manualshive.com logo in svg

Edge-Core ES3628EA, Руководство пользователя

Сетевой коммутатор Edge-Core ES3628EA - надежное и производительное устройство для вашей сети. Полная инструкция по использованию доступна для скачивания совершенно бесплатно на manualshive.com. Получите доступ к руководству пользователя, чтобы оптимизировать работу с оборудованием и повысить эффективность сети.

Поделиться
Скачать
background image

 

739

 

Function:

 Sets the 802.1x authentication status; the “

no dot1x port-control

” command 

restores the default setting.   

Parameters:

 

auto

 enable 802.1x authentication, the port authorization status is 

determined by the authentication information between the switch and the supplicant; 

force-authorized

 sets port to authorized status, unauthenticated data is allowed to pass 

through the port; 

force-unauthorized

 will set the port to non-authorized mode, the switch 

will not provide authentication for the supplicant and prohibit data from passing through 

the port.   

Command mode:

 Port configuration Mode 

 

Default:

 When 802.1x is enabled for the port, 

auto

 is set by default. 

 

Usage Guide:

 If the port needs to provide 802.1x authentication for the user, the port 

authentication mode should be set to 

auto

.  

Example:

 Setting port0/0/1 to require 802.1x authentication mode.   

Switch(Config)#interface Ethernet 0/0/1 

Switch(Config-Ethernet0/0/1)#dot1x port-control auto 

19.3.10 dot1x port-method 

Command: dot1x port-method {macbased | portbased}

 

no dot1x port-method 

Function:

 Sets the access management method for the specified port; the “

no dot1x 

port-method

” command restores the default access management method.   

Parameters:

 

macbased 

sets the MAC-based access management method; 

portbased

 

sets port-based access management.   

Command mode:

 Port configuration Mode 

 

Default: 

None.  

Usage Guide:

 MAC-based access management is better than port-based access 

management in both security and management, port-based access management is 

suggested only for special usages.   

Example:

 Setting port-based access management for port 0/0/4.   

Switch(Config-Ethernet0/0/4)#dot1x port-method portbased 

19.3.11 dot1x re-authenticate 

Command: dot1x re-authenticate [interface <interface-name>]

 

Function:

 Enables real-time 802.1x re-authentication (no wait timeout requires) for all 

ports or a specified port. 

 

Parameters:

 

<interface-nam>

 stands for port number, omitting the parameter for all 

Содержание ES3628EA

Страница 1: ...1 www edge core com ES3628EA L3 24 10 100 Ports 4GE Fast Ethernet Switch...

Страница 2: ...h support a variety of network interfaces from 100Mb to 1000Mb Ethernet We are providing this manual for your better understanding use and maintenance of the ES3628EA L3 Fast Ethernet Switch We strong...

Страница 3: ...on 31 1 2 7 Fuzzy Match Support 31 1 3 WEB MANAGEMENT 32 1 3 1 Main Page 32 1 3 2 Module Front Panel 32 CHAPTER 2 BASIC SWITCH CONFIGURATION 34 2 1 BASIC SWITCH CONFIGURATION COMMANDS 34 2 1 1 Command...

Страница 4: ...duction 103 2 7 2 TACACS Configurations 103 2 7 3 Commands for TACACS 104 2 7 4 Typical TACACS Scenarios 106 2 7 5 TACACS Troubleshooting 106 2 8 WEB MANAGEMENT 107 2 8 1 Switch Basic Configuration 10...

Страница 5: ...rt information 133 CHAPTER 4 PORT CHANNEL CONFIGURATION 135 4 1 INTRODUCTION TO PORT CHANNEL 135 4 2 PORT CHANNEL CONFIGURATION TASK LIST 136 4 3 COMMANDS FOR PORT CHANNEL 137 4 3 1 debug lacp 137 4 3...

Страница 6: ...oubleshooting 171 CHAPTER 6 MAC TABLE CONFIGURATION 173 6 1 INTRODUCTION TO MAC TABLE 173 6 1 1 Obtaining MAC Table 173 6 1 2 Forward or Filter 175 6 2 MAC ADDRESS TABLE CONFIGURATION TASK LIST 176 6...

Страница 7: ...7 3 19 spanning tree portfast 202 7 3 20 spanning tree digest snooping 202 7 3 21 spanning tree tcflush global mode 203 7 3 22 spanning tree tcflush port mode 203 7 4 MSTP EXAMPLE 204 7 5 MSTP TROUBL...

