1 enter the following command at the Privileged EXEC level or any of the Config levels of the CLI device...

Страница 144: ...0 Tunnel mode ipv6ip No port name MTU 1480 bytes encapsulation IPV4 Syntax show interfacestunnel number The number parameter indicates the tunnel interface number for which you want to display informa...

Страница 145: ...are enabled No Inbound Access List Set No Outbound Access List Set OSPF enabled The display command above reflects the following configuration device show running config interface tunnel 1 interface...

Страница 146: ...Displaying interface level IPv6 settings 146 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 147: ...el of defense when the packet arrives at a Brocade device The next level uses one of the following methods Community string match In SNMP versions 1 and 2 User based model in SNMP version 3 SNMP views...

Страница 148: ...ge You can assign other SNMP community strings and indicate if the string is encrypted or clear By default the string is encrypted To add an encrypted community string enter commands such as the follo...

Страница 149: ...tring rw To add a non encrypted community string you must explicitly specify that you do not want the software to encrypt the string Here is an example device config snmp server community 0 private rw...

Страница 150: ...ble Link down Enable Authentication Enable Locked address violation Enable Power supply failure Enable Fan failure Enable Temperature warning Enable STP new root Enable STP topology change Enable ospf...

Страница 151: ...d 4 Create user groups using the snmp server group command Refer to Defining an SNMP group on page 152 5 Create user accounts and associate these accounts to user groups using the snmp server user com...

Страница 152: ...an SNMP user group enter a command such as the following device config snmp server group admin v3 auth read all write all Syntax no snmp server group groupname v1 v2c v3 auth noauth priv access stand...

Страница 153: ...user Specifies one of the following encryption types used to encrypt the privacy password Data Encryption Standard DES A symmetric key algorithm that uses a 56 bit key Advanced Encryption Standard AES...

Страница 154: ...curity reasons not the actual password The priv encrypted parameter is optional after you enter the md5 or sha password The priv parameter specifies the encryption type DES or AES used to encrypt the...

Страница 155: ...arameter are included in the view or excluded from the view NOTE All MIB objects are automatically excluded from any view unless they are explicitly included therefore when creating views using the sn...

Страница 156: ...standard ACL attached to the group The ipv6 ipv6 ACL name option configures IPv6 ACL for SNMP group and allows incoming SNMP packets to be filtered based on the IPv6 ACL attached to the group The rea...

Страница 157: ...TIFICATION TYPE instead of TRAP TYPE As per the SMIv2 format each notification has an OID associated with it The root node of the notification is snTraps OID enterprise foundry 0 For example OID for s...

Страница 158: ...server host ipv6 2001 DB8 89 13 Syntax snmp serverhost ipv6 ipv6 address The ipv6 address must be in hexadecimal format using 16 bit values between colons as documented in RFC 2373 Viewing IPv6 SNMP s...

Страница 159: ...nter a command such as the following device show snmp group groupname exceptifgrp security model v3 security level authNoPriv ACL id 0 IPv6 ACL name ipv6acl readview exceptif writeview none Syntax sho...

Страница 160: ...s the engine ID that needs to be used in the snmp server engineid command 1 3 6 1 6 3 15 1 1 1 0 Unsupported security level 1 3 6 1 6 3 15 1 1 2 0 Not in time packet 1 3 6 1 6 3 15 1 1 3 0 Unknown use...

Страница 161: ...nfig snmp server group admin v3 priv read internet write internet device config snmp server group restricted v3 priv read internet device config snmp server user ops ops v3 encrypted auth md5 ab8e9cd6...

Страница 162: ...Example 2 162 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 163: ...C CC Other Brocade devices listening on that address receive the updates and can display the information in the updates Brocade devices can send and receive FDP updates on Ethernet interfaces FDP is d...

Страница 164: ...lobal CONFIG level of the CLI device config fdp advertise ipv4 To configure a Layer 3 switch to advertise the IPv6 address enter the following command at the Interface level of the CLI device config i...

Страница 165: ...p neighbor command device show fdp neighbor Capability Codes R Router T Trans Bridge B Source Route Bridge S Switch H Host I IGMP r Repeater indicates a CDP device Device ID Local Int Holdtm Capabilit...

Страница 166: ...this line lists the VLAN memberships and other VLAN information for the neighbor port that sent the update to this device Entry address es The Layer 3 protocol addresses configured on the neighbor po...

Страница 167: ...for Ethernet port 2 3 The port sends FDP updates every 5 seconds Neighbors that receive the updates can hold them for up to 180 seconds before discarding them Syntax show fdp interface ethernet port...

Страница 168: ...version 1 and CDP version 2 packets NOTE The Brocade device can interpret only the information fields that are common to both CDP version 1 and CDP version 2 NOTE When you enable interception of CDP p...

Страница 169: ...dress es IP address 10 95 6 143 Platform cisco RSP4 Capabilities Router Interface Eth 1 1 Port ID outgoing port FastEthernet5 0 0 Holdtime 150 seconds Version Cisco Internetwork Operating System Softw...

Страница 170: ...FastEthernet5 0 0 Holdtime 156 seconds Version Cisco Internetwork Operating System Software IOS tm RSP Software RSP JSV M Version 12 0 5 T1 RELEASE SOFTWARE fc1 Copyright c 1986 1999 by cisco Systems...

Страница 171: ...Foundry Discovery Protocol FDP and Cisco Discovery Protocol CDP Packets FastIron Ethernet Switch Administration Guide 171 53 1003625 01...

Страница 172: ...Clearing CDP information 172 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 173: ...ents frames or send LLDP advertisements only or receive LLDP advertisements only LLDP media endpoint devices LLDP MED The Layer 2 network discovery protocol extension described in the ANSI TIA 1057 st...

Страница 174: ...LDP the advertisement is stored by the receiving device in a standard Management Information Base MIB accessible by a Network Management System NMS using a management protocol such as the Simple Netwo...