Страница 8: ...ayer 3 Interface 245 9 1 2 Layer 3 Interface Configuration Task List 245 9 1 3 Commands for Layer 3 Interface 246 9 2 IP CONFIGURATION 246 9 2 1 Introduction to IPv4 IPv6 246 9 2 2 IP Configuration 24...

Страница 9: ...sntp 314 11 3 TYPICAL SNTP CONFIGURATION EXAMPLES 314 11 4 WEB MANAGEMENT 315 11 4 1 SNMP NTP server configuration 315 11 4 2 Request interval configuration 315 11 4 3 Time difference 315 11 4 4 Show...

Страница 10: ...ute 348 13 3 2 Introduction to Default Route 348 13 3 3 Static Route Configuration Task List 349 13 3 4 Commands for Static Route 349 13 3 5 Configuration Examples 353 13 4 RIP 354 13 4 1 Introduction...

Страница 11: ...NFIGURATION TASK 553 14 3 COMMANDS FOR IGMP SNOOPING 555 14 3 1 ip igmp snooping vlan 555 14 3 2 ip igmp snooping vlan immediate leave 555 14 3 3 ip igmp snooping vlan l2 general querier 555 14 3 4 ip...

Страница 12: ...ng 577 16 3 PIM SM 580 16 3 1 Introduction to PIM SM 580 16 3 2 PIM SM Configuration Task List 581 16 3 3 Commands for PIM SM 584 16 3 4 PIM SM Configuration Examples 593 16 3 5 PIM SM Troubleshooting...

Страница 13: ...iguration Task List 675 17 3 3 Commands for MLD 677 17 3 4 MLD Typical Application 682 17 3 5 MLD Troubleshooting 683 CHAPTER 18 ACL CONFIGURATION 687 18 1 INTRODUCTION TO ACL 687 18 1 1 Access list 6...

Страница 14: ...te 739 19 3 12 dot1x re authentication 740 19 3 13 dot1x timeout quiet period 740 19 3 14 dot1x timeout re authperiod 740 19 3 15 dot1x timeout tx period 741 19 3 16 radius server accounting host 741...

Страница 15: ...ual Router 768 20 6 5 Configure Preemptive Mode For VRRP 768 20 6 6 Configure VRRP priority 769 20 6 7 Configure VRRP Timer interval 769 20 6 8 Configure VRRP Interface Monitor 769 20 6 9 Configure Au...

Страница 16: ...T CONFIGURATION SEQUENCE 791 22 3 COMMANDS FOR CLUSTER 793 22 3 1 cluster run 793 22 3 2 cluster register timer 793 22 3 3 cluster ip pool 794 22 3 4 cluster commander 794 22 3 5 cluster member 795 22...

Страница 17: ...ailable For instance the user must assign an IP address to the switch via the Console interface to be able to access the switch through Telnet The procedures for managing the switch via Console interf...

Страница 18: ...included in Windows after the connection established The example below is based on the HyperTerminal included in Windows XP 1 Click Start menu All Programs Accessories Communication HyperTerminal Fig...

Страница 19: ...ud rate 8 for Data bits none for Parity checksum 1 for stop bit and none for traffic control or you can also click Restore default and click OK Fig 1 5 Opening HyperTerminal Step 3 Entering switch CLI...

Страница 20: ...ceived 0 pac Starting at 0x10000 Attaching to file system te to DOWNn avg max 0 0 0a Switch Settings 00 00 25 2006 vlan mac 00 03 0F 13 25 98otocol on Interface Etherne serial number 106120000004open...

Страница 21: ...ess is in the same network segment 3 If not 2 Telnet client can connect to an IP address of the switch via other devices such as a router ES3628EA Switch is a Layer 3 switch that can be configured wit...

Страница 22: ...lnet Client program Run Telnet client program included in Windows with the specified Telnet target Fig 1 7 Run telnet client program included in Windows Step 3 Login to the switch Login to the Telnet...

Страница 23: ...nt and the switch s VLAN interface IP address are in the same network segment 3 If 2 is not met HTTP client should connect to an IP address of the switch via other devices such as a router Similar to...

Страница 24: ...ar http 3ffe 506 1 2 3 where the address should be in the square brackets Step 3 Logon to the switch To logon to the HTTP configuration interface valid login user name and password are required otherw...

Страница 25: ...25 Fig 1 10 Web Login Interface Input the right username and password and then the main Web configuration interface is shown as below Fig 1 11 Main Web Configuration Interface...

Страница 26: ...categorized according to their functions in switch configuration and management Each category represents a different configuration mode The Shell for the switch is described below z Configuration Mode...

Страница 27: ...rect Next users can reenter the system on entering corresponding user name and password Under Admin Mode the user can query the switch configuration information connection status and traffic statistic...

Страница 28: ...Mode Using the vlan vlan id command under Global Mode can enter the corresponding VLAN Mode Under VLAN Mode the user can configure all member ports of the corresponding VLAN Run the exit command to ex...

Страница 29: ...Configuration Syntax ES3628EA Switch provides various configuration commands Although all the commands are different they all abide by the syntax for ES3628EA Switch configuration commands The general...

Страница 30: ...he cursor moves back Up Show previous command entered Up to ten recently entered commands can be shown Down Show next command entered When use the Up key to get previously entered commands you can use...

Страница 31: ...with that string 1 2 6 Input Verification Returned Information success All commands entered through keyboards undergo syntax check by the Shell Nothing will be returned if the user entered a correct c...

Страница 32: ...es HTTP web management function and users can configure and monitor the status of the switch through the web interface To manage the switch through web browser use the following steps Configure valid...

Страница 33: ...33 Fig 1 13 Module Front Panel...

Страница 34: ...command is for exiting admin mode Admin Mode config terminal Enter global mode from admin mode Various Modes Exit Exit current mode and enter previous mode such as using this command in global mode t...

Страница 35: ...n mode to radius Switch Config authentication login radius 2 1 1 2 calendar set Command calendar set HH MM SS DD MON YYYY MON DD YYYY Function Set system date and time Parameter HH MM SS is the curren...

Страница 36: ...01 01 00 01 06 startup config 2 064 1980 01 01 00 30 12 2 1 1 6 enable Command enable Function Enter Admin Mode from User Mode Command mode User Mode Usage Guide To prevent unauthorized access of non...

Страница 37: ...res the default value Parameters minute is the time value shown in minute and ranges between 0 35791 seconds is the time value shown in seconds and ranges between 0 2147483 Command mode Global mode De...

Страница 38: ...ed Command mode Global Mode Default The default prompt is ES3628EA switch Usage Guide With this command the user can set the CLI prompt of the switch according to their own requirements Example Set th...

Страница 39: ...server no ip http server Function Enable Web configuration the no ip http server command disables Web configuration Command mode Global mode Usage guide Web configuation is for supplying a interface...

Страница 40: ...r mode through level configured by the command No login cancels login local configuration Notice Executing the command it insures that priority of one user is 15 if it uses username command configurat...

Страница 41: ...can choose all the parameters for ping Example Example 1 Default parameter for ping Switch ping 10 1 128 160 Type c to abort Sending 5 56 byte ICMP Echoes to 10 1 128 160 timeout is 2 seconds Success...

Страница 42: ...configuration Ping6 function can configure the parameters of the ping packets on users demands When the ipv6 address is the local link address a vlan interface name is needed to be specified When spec...

Страница 43: ...equired to be specified when destination address is a local link address Use source IPv6 address n Use source IPv6 address not used by default Source IPv6 address Source IPv6 IP address Repeat count 5...

Страница 44: ...passwords Switch Config service password encryption 2 1 1 23 service terminal length Command service terminal length 0 512 no service terminal length Function Configure the columns of characters disp...

Страница 45: ...et columns of characters displayed in each screen on terminal the terminal no length cancels the screen switching operation and display content once in all Parameter Columns of characters displayed in...

Страница 46: ...m for unreachable network nodes 2 1 1 29 cli username Command cli username username privilege privilege password 0 7 password no cli username username Function Configure shell user and priority shell...

Страница 47: ...sword for logging on the switch the no username user_name command deletes the user Parameter user_name is the username It can t exceed 16 characters show_flag can be either 0 or 7 0 is used to display...

Страница 48: ...the users will also need to diagnostic the problem ES3628EA switch provides various debug commands including ping telnet show and debug etc to help the users to check system configuration operating s...

Страница 49: ...witch allows up to 5 telnet client TCP connections And as Telnet client using telnet command under Admin Mode allows the user to login to the other remote hosts ES3628EA switch can only establish TCP...