Страница 175: ...ter or WLAN access point Network troubleshooting Information generated by LLDP can be used to detect speed and duplex mismatches Accurate topologies simplify troubleshooting within enterprise networks...

Страница 176: ...or IP telephony Collects Endpoint inventory information Network troubleshooting Helps to detect improper network policy configuration LLDP MED class An LLDP MED class specifies an Endpoint type and it...

Страница 177: ...ion from another LLDP agent nor can it acknowledge information received from another LLDP agent LLDP operating modes When LLDP is enabled on a global basis by default each port on the Brocade device w...

Страница 178: ...nown as type length value TLV TLVs have Type Length and Value fields where Type identifies the kind of information being sent Length indicates the length in octets of the information string Value is t...

Страница 179: ...frame size LLDP MED TLVs Brocade devices honor and send the following LLDP MED TLVs as defined in the TIA 1057 standard LLDP MED capabilities Network policy Location identification Extended power via...

Страница 180: ...ay output on the Brocade device show lldp local info Chassis ID MAC address 0000 0033 e2c0 The chassis ID TLV is always the first TLV in the LLDPDU Port ID The Port ID identifies the port from which L...

Страница 181: ...LLDP in its MIB The TTL value is automatically computed based on the LLDP configuration settings The TTL value will appear similar to the following on the remote device and in the CLI display output...

Страница 182: ...h information related to topology changes These Syslog messages correspond to the lldpXMedTopologyChangeDetected SNMP notifications Refer to Enabling SNMP notifications and Syslog messagesfor LLDP MED...

Страница 183: ...ically set to 2 seconds LLDP configuration notes and considerations LLDP is supported on Ethernet interfaces only If a port is 802 1X enabled the transmission and reception of LLDP packets will only t...

Страница 184: ...ets or change the operating mode to one of the following Transmit LLDP information only Receive LLDP information only You can configure a different operating mode for each port on the Brocade device F...

Страница 185: ...he transmit only mode you will configure the port to both transmit and receive LLDP packets NOTE LLDP MED is not enabled when you enable the receive only operating mode To enable LLDP MED you must con...

Страница 186: ...ords to enable the LLDP processing on 802 1x blocked ports use the lldp pass through configuration command Enabling LLDP processing on 802 1x blocked port To enable the LLDP processing on all 802 1x b...

Страница 187: ...is a number from 1 to 64 The default is number of LLDP neighbors per port is four Use the show lldp command to view the configuration Enabling LLDP SNMP notifications and Syslog messages SNMP notifica...

Страница 188: ...an LLDP agent can send within a specified time frame When you enable LLDP the system automatically sets the LLDP transmit delay timer to two seconds If desired you can change the default behavior fro...

Страница 189: ...automatically sets the holdtime multiplier for TTL to four If desired you can change the default behavior from four to a value between two and ten To compute the TTL value the system multiplies the L...

Страница 190: ...ly advertised System name 802 1 capabilities VLAN name not automatically advertised Untagged VLAN ID 802 3 capabilities Link aggregation information MAC PHY configuration and status Maximum frame size...

Страница 191: ...ed To advertise a IPv4 management address enter a command such as the following device config lldp advertise management address ipv4 10 157 2 1 ports e 1 4 The management address will appear similar t...

Страница 192: ...l route only feature is turned on the bridge capability will not be included since no bridging takes place By default the system capabilities are automatically advertised when LLDP is enabled on a glo...

Страница 193: ...de device show lldp local info System name FCX624SHPOE ADV Router Syntax no lldp advertise system name ports ethernet port list all 802 1 capabilities Except for the VLAN name the Brocade device will...

Страница 194: ...DI information not automatically advertised Link aggregation TLV The link aggregation time length value TLV indicates the following Whether the link is capable of being aggregated Whether the link is...

Страница 195: ...maximum 802 3 frame size capability of the port This value is expressed in octets and includes the four octet Frame Check Sequence FCS The default maximum frame size is 1522 The advertised value may c...

Страница 196: ...llable Syntax no lldp advertise power via mdi ports ethernet port list all LLDP MED configuration This section provides the details for configuring LLDP MED The following table lists the global and in...

Страница 197: ...responding Syslog messages are enabled as well When you enable LLDP MED SNMP notifications the device will send traps and Syslog messages when an LLDP MED Endpoint neighbor entry is added or removed S...

Страница 198: ...ID formats are defined in the following sections Coordinate based location Coordinate based location is based on the IETF RFC 3825 6 standard which specifies a Dynamic Host Configuration Protocol DHCP...

Страница 199: ...pecify one of the following wgs84 geographical 3D World Geodesic System 1984 CRS Code 4327 Prime Meridian Name Greenwich nad83 navd88 North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenw...

Страница 200: ...he entry refers to Specify one of the following client dhcp server network element where dhcp server or network element should only be used if it is known that the Endpoint is in close physical proxim...

Страница 201: ...County Japan City or rural area Korea County United States County 3 City township or shi JP Examples Canada City or town Germany City Japan Ward or village Korea City or village United States City or...

Страница 202: ...house number Example A 1 2 21 Landmark or vanity address A string name for a location It conveys a common local designation of a structure a group of buildings or a place that helps to locate the plac...

Страница 203: ...ame When the postal community name is defined the civic community name typically CA type 3 is replaced by this value Example Alviso 31 Post office box P O box When a P O box is defined the street addr...

Страница 204: ...om the North America Numbering Plan format supplied to the Public Safety Answering Point PSAP for ECS purposes To configure an ECS based location for LLDP MED enter a command such as the following at...

Страница 205: ...licy differs for tagged untagged and priority tagged traffic Refer to the appropriate syntax below For tagged traffic Syntax no lldp med network policy application application type taggedvlan vlan ID...

Страница 206: ...hat the specified application type will use untagged indicates that the device is using an untagged frame format priority tagged indicates that the device uses priority tagged frames In this case the...

Страница 207: ...ess power to the Endpoint while making more power available to other ports The LLDP MED Power via MDI TLV advertises an Endpoint IEEE 802 3af power related information including the following Power ty...

Страница 208: ...at that instance is less than the advertised power draw For a PSE Network Connectivity device the power level represents the amount of power that is available on the port at the time If the PSE is op...

Страница 209: ...start repeat count 3 LLDP maximum neighbors 392 LLDP maximum neighbors per port 4 Syntax show lldp The following table describes the information displayed by the show lldp statistics command Field Des...

Страница 210: ...4 60963 121925 0 0 0 0 0 5 0 0 0 0 0 0 0 6 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 9 0 0 0 0 0 0 0 10 60974 0 0 0 0 0 0 11 0 0 0 0 0 0 0 12 0 0 0 0 0 0 0 13 0 0 0 0 0 0 0 14 0 0 0 0 0 0 0 Synta...

Страница 211: ...ined by the system and can be viewed in the output of the show LLDP neighbors detail command or retrieved through SNMP Rx TLVs Discarded The number of TLVs the port received then discarded Neighbors A...

Страница 212: ...report NOTE The show lldp neighbors detail output will vary depending on the data received Also values that are not recognized or do not have a recognizable format may be displayed in hexadecimal bin...

Страница 213: ...details for all ports Displaying LLDP configuration details The show lldp local info command displays the local information advertisements TLVs that will be transmitted by the LLDP agent NOTE The sho...

Страница 214: ...erica Pkwy CA Type 24 CA Value 95054 CA Type 27 CA Value 5 CA Type 28 CA Value 551 CA Type 29 CA Value office CA Type 23 CA Value John Doe MED Location ID Data Format ECS ELIN Value 1234567890 MED Ext...

Страница 215: ...nformation after a port becomes disabled and the LLDP neighbor information ages out However if a port is disabled then re enabled before the neighbor information ages out the device will clear the cac...

Страница 216: ...Clearing cached LLDP neighbor information 216 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 217: ...L 2CX4 SX FI624100FX SX FI 24HF SX FI424C SX FI624C SX FI 24GPP SX FI424P SX FI624HF SX FI424F SX FI624P SX FI424HF SX FI62XG SX FI42XG Throughput is 100 percent when only SX third generation modules...

Страница 218: ...such as the following at the Privileged EXEC level of the CLI device phy cable diagnostics tdr 1 1 1 The clear diag tdr command clears results of any previous TDR test from test registers for port 1 1...

Страница 219: ...ed Syntax show cable diagnostics tdr stackid slot port In the output shown Local pair indicates the assignment of wire pairs from left to right where Pair A is the left most pair The following table s...

Страница 220: ...n configure your Brocade device to monitor optical transceivers in the system either globally or by specified ports When this feature is enabled the system will monitor the temperature and signal powe...

Страница 221: ...e same function That is they both disable digital optical monitoring Displaying information about installed media Use the show media show media slot and show media ethernet commands to obtain informat...

Страница 222: ...e 100M M FX LR SFP Vendor Brocade Communications Inc Version A Part FTLF1323P1BTL FD Serial UD3085J Port 1 10 Type EMPTY Port 1 11 Type 100M M FX SR SFP Vendor Brocade Communications Inc Version A Par...

Страница 223: ...c slot 4 Port Temperature Tx Power Rx Power Tx Bias Current 4 1 30 8242 C 001 8822 dBm 002 5908 dBm 41 790 mA Normal Normal Normal Normal 4 2 31 7070 C 001 4116 dBm 006 4092 dBm 41 976 mA Normal Norma...

Страница 224: ...e Description Low Alarm Monitored level has dropped below the low alarm threshold set by the manufacturer of the optical transceiver Low Warn Monitored level has dropped below the low warn threshold s...

Страница 225: ...that these values are set by the manufacturer of the optical transceiver and cannot be configured Syslog messages for optical transceivers The system generates Syslog messages for optical transceiver...

Страница 226: ...es 10G SFPP TWX 0101 FCoE 1M Active Cable 58 1000026 01 No 10G SFPP TWX 0301 FCoE 3M Active Cable 58 1000027 01 No 10G SFPP TWX 0501 FCoE 5M Active Cable 58 1000023 01 No 10G SFPP ER 10GBase ER SFP 40...

Страница 227: ...32 Label Type Brocade part number Supports Digital Optical Monitoring 40Ge LR4 40GE LR4 10km QSFP LC 57 1000263 01 Yes 40GE SR4 100m QSFP 57 1000128 1 Yes Hardware Component Monitoring FastIron Ether...

Страница 228: ...FastIron Fiber optic Transceivers 228 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 229: ...U Slot 9 SW Version 04 3 00b17T3e3 Copyright c 1996 2008 Brocade Communications Inc Inc Compiled on Sep 25 2008 at 04 09 20 labeled as SXR04300b17 4031365 bytes from Secondary sxr04300b17 bin BootROM...

Страница 230: ...ize 1835008 Version 10 1 03T205 swz10103b003 HW Stackable ICX7750 26Q Internal USB Serial 40D41E003CF90029 Vendor UNIGEN Total size 1910 MB UNIT 1 SL 1 ICX7750 20QXG 20 port Management Module Serial C...

Страница 231: ...r all the ports including management ports are cleared and the elapsed time is calculated and displayed for each of the interfaces When the management interface is cleared using the clear statistics m...

Страница 232: ...utBroadcastPkts 3 InMulticastPkts 63180114 OutMulticastPkts 63428165 InUnicastPkts OutUnicastPkts InBadPkts InFragments InDiscards OutErrors CRC Collisions InErrors LateCollisions InGiantPkts 0 InShor...

Страница 233: ...sent The count includes unicast multicast and broadcast packets InBroadcastPkts The total number of good broadcast packets received OutBroadcastPkts The total number of good broadcast packets sent In...