Страница 50: ...t name and the IP IPv6 address should be previously configured For required commands please refer to ip host and ipv6 host In case a host corresponds to both an IPv4 and an IPv6 addresses the IPv6 sho...

Страница 51: ...switch will not be limited if a secure IP address is configured only hosts with the secure IP address is allowed to connect to the switch through Telnet for configuration The switch allows multiple se...

Страница 52: ...for retrying SSH authentication the no ssh server authentication retries command restores the default number of times for retrying SSH authentication ssh server host key create rsa modulus moduls Gen...

Страница 53: ...nge is 768 to 2048 The default value is 1024 Command mode Global Mode Default The system uses the key generated when the ssh server is started at the first time Usage Guide This command is used to gen...

Страница 54: ...thorized SSH clients can t log on and configure the switch When the switch is a SSH server it can have maximum three users and it allows maximum three users to connect to it at the same time Example S...

Страница 55: ...nder IPv4 which adopts the hop limit field of the ICMPv6 and IPv6 header First Traceroute6 sends an IPv6 datagram including source address destination address and packet sent time whose HOPLIMIT is se...

Страница 56: ...p Display the TCP connection status established currently on the switch show udp Display the UDP connection status established currently on the switch show telnet login Display the information of the...

Страница 57: ...s on 2 2 7 1 3 show history Command show history Function Display the recent user command history Command mode Admin Mode Usage Guide The system holds up to 10 commands the user entered the user can u...

Страница 58: ...he current active configuration parameters for the switch Default If the active configuration parameters are the same as the default operating parameters nothing will be displayed Command mode Admin M...

Страница 59: ...won t display any configurations However if write command is executed to save the active configuration to the Flash memory the displays of show running config and show startup config will be the same...

Страница 60: ...second usertype 2 2 7 1 11 show tcp Command show tcp Function Display the current TCP connection status established to the switch Command mode Admin Mode Example Switch show tcp LocalAddress LocalPort...

Страница 61: ...e default value for unit is 1 Command mode Admin Mode Usage Guide Use this command to view the version information for the switch including hardware version and software version Example Switch show ve...

Страница 62: ...ctly send the log information to the log host and save it in files to be viewed at any time Among above log channels users rarely use the console monitor but will commonly choose the Telnet terminal t...

Страница 63: ...l and brief description Note these severity levels are in accordance with the standard UNIX LINUX syslog Table 1 1 Severity of the log information Severity Value Description emergencies 0 System is un...

Страница 64: ...log buffer zone information 2 Configure the log host output channel Command Description Global Mode logging ipv4 addr ipv6 addr facility local number level severity no logging ipv4 addr ipv6 addr fac...

Страница 65: ...s in accordance with the facility defined in the RFC3164 severity is the severity threshold of the log information severity level The rule of the log information output is explained as follows only th...

Страница 66: ...rnet 0 0 1 Switch Config Ethernet0 0 1 ipv6 address 3ffe 506 1 64 Switch Config Ethernet0 0 1 exit Switch Config logging 3ffe 506 4 facility local7 level warnings 2 3 Configurate Switch IP Addresses A...

Страница 67: ...s bootp client command disables the BootP client function 3 DHCP Command Explanation ip address dhcp client no ip address dhcp client Enable the switch to be a DHCP client and obtain IP address and ga...

Страница 68: ...d mode Interface Mode Usage Guide Obtaining IP address through BootP Manual configuration and DHCP are mutually exclusive enabling any 2 methods for obtaining IP address is not allowed Note To obtain...

Страница 69: ...of exchange network management information between two points in the network SNMP employs a polling mechanism of message query and transmits messages through UDP a connectionless transport layer proto...

Страница 70: ...s can t be changed on transmission USM employs DES CBC cryptography And HMAC MD5 and HMAC SHA are used for authentication VACM is used to classify the users access permission It puts the users with th...

Страница 71: ...s basic MIB II RMON public MIB and other public MID such as BRIDGE MIB Besides the switch supports self defined private MIB Introduction to RMON RMON is the most important expansion of the standard SN...

Страница 72: ...Configure IP address of SNMP management base Command Explanation snmp server securityip ipv4 address ipv6 address no snmp server securityip ipv4 address ipv6 address Configure the secure IPv4 IPv6 ad...

Страница 73: ...tch This command is used for SNMP v3 8 Configuring TRAP Command Explanation snmp server enable traps no snmp server enable traps Enable the switch to send Trap message This command is used for SNMP v1...

Страница 74: ...input 0 Bad SNMP version errors 0 Unknown community name 0 Illegal operation for community name supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get request...

Страница 75: ...number of SNMP packet outputs too big errors Number of Too_ big error SNMP packets maximum packet size Maximum length of SNMP packets no such name errors Number of packets requesting for non existent...

Страница 76: ...mple 1 Add a community string named private with read write permission Switch config snmp server community private rw Example 2 Add a community string named public with read only permission Switch con...

Страница 77: ...v2c versions this command configures the IP address and trap community character string of the network manage station receiving the SNMP Trap message And for v3 version this command is used for recei...

Страница 78: ...g snmp mib no debug snmp mib Function Enable the SNMP mib debugging the no debug snmp mib command disables the debugging Command Mode Admin Mode Usage Guide When user encounters problems in applying S...

Страница 79: ...v Read View one Write View no writeview specified Notify View one Displayed Information Explanation Group Name Group name Security level Security level Read View Read view name Write View Write view n...

Страница 80: ...view 1 Included active 1 3 Excluded active Displayed Information Explanation View Name View name 1 and1 3 OID number Included The view includes sub trees rooted by this OID Excluded The view does not...

Страница 81: ...udes 1 32 characters Name of writable view which includes 1 32 characters Name of trappable view which includes 1 32 characters Usage Guide There is a default view v1defaultviewname in the system It i...

Страница 82: ...snmp server view readview 2 4 3 19 snmp server user Command snmp server user user string group string encrypted auth md5 sha password string no snmp server user user string group string Function Add a...

Страница 83: ...etes configured security IPv4 or IPv6 address Command Mode Global Mode Parameter ipv4 address is NMS security IPv4 address point separated decimal format ipv6 address is NMS security IPv6 address colo...

Страница 84: ...listed below Switch config snmp server Switch Config snmp server host 1 1 1 5 ectrap Switch Config snmp server enable traps Scenario 3 NMS uses SNMP v3 to obtain information from the switch The confi...

Страница 85: ...sers still can t solve the SNMP problems Please contact our technical and service center 2 5 Switch Upgrade ES3628EA switch provides two ways for switch upgrade BootROM upgrade and the TFTP FTP upgrad...

Страница 86: ...the management port on the switch The PC should have FTP TFTP server software installed and has the image file required for the upgrade Step 2 Press ctrl b on switch boot up until the switch enters B...

Страница 87: ...PC For TFTP run TFTP server program for FTP run FTP server program Before start downloading upgrade file to the switch verify the connectivity between the server and the switch by ping from the serve...

Страница 88: ...w FTP builds upon TCP to provide reliable connection oriented data stream transfer service However it does not provide file access authorization and uses simple authentication mechanism transfers user...

Страница 89: ...te FTP TFTP servers can be hosts or other switches When ES3628EA switch operates as a FTP TFTP server it can provide file upload and download service for authorized FTP TFTP clients as file list servi...

Страница 90: ...tes the name of running configuration file to be running config Factory configuration file The configuration file shipped with ES3628EA switch in the name of factory config Run set default and write a...

Страница 91: ...nd shuts down FTP server and prevents FTP user from logging in 2 Modify FTP server connection idle time Command Explanation Global Mode ftp server timeout seconds Set connection idle time 3 TFTP serve...

Страница 92: ...address ipv6address hostname filename a mongst username is the FTP user name password is the FTP user password ipaddress ipv6address is the IPv4 or IPv6 address of the FTP server client hostname is th...

Страница 93: ...system will be adopted in the file transmission default transmission method When URL represents an TFTP address its form s hould be tftp ipaddress ipv6address hostname filename amongst ipaddr ess ipv...

Страница 94: ...e list of the files on the server with the FTP client Switch Config dir ftp user password IPv6 Address 2 5 3 2 2 4 ftp server enable Command ftp server enable no ftp server enable Function Start FTP s...

Страница 95: ...ed information Description Timeout Timeout time 2 5 3 2 2 7 show tftp Command show tftp Function display the parameter settings for the TFTP server Default No display by default Command mode Admin Mod...

Страница 96: ...0 Default The default value is 5 retransmission Command mode Global Mode Example Modify the retransmission to 10 times Switch config Switch Config tftp server retransmission number 10 2 5 3 2 2 10 tft...