Страница 234: ...o of errors to total traffic is acceptable for half duplex connections If the ratio of errors to input packets is greater than two or three percent performance degradation could be noticed In half dup...

Страница 235: ...of bits received per second OutBitsPerSec The number of bits sent per second InPktsPerSec The number of packets received per second OutPktsPerSec The number of packets sent per second InUtilization Th...

Страница 236: ...nter values command the counters are cleared reset to zero For each port region you can enable a maximum of two traffic counters regardless of whether traffic counters are enabled on individual ports...

Страница 237: ...N ID for which outbound traffic will be counted Enter a number from 0 4095 or enter all to indicate all VLANs The priority queue parameter identifies the 802 1p priority queue for which traffic will b...

Страница 238: ...ration A Layer 2 protocol e g spanning tree had the port in a Blocked state The source port was suppressed for multi target packets The priority queue specified in the traffic counter was not allowed...

Страница 239: ...e ethernet port Specify the port variable in the format stack unit slotnum portnum Egress queue statistics TABLE 35 Parameter Description Queue counters The QoS traffic class Queued packets The number...

Страница 240: ...icasts 0 output errors 0 collisions Relay Agent Information option Disabled Egress queues Queue counters Queued packets Dropped Packets 0 0 0 1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 Clearing the egr...

Страница 241: ...terface The interface group collects statistics on total traffic into and out of the agent interface No configuration is required to activate collection of statistics for the Layer 2 Switch or Layer 3...

Страница 242: ...total number of good packets received that were directed to the broadcast address This number does not include multicast packets Multicast pkts The total number of good packets received that were dir...

Страница 243: ...ot include framing bits but does include FCS octets NOTE 48GC modules do not support count information on jabbers and report 0 Collisions The best estimate of the total number of collisions on this Et...

Страница 244: ...shown below device config rmon history 1 interface 1 buckets 10 interval 10 owner nyc02 Syntax rmon historyentry number interface port buckets number interval sampling interval owner text string You c...

Страница 245: ...When sFlow is enabled on a Layer 2 or Layer 3 switch the system performs the following sFlow related tasks Samples traffic flows by copying packet header information Identifies ingress and egress int...

Страница 246: ...6 packets exists only on devices running software that supports IPv6 The configuration procedures for this feature are the same as for IPv4 except where the collector is a link local address on a Laye...

Страница 247: ...slight and noticeable increase of up to 20 in CPU utilization In typical scenarios this is normal behavior for sFlow and does not affect the functionality of other features on the switch sFlow and ag...

Страница 248: ...4 and the sFlow source is configured for IPv4 address then an IPv4 address will be selected from the configured interface At any point of time only one source of the Ethernet VE or loopback interface...

Страница 249: ...w and port monitoring together on the same port FastIron X Series devices support port monitoring and sFlow together on the same device The caveat is that these features cannot be configured together...

Страница 250: ...ng an sFlow collector on IPv6 devices To specify an sFlow collector on an IPv6 device enter a command such as the following device config sflow destination ipv6 2001 DB8 0 0b 02a This command specifie...

Страница 251: ...e mode command NOTE The sflow sample mode command is not supported on Brocade ICX 7750 Brocade ICX 7450 Brocade ICX 7250 Brocade ICX 6430 Brocade ICX 6650 and FSX 800 1600 devices Changing the samplin...

Страница 252: ...ing factor for port 4 2 will be 1 meaning that every sample taken by the hardware will be exported while the subsampling factor for port 4 8 will be 4 meaning that one out of every four samples taken...

Страница 253: ...pling rate This is useful in cases where ports have different bandwidths For example if you are using sFlow on 10 100 ports and Gbps Ethernet ports you might want to configure the Gbps ports to use a...

Страница 254: ...ch sample will be taken The software rounds the value you enter up to the next odd power of 2 The actual sampling rate becomes one of the values listed in the section Changing the sampling rate NOTE C...

Страница 255: ...rwarding enter the following command device config sflow enable You can now enable sFlow forwarding on individual ports as described in the next two sections Syntax no sflow enable Enabling sFlow forw...

Страница 256: ...face ID for sampled broadcast and multicast packets For broadcast and multicast traffic the egress interface ID for sampled traffic is always 0x80000000 When broadcast and multicast packets are sample...

Страница 257: ...ou can specify the maximum size of the flow sample sent to the sFlow collector If a packet is larger than the specified maximum size then only the contents of the packet up to the specified maximum nu...

Страница 258: ...Brocade device to export data destined to the CPU to the sFlow collector enter the following command device config sflow export cpu traffic Syntax no sflow export cpu traffic By default this feature...

Страница 259: ...e source destination IP and the same incoming outgoing port the VLAN field differs in the two samples A VLAN VE can only belong to one VRF The collector does not have any VRF knowledge but based on th...

Страница 260: ...512 actual rate 512 Subsampling factor 1 Port 5 17 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 16 configured rate 1500 actual rate 2048 Subsampling factor 4 Port 5 15 configured...

Страница 261: ...ndicates how many have been configured Configured UDP source port The UDP source port used to send data to the collector Polling interval The port counter polling interval Configured default sampling...

Страница 262: ...The ports on which you enabled sFlow Module Sampling Rates The configured and actual sampling rates for each module If a module does not have any sFlow enabled ports the rates are listed as 0 Port Sa...

Страница 263: ...ands in this example configure a link utilization list with port 1 1 as the uplink port and ports 1 2 and 1 3 as the downlink ports device config relative utilization 1 uplink eth 1 1 downlink eth 1 2...

Страница 264: ...not always equal 100 This is true in cases where the ports exchange some traffic with other ports in the system or when the downlink ports are configured together in a port based VLAN In the following...

Страница 265: ...egister it increments the relevant error count by 1 Otherwise it restarts the timer and waits for the given interval Hardware error registers are cleared when read so after Sysmon reads the value they...