Страница 97: ...he computer The configuration procedures of the switch is listed below Switch Config inter vlan 1 Switch Config If Vlan1 ip address 10 1 1 2 255 255 255 0 Switch Config If Vlan1 no shut Switch Config...

Страница 98: ...ch operates as the TFTP server and connects from one of its ports to a computer which is a TFTP client Transfer the nos img file in the switch to the computer The configuration procedures of the switc...

Страница 99: ...priate TFTP server directory on the computer The configuration procedures of the switch is listed below Switch Config inter vlan 1 Switch Config If Vlan1 ip address 10 1 1 2 255 255 255 0 Switch Confi...

Страница 100: ...upload download system file with FTP protocol the connectivity of the link must be ensured i e use the Ping command to verify the connectivity between the FTP client and server before running the FTP...

Страница 101: ...start up file upgrade through FTP fails please try to upgrade again or use the BootROM mode to upgrade 2 5 5 2 TFTP Troubleshooting When upload download system file with TFTP protocol the connectivity...

Страница 102: ...frame Networks with Jumbo frames will increase the speed of the whole network by 2 to 5 Technically the Jumbo is just a lengthened frame sent and received by the switch However considering the length...

Страница 103: ...dard packet head encryption this protocol is of a more reliable transmission and encryption characteristics and is more adapted to security control According to the characteristics of the TACACS Versi...

Страница 104: ...uthentication server Parameter ip address is the IP of the server port number is the listening port number of the server the valid range is 0 65535 amongst 0 indicates it will not be an authentication...

Страница 105: ...acacs server timeout Function Configure a TACACS server authentication timeout timer the no tacacs server timeout command restores the default configuration Parameter seconds is the value of TACACS au...

Страница 106: ...0 Switch Config if vlan1 exit Switch Config tacacs server authentication host 10 1 1 3 Switch Config tacacs server key test Switch Config authentication login tacacs local 2 7 5 TACACS Troubleshooting...

Страница 107: ...of command line interface and the mapping address relationship with the host Basic clock configuration configure date and clock of the system Users should configure HH MM SS as 23 0 0 and YY MM DD as...

Страница 108: ...ure Community string as private choose Access priority as Read and write mode and choose State as Valid The command will be applied to the switch by clicking on the Apply button 2 8 2 2 Trap Manager C...

Страница 109: ...ement station of the switch 5 4 4 2 6 z Security ip address Security IP address of NMS z State Valid to configure Invalid to remove Example configure the security IP address as 41 1 1 100 and choose S...

Страница 110: ...ate allows device to send Trap messages Example choose Snmp Agent state as Open choose RMON state as Open and choose Trap state as Open Then click on the Apply button 2 8 3 Switch upgrade Users should...

Страница 111: ...the files are transmitted in the binary standard Example the Figure below shows how to get the system file from TFTP Server 10 1 1 1 which has server file name is nos img and local file name nos img...

Страница 112: ...switch and password is switch Click Apply 2 8 3 4 FTP server configuration Users should click Switch basic configuration and FTP server service to enter into the configuration page and make configurat...

Страница 113: ...telnet login to display the Telnet client messages connected through Telnet with the switch z Show telnet user to display all Telnet client messages with authenticated switch access through Telnet z...

Страница 114: ...r finds a VLAN port s properties by choosing port0 0 1 and click Apply 2 8 4 3 Others Other parts are easier to configure Users just click a configuration node and the relating messages will appear Ex...

Страница 115: ...lnet server configuration nodes through web interface 2 8 7 Telnet server user configuration Users should click Telnet server configuration and Telnet server user configuration to configure Telnet ser...

Страница 116: ...client for when the switch functions as the Telnet server Words and phrases are explained in the following Security IP address a specific security IP address Operation to choose from the drop down lis...

Страница 117: ...be performed on ports 2 3 4 5 8 9 10 the command would look like interface Ethernet 0 0 2 5 0 0 8 10 Port speed duplex mode and traffic control can be configured under Ethernet Port Mode causing the...

Страница 118: ...limit bandwidth input output no rate limit input output Sets or cancels the bandwidth used for incoming outgoing traffic for specified ports flow control no flow control Enables Disables traffic cont...

Страница 119: ...use manage switches such as the user assign names according to the port application e g financial as the name of 0 0 1 2 ports which is used by financial department engineering as the name of 0 0 9 p...