Страница 266: ...r rolls over On the other hand if you choose logging to syslog messages are sent to the configured syslog servers Configure system monitoring You can use the following commands at the privileged EXEC...

Страница 267: ...lobal level The no form of this command resets the parameter to default value Syntax sysmon log backoff number no sysmon log backoff Parameters number Specifies the number of times to skip an event lo...

Страница 268: ...ine the global value later the latest value prevails The threshold is defined as N W where N is the number of events and W is the number of consecutive polling periods When the threshold is reached ac...

Страница 269: ...persists it will be continuously logged internally and or externally to syslog as defined by the action The log back off count skips configured number of logs before logging again action Specifies the...

Страница 270: ...ke when the error count exceeds the specified threshold and log back off values none The error is logged in the internal sysmon logs This is the default value syslog The error is logged to syslog Mode...

Страница 271: ...ggered events Specifies the threshold in terms of the number of events Valid values are 1 through 10 polling interval Specifies the number of polling windows The device polls the internal registers at...

Страница 272: ...W implies that there is no threshold and no event will be triggered events Specifies the threshold in terms of the number of events Valid values are 1 through 10 polling interval Specifies the number...

Страница 273: ...ures system monitoring for cross bar errors The no form of this command resets the parameters to default values Syntax sysmon xbar error count threshold events polling interval log backoff value actio...

Страница 274: ...ing interval log backoff value action none syslog no sysmon xbar link Parameters threshold Defines the failure threshold for the fabric adapter error count event The threshold is defined as N W where...

Страница 275: ...C errors ConfigTable0 errors TCAM error TCAM action parity errors Token bucket priority parity errors State variable parity errors Link list RAM ECC errors FBUF RAM ECC errors Egress VLAN parity error...

Страница 276: ...voids overflow of the internal log or of the syslog action Specifies the action to take when the error count exceeds the specified threshold and log back off values none No action is taken This is the...

Страница 277: ...sysmon counters for cross bar You can specify all or a cross bar identified by the index error Clears the cross bar sysmon error counters You can specify all or a cross bar identified by the index lin...

Страница 278: ...gs Aug 3 03 59 22 C Sysmon XBAR LINK SFM1 XBAR1 FPORT0 NO SYNC Aug 3 03 59 22 C Sysmon FA Link SLOT9 FA16 Link0 HG Link error Aug 3 03 58 22 W Sysmon PP ERROR SLOT4 PP6 error occurred Aug 3 03 59 34 W...

Страница 279: ...nit on which errors to be displayed all Displays errors for all stack units link error Displays the link error count on FCX and ICX devices This option is not supported on FSX devices stack unit Speci...

Страница 280: ...r 0 Sysmon SFM 1 xbar 0 HG link Rx error detected number of times HG link BadLen BadHeader ReformatErr 0 0 0 0 1 0 0 0 2 0 1 0 3 0 0 0 4 0 0 0 5 0 0 0 6 0 0 0 7 0 0 0 8 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0...

Страница 281: ...s Stacking unit 4 FCX Link error detect Port 24 Link error detect 0 remote fault detect 0 lane error detect 0 Port 25 Link error detect 0 remote fault detect 0 lane error detect 0 Port 26 Link error d...

Страница 282: ...Event FA_LINK Enabled Threshold 2 10 Log Backoff Number 10 Action log internal syslog Sysmon Event XBAR_ERROR_COUNT Enabled Threshold 2 10 Log Backoff Number 10 Action log internal syslog Sysmon Event...

Страница 283: ...llowing command displays the statistics for all SFMs on the device Brocade config show sysmon system sfm all SFM 1 Xbar 2 X link Status FlowCtrl FA dev Link Status FlowCtrl 2 OK 0x0 19 0 OK 0x0 3 OK 0...

Страница 284: ...show sysmon system sfm 284 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 285: ...ce to retain Syslog messages after a soft reboot reload command Refer to Retaining Syslog messages after a soft reboot on page 293 The Syslog service on a Syslog server receives logging messages from...

Страница 286: ...y of Syslog messages on the management console When you enable this feature the software displays a Syslog message on the management console when the message is generated However to enable display of...

Страница 287: ...gging is enabled by default with the following settings Messages of all severity levels Emergencies Debugging are logged By default up to 50 messages are retained in the local Syslog buffer This can b...

Страница 288: ...e letter codes Static and dynamic buffers The software provides two buffers Static logs power supply failures fan failures and temperature warning or shutdown messages Dynamic logs all other message t...

Страница 289: ...on whether you have set the time and date on the onboard system clock If you have set the time and date on the onboard system clock the date and time are shown in the following format mm dd hh mm ss w...

Страница 290: ...was generated when the device had been running for 21 days seven hours two minutes and 40 seconds device show logging Syslog logging enabled 0 messages dropped 0 flushes 0 overruns Buffer logging leve...

Страница 291: ...no logging buffered debugging device config no logging buffered informational Syntax no loggingbuffered level num entries The level parameter can have one of the following values alerts critical debu...

Страница 292: ...gure the Brocade device to use two Syslog servers the device uses the same facility on both servers device config logging facility local0 Syntax loggingfacility facility name The facility name can be...

Страница 293: ...logging Syslog logging enabled 0 messages dropped 0 flushes 0 overruns Buffer logging level ACDMEINW 3 messages logged level code A alert C critical D debugging M emergency E error I informational N...

Страница 294: ...yslog messages from the local buffer To clear the Syslog messages stored in the local buffer of the Brocade device enter the clear logging command device clear logging Syntax clear logging Syslog mess...

Страница 295: ...e in slot 5 encountered unrecoverable PCI config read failure Module will be deleted 0d00h00m02s A System Module in slot 5 encountered PCI config read error Bus 10 Dev 3 Reg Offset 0 0d00h00m00s W Sys...

Страница 296: ...Syslog messages for hardware errors 296 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 297: ...nformational Debugging Brocade Syslog messages Message num modules modules and 1 power supply need more power supply Explanation Indicates that the chassis needs more power supplies to run the modules...

Страница 298: ...s enabled for the port but the RADIUS Access Accept message did not include VLAN information This is treated as an authentication failure Message Level Alert Message MAC Authentication failed for mac...

Страница 299: ...ndicates the chassis slot containing the module The module state can be one of the following active standby crashed coming up unknown Message Level Alert Message OSPF LSA Overflow LSA Type lsa type Ex...

Страница 300: ...he memory address is in hexadecimal format Message Level Alert Message System Module in slot slot num encountered PCI memory write error Mem Addr memory address Explanation The module encountered a ha...

Страница 301: ...alidation failure The module will be disabled or powered down Message Level Alert Message System Module in slot slot num encountered unrecoverable PCI memory read failure Module will be deleted Explan...

Страница 302: ...e module Message Level Alert Message Authentication shut down portnum due to DOS attack Explanation Denial of Service DoS attack protection was enabled for multi device port authentication on the spec...

Страница 303: ...AC Filter applied to port port id by username from session id filter id filter ids Explanation Indicates a MAC address filter was applied to the specified port by the specified user during the specifi...

Страница 304: ...hile singleton was configured on the port Message Level Informational Message user name login to PRIVILEGED mode Explanation A user has logged into the Privileged EXEC mode of the CLI The user name is...

Страница 305: ...ge root ID Message Level Informational Message Bridge root changed vlan vlan id new root ID string root interface portnum Explanation A Spanning Tree Protocol STP topology change has occurred The vlan...

Страница 306: ...t member of a VE virtual interface Explanation The RADIUS server returned an IP ACL or MAC address filter but the port is a member of a virtual interface VE Message Level Informational Message DOT1X p...

Страница 307: ...onfiguration Message Level Informational Message DOT1X port portnum MAC mac address Invalid MAC filter ID this ID is user defined and cannot be used Explanation The port was assigned a MAC address fil...

Страница 308: ...on could not take place on the port This happened because strict security mode was enabled and one of the following occurred Insufficient system resources were available on the device to apply an IP A...

Страница 309: ...only password deleted added modified from console telnet ssh snmp OR Line password deleted added modified from console telnet ssh snmp Explanation A user created re configured or deleted an Enable or...

Страница 310: ...protocol up Explanation The line protocol on a port has come up The portnum is the port number Message Level Informational Message Interface portnum state down Explanation A port has gone down The por...

Страница 311: ...xplanation BPDU guard violation occurred in MSTP Message Level Informational Message OPTICAL MONITORING port port number is not capable Explanation The optical transceiver is qualified by Brocade but...

Страница 312: ...SER PRIVILEGE EXEC mode Explanation The specified user logged into the device using Telnet or SSH from either or both the specified IP address and MAC address The user logged into the specified EXEC m...

Страница 313: ...Explanation A user enabled or disabled an SSH or Telnet session or changed the SSH enable disable configuration through the SNMP console SSH or Telnet session Message Level Informational Message start...

Страница 314: ...re has detected a superior BPDU and goes into the inconsistent state on vlan id port id Message Level Informational Message STP VLAN vlan id BPDU guard port port number detect Received BPDU putting in...

Страница 315: ...l Informational Message System Fan speed changed automatically to fan speed Explanation The system automatically changed the fan speed to the speed specified in this message Message Level Informationa...

Страница 316: ...slot port to unit slot port on vlan id Explanation A MAC address is deleted from a range of interfaces which are members of the specified VLAN Message Level Informational Message System Static MAC ent...

Страница 317: ...ber of minutes Message Level Informational Message Trunk group ports created by 802 3ad link aggregation module Explanation 802 3ad link aggregation is configured on the device and the feature has dyn...

Страница 318: ...ormational Message Stack Stack unit unit has been added to the stack system Explanation The specified unit has been added to the stacking system Message Level Informational Message System Management M...

Страница 319: ...Temperature actual temp C degrees warning level warning temp C degrees shutdown level shutdown temp C degrees Explanation The actual temperature reading for a unit in a stack is above the warning tem...

Страница 320: ...on 802 1W selected a new root bridge as a result of the BPDUs received on a bridge port Message Level Informational Message vlan vlan id New RootPort portnum RootSelection Explanation 802 1W changed t...

Страница 321: ...e allowed on an individual interface has been exceeded The rate indicates the maximum rate allowed The portnum indicates the port This message can occur if fragment thottling is enabled Message Level...

Страница 322: ...portnum type number drop Explanation Indicates that the DHCP client receives DHCP server reply packets on untrusted ports and packets are dropped Message Level Notification Message DOT1X issues softw...

Страница 323: ...S has come up The system id is the system ID of the IS IS The circuit id is the ID of the circuit over which the adjacency was established Message Level Notification Message ISIS L2 ADJACENCY DOWN sys...

Страница 324: ...the victim of a TCP SYN DoS attack All TCP SYN packets will be dropped for the number of seconds specified by the locku p value When the lockup period expires the packet counter is reset and measureme...

Страница 325: ...emoved from slot slot num Explanation Indicates that a module was removed from a chassis slot The slot num is the number of the chassis slot from which the module was removed Message Level Notificatio...

Страница 326: ...ntication failure network mask mismatch hello interval mismatch dead interval mismatch option mismatch unknown The packet type can be one of the following hello database description link state request...

Страница 327: ...interface received a bad packet The router id is the router ID of the Brocade device The ip addr is the IP address of the interface on the Brocade device The src ip addr is the IP address of the inter...

Страница 328: ...eived an OSPF packet with an invalid type The parameters are the same as for the Bad Checksum message The pkt type type value is unknown indicating that the packet type is invalid Message Level Notifi...

Страница 329: ...ription link state request link state update link state ack unknown The lsa type is the type of LSA The lsa id is the LSA ID The lsa router id is the LSA router ID Message Level Notification Message O...