Страница 120: ...Global Mode Parameters interface list stands for port number Command mode Global Mode Usage Guide Run the exit command to exit the Ethernet Interface Mode to Global Mode Example Entering the Ethernet...

Страница 121: ...ables Disables the auto negotiation function of a 1000Base T port Command mode Port configuration Mode Default Auto negotiation is enabled by default Usage Guide This command applies to 1000Base T int...

Страница 122: ...pression command disables this traffic throttle function on all ports in the switch i e enables broadcasts multicasts and unknown destination unicasts to pass through the switch at line speed Paramete...

Страница 123: ...rt port speed rate duplex mode flow control switch state broadcast storm restrain of the port and the statistic state of the data packets will be displayed All information of all ports on the switch w...

Страница 124: ...t Usage Guide This command applies to 1000Base TX ports only speed duplex command is not available for 1000Base X port For combo port this command applies to the 1000Base TX port only and has no effec...

Страница 125: ...e vlan vlan id no interface vlan vlan id Function Enters Interface Mode the no interface vlan vlan id command deletes existing VLAN interface Parameters vlan id is the VLAN ID for the establish VLAN t...

Страница 126: ...secondary IP addresses Both primary IP address and secondary IP addresses can be used for SNMP Web Telnet management In addition ES3628EA allows IP addresses to be obtained through BootP DHCP Example...

Страница 127: ...ort monitor Command port monitor interface interface list rx tx both no port monitor interface interface list Function Specifies port of mirror source the no port monitor interface interface list comm...

Страница 128: ...monitor Command show port monitor interface interface list Function Show the mirror source and destination port information Parameter interface list is the mirror source port list Command Mode Admin M...

Страница 129: ...witchA SwitchA Config interface ethernet 0 0 7 SwitchA Config If Ethernet0 0 7 rate limit 150 input SwitchB SwitchB Config interface ethernet 0 0 9 SwitchB Config If Ethernet0 0 9 speed duplex force10...

Страница 130: ...t setup port speed duplexes and so on 3 6 1 Ethernet port configuration Click Port configuration Ethernet port configuration to open the Ethernet port configuration management table to configure Ether...

Страница 131: ...t configuration Bandwidth control and proceed to do port bandwidth control 1 z Port Specifies configuration port z Bandwidth control level port bandwidth control The unit is Mbps and the value range i...

Страница 132: ...ress Example Assign Port as Vlan10 port IP address as 192 168 1 180 Port network mask as 255 255 255 0 Port status as no shutdown Operation type selection as Add address then click Apply button and th...

Страница 133: ...p source interface list as Ethernet ports 0 0 1 4 and the mirroring direction as rx Click Apply button and this port will be added into the monitor session Click the Default button to delete this port...

Страница 134: ...134 Click Port configuration Port debug and maintenance Show port information to check the statistic information of the receiving sending data packet information of the port...

Страница 135: ...by the user and can not only add network s bandwidth but also provide link backup Port aggregation is usually used when the switch is connected to routers PCs or other switches Fig 4 1 Port aggregati...

Страница 136: ...osely related with switch hardware ES3628EA switch allow physical port aggregation of any two switches maximum 8 port groups and 8 ports in each port group are supported Once ports are aggregated they...

Страница 137: ...e displayed Example Enabling LACP debug Switch debug lacp 4 3 2 port group Command port group port group number load balance src mac dst mac dst src mac src ip dst ip dst src ip no port group port gro...

Страница 138: ...d port group port group number mode active passive on no port group port group number Function Adds a physical port to port channel the no port group port group number removes specified port from the...

Страница 139: ...If it is configuration for modules such as shutdown or speed configuration then the configuration to current port will apply to all member ports in the corresponding port group Example Entering config...

Страница 140: ...rt_enabled FALSE lacp_ena FALSE ready_n TRUE the attributes of the port are as follows mac_type ETH_TYPE speed_type ETH_SPEED_100M duplex_type FULL port_type ACCESS the machine state and port state of...

Страница 141: ...Mbps 100Mbps 1 000Mbps duplex_type Port duplex mode full duplex and half duplex port_type Port VLAN property access port or trunk port mux_state Status of port binding status machine rcvm_state Status...

Страница 142: ...em ID system priority System Priority LACP activity Whether port is added to the group in active mode 1 for yes LACP timeout Port timeout mode 1 for short timeout Aggregation Whether aggregation is po...