Страница 330: ...anged The router id is the router ID of the Brocade device The ip addr is the IP address of the neighbor The nbr router id is the router ID of the neighbor The ospf state indicates the state to which...

Страница 331: ...bad version area mismatch unknown NBMA neighbor unknown virtual neighbor authentication type mismatch authentication failure network mask mismatch hello interval mismatch dead interval mismatch option...

Страница 332: ...nknown Message Level Notification Message OSPF virtual intf rcvd bad pkt rid router id intf addr ip addr pkt src addr src ip addr pkt type pkt type Explanation Indicates that an OSPF interface receive...

Страница 333: ...lsa type is the type of LSA The lsa id is the LSA ID The lsa router id is the LSA router ID Message Level Notification Message OSPF virtual intf state changed rid router id area area id nbr ip addr st...

Страница 334: ...nation Threshold parameters for ICMP transit through traffic have been configured on an interface and the maximum burst size for ICMP packets on the interface has been exceeded The portnum is the port...

Страница 335: ...The portnum is the port or interface where VRRP or VRRP E is configured The virtual router id is the virtual router ID VRID configured on the interface The vrrp state can be one of the following init...

Страница 336: ...ddr Explanation Port has received a query with a MLD version that does not match the port MLD version This message is rated limited to appear a maximum of once every 10 hours Message Level Warning Mes...

Страница 337: ...y packets matching the values above were dropped during the five minute interval represented by the log entry Message Level Warning Message multicast no software resource resource name rate limited nu...

Страница 338: ...of the filter list The direction indicates whether the filter was applied to incoming packets or outgoing packets The value can be one of the following in out The V1 or V2 value specifies the RIP vers...

Страница 339: ...ture enabling multicast enabled full streaming audio and video applications for converged services such as Voice over IP VoIP Wireless Local Area Access WLAN points IP surveillance cameras and other I...

Страница 340: ...n the two pairs 802 3af and 802 3at compliant PDs are able to accept power from either set of pairs Brocade PoE devices use the Endspan method compliant with the 802 3af and 802 3at standards The Ends...

Страница 341: ...ch and the PD and delivers power over the network using the spare pairs of wires Alternative B The intermediate device has multiple channels typically 6 to 24 and each of the channels has data input a...

Страница 342: ...ched to the network When an 802 3af or 802 3at compatible device is plugged into a PoE PoE or PoH port the PD reflects test voltage back to the power sourcing device the Brocade device ultimately caus...

Страница 343: ...the power supply or power supplies Each PoE or PoE port supports a maximum of 15 4 or 30 watts of power per power consuming device Each PoH port supports a maximum of 95 watts of power lower wattage...

Страница 344: ...command to display detailed information about the PoE power supplies installed in a FastIron PoE device For more information refer to section Displaying detailed information about PoE power supplies...

Страница 345: ...installed in a chassis that is operating with 54 volt capable power supplies that are not actively providing power the system configures the power supplies to operate at 52 volts In this case the new...

Страница 346: ...surveillance cameras IP surveillance technology provides digital streaming of video over Ethernet providing real time remote access to video feeds from cameras The main benefit of using IP surveillan...

Страница 347: ...ll it individually on every switch in the stack NOTE The CLI syntax to install PoE firmware is different on FSX FCX and ICX platforms NOTE Installation of PoE firmware interrupts PoE services on the i...

Страница 348: ...9 because of power management PoE Power disabled on port 3 1 10 because of power management PoE Power disabled on port 3 1 11 because of power management PoE Power disabled on port 3 1 12 because of p...

Страница 349: ...of 30000 mwatts on port 3 1 21 Will retry when more power budget PoE Failed power allocation of 30000 mwatts on port 3 1 22 Will retry when more power budget PoE Failed power allocation of 30000 mwat...

Страница 350: ...rmware Download on slot 1 30 percent completed U1 MSG PoE Info Firmware Download on slot 1 40 percent completed U1 MSG PoE Info Firmware Download on slot 1 50 percent completed U1 MSG PoE Info Firmwar...

Страница 351: ...PoE Power disabled on port 1 1 19 because of admin off PoE Power disabled on port 1 1 20 because of admin off PoE Power disabled on port 1 1 21 because of admin off PoE Power disabled on port 1 1 22...

Страница 352: ...t for legacy power consuming devices on a stackable device enter the following command at the stack unit CONFIG level of the CLI device config unit 2 no legacy inline power On chassis devices you can...

Страница 353: ...rough CDP Many power consuming devices such as Cisco VoIP phones and other vendors devices use the Cisco Discovery Protocol CDP to advertise their power requirements to power sourcing devices such as...

Страница 354: ...m power level on one port and a power class on another port The Brocade PoE PoE or High PoE device adjusts the power on a port only if there are available power resources If power resources are not av...

Страница 355: ...over HDBaseT PoH 0 default 15 4 15 4 15 4 1 optional 4 4 4 2 optional 7 7 7 3 optional 15 4 15 4 15 4 4 optional 15 4 30 95 Refer to Considerations for setting power levels on page 354 for essential...

Страница 356: ...power allocations For information about resetting the power class refer to Resetting PoE parameters on page 358 Setting the power budget for a PoE interface module on an FSX device By default each Po...

Страница 357: ...has the higher value Ports that are configured with the same inline power priority are given precedence based on the slot number and port number in ascending order provided enough power is available...

Страница 358: ...the maximum power level power limit command even though you are keeping the current configured maximum power level at 3000 If you do not specify the maximum power level the device will apply the defa...

Страница 359: ...Honored 146 times Port Admin Oper Power mWatts PD Type PD Class Pri Fault State State Consumed Allocated Error 1 1 1 On On 6385 7000 802 3af Class 2 3 n a 1 1 2 On On 6479 7000 802 3af Class 2 3 n a...

Страница 360: ...E power consuming devices Both values are shown in milliwatts Power Allocations The number of times the device fulfilled PoE requests for power Port The slot number and port number Admin State Specifi...

Страница 361: ...table in the section Setting the power class for a PoE power consuming device on page 355 shows the different power classes and their respective maximum power allocations This field can also be Unkno...

Страница 362: ...mit thereby powering down the port PD DC fault A succession of underload and overload states or a PD DC DC fault caused the port to shutdown short circuit A short circuit was detected on the port deli...

Страница 363: ...of PD Ports 2 Total PD Power Available to PSE 0 Total PD Power Switched to PSE 0 Port Oper Oper Fault State Mode Error 1 2 1 On 802 3at n a 1 2 2 Off n a n a The following shows an example of the sho...

Страница 364: ...displayed n a No error or fault condition on the PD port Displaying detailed information about PoE power supplies The show inline power detail command displays detailed operational information about t...

Страница 365: ...W Power Supply Data On stack 3 Power Supply 1 Max Curr 7 5 Amps Voltage 54 0 Volts Capacity 410 Watts POE Details Info On Stack 3 General PoE Data Firmware Version 02 1 0 Cumulative Port State Data P...

Страница 366: ...mption Allocation Budget 3 0 0 48 513 90 W 739 200 W 65535 0 W 4 0 0 48 1346 497 W 1440 0 W 65535 0 W 6 0 0 24 0 0 W 0 0 W 65535 0 W 7 0 0 48 43 72 W 61 600 W 65535 0 W 8 0 0 24 0 0 W 0 0 W 65535 0 W...

Страница 367: ...n Fan 1 Air Flow Direction Front to Back Fan 2 Air Flow Direction Front to Back Slot 1 Current Temperature 49 0 deg C Sensor 1 39 5 deg C Sensor 2 Slot 2 Current Temperature NA Warning level 100 0 deg...

Страница 368: ...28640 30000 802 3at Class 4 3 n a Total 679371 720000 ICX7250 24P Router show inline power detail Power Supply Data On stack 1 Power Supply Data Power Supply 1 Max Curr 6 6 Amps Voltage 54 0 Volts Ca...

Страница 369: ...by Brocade Technical Support for troubleshooting Max Curr The PoE power supply maximum current capacity Voltage The PoE power supply current input voltage Capacity The PoE power supply total power ca...

Страница 370: ...e of insufficient power Ports Off No PD The number of ports on the Interface module to which no PDs are connected Ports Off Fault The number of ports on the Interface module that are not receiving pow...

Страница 371: ...state unless the decouple datalink keyword is used as a command option when configuring inline power on the LAG ports For more information refer to Decouple the PoE and datalink operations on PoE por...

Страница 372: ...ower on the primary port with the power by class option The following example configures inline power on the primary port 1 1 1 with power by class option 3 Device config inline power ethernet 1 1 1 p...

Страница 373: ...OTE The decouple datalink keyword was introduced in Release 08 0 01 to support the Decoupling of PoE and Datalink Operations feature Decoupling of inline power and datalinks is not supported in releas...

Страница 374: ...e of 12000 mWatts and decouples the datalink operations and the inline power for this port Device config inline power ethernet 1 1 4 decouple datalink power limit 12000 5 Configure a LAG The following...

Страница 375: ...g example configures inline power on the PoE port Ethernet 1 1 1 with power by class option 3 and decouples the datalink operations from the PoE operations for this port Device config if e1000 1 1 1 i...

Страница 376: ...fies an actual power value of12000 mWatts and decouples the datalink operations and the PoE operations for this port Device config if e1000 1 1 4 inline power decouple datalink power limit 12000 Power...

Страница 377: ...on page 378 for more information NOTE Breakout can be configured only when the device is in store and forward mode Breakout is not supported in cut through mode NOTE Stacking cannot be enabled on ICX...

Страница 378: ...nd must be reissued The resulting configuration must be saved and the unit must then be reloaded before the four 10 Gbps sub ports are created and accessible For example to configure ports 1 3 1 throu...

Страница 379: ...2 3 4 The four 10 Gbps sub ports for port 1 2 3 can be represented as 1 2 3 1 1 2 3 2 1 2 3 3 and 1 2 3 4 The following example shows no breakout on port 1 2 4 a 40 Gbps port that is up device show i...

Страница 380: ...1 1 1 Down None None None None No 1 0 cc4e 2439 3700 1 1 2 Down None None None None No 1 0 cc4e 2439 3701 1 1 3 Down None None None None No 1 0 cc4e 2439 3702 1 1 4 Down None None None None No 1 0 cc4...

Страница 381: ...terface ethernet 1 2 4 2 device config if e10000 1 2 2 2 port name subport2 device config if e10000 1 2 2 2 interface ethernet 1 2 4 3 device config if e10000 1 2 2 3 port name subport3 device config...

Страница 382: ...8192 bytes per dot Copy Done Device config end Device reload NOTE If there had been any configuration on any sub ports 1 3 1 1 to 1 3 6 4 the no breakout command would have returned an error The confi...

Страница 383: ...wing example displays breakout port information for an ICX 7750 48F Port 1 2 1 is the only port with active sub ports however ports 1 2 2 and 1 2 4 are configured for breakout pending reload Device sh...

Страница 384: ...Displaying information for breakout ports 384 FastIron Ethernet Switch Administration Guide 53 1003625 01...

Страница 385: ...tp www openssl org THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR...

Страница 386: ...If you include any Windows specific code or a derivative thereof from the apps directory application code you must include an acknowledgment This product includes software written by Tim Hudson tjh c...

Страница 387: ...ctr or aes128 ctr are enabled and the CBC mode ciphers are removed The AES CBC mode can be re enabled by issuing the no ip ssh encryption disable aes cbc command which will bring back the pre existing...

Страница 388: ...and the incoming SNMP packets can be filtered based on the IPv6 ACL attached to the group For more information refer to Defining an SNMP group on page 152 and Defining an SNMP group and specifying wh...

Отзывы:

Нет отзывов