Страница 143: ...e displayed Number of port Port number in the port channel Standby port Port that is in standby status which means the port is qualified to join the channel but cannot join the channel due to the maxi...

Страница 144: ...e exit SwitchB Config interface port channel 2 SwitchB Config If Port Channel2 Configuration result Shell prompts ports aggregated successfully after a while now ports 1 2 3 4of SwitchA form an aggreg...

Страница 145: ...ACP BPDU to complete aggregation Aggregation finishes immediately when the command to add port 2 to port group 1 is entered port 1 and port 2 aggregate to be port channel 1 when port 3 joins port grou...

Страница 146: ...P then at least one of them should be in ACTIVE mode otherwise LACP packet won t be initiated LACP cannot be used on ports with Security and IEEE 802 1x enabled 4 6 Web Management Click Port channel c...

Страница 147: ...ation page Click Apply button to add port into the group Display port member Select a group num in port configuration and the information of port member will be shown under the configuration table z P...

Страница 148: ...he VLAN function of ES3628EA switch is implemented following IEEE 802 1Q The key idea of VLAN technology is that a large LAN can be partitioned into many separate broadcast domains dynamically to meet...

Страница 149: ...Port Type 4 Set Trunk port 5 Set Access port 6 Enable Disable VLAN ingress rules on ports 7 Configure Private VLAN 8 Set Private VLAN association 1 Creating or deleting VLAN 2 Assigning Switch ports...

Страница 150: ...ive vlan Set delete PVID for Trunk port Command Explanation Interface Mode switchport access vlan vlan id no switchport access vlan Add the current port to specified VLAN the specified VLANs The no co...

Страница 151: ...o private vlan command cancels the Private VLAN configuration Parameter primary set current VLAN to Primary VLAN isolated set current VLAN to Isolated VLAN community set current VLAN to Community VLAN...

Страница 152: ...ivate VLAN association by default Usage Guide This command can only used for Private VLAN The ports in Secondary VLANs which are associated to Primary VLAN can communicate to the ports in Primary VLAN...

Страница 153: ...4094 Universal Vlan 1 2 Total Existing Vlans is 2 Displayed information Explanation VLAN VLAN number Name VLAN name Type VLAN type statically configured or dynamically learned Media VLAN interface ty...

Страница 154: ...s no port by default Usage Guide Access ports are normal ports and can join a VLAN but a port can only join one VLAN for a time Example Assign Ethernet port 1 3 4 7 8 of VLAN100 Switch Config Vlan100...

Страница 155: ...20 Switch Config interface ethernet 0 0 5 Switch Config Ethernet0 0 5 switchport mode trunk Switch Config Ethernet0 0 5 switchport trunk allowed vlan 1 3 5 20 Switch Config Ethernet0 0 5 exit 5 1 3 9...

Страница 156: ...the system receives data it will check source port first and forwards the data to the destination port if it is a VLAN member port Example Disable VLAN ingress rules on the port Switch Config Ethernet...

Страница 157: ...Switch Config vlan 2 Switch Config Vlan2 switchport interface ethernet 0 0 2 4 Switch Config Vlan2 exit Switch Config vlan 100 Switch Config Vlan100 switchport interface ethernet 0 0 5 7 Switch Config...

Страница 158: ...application based on GARP working mechanism It is responsible for the maintenance of dynamic VLAN register information and population of such register information to the other switches Switches suppor...

Страница 159: ...on globally and for Trunk port 0 0 10 Switch Config bridge ext gvrp Switch Config interface ethernet 0 0 10 Switch Config Ethernet0 0 10 bridge ext gvrp Command Explanation Interface Mode bridge ext g...

Страница 160: ...327650 ms Command mode Interface Mode Default The default value for hold timer is 100 ms Usage Guide When GARP application entities receive a join message join message will not be sent immediately In...

Страница 161: ...be canceled Besides the value of leave timer must be twice larger than the join timer Otherwise an error message will be displayed Example Set the GARP leave timer value of port 0 0 10 to 3000 ms Swi...

Страница 162: ...ormation Switch show garp timer 5 2 3 8 show gvrp configuration Command show gvrp configuration interface name Function Display the global and port information for GVRP Parameter interface nam stands...

Страница 163: ...Item Configuration description VLAN100 Port 2 6 of Switch A and C Trunk port Port 11 of Switch A and C Port 10 11 of Switch B Global GVRP Switch A B C Port GVRP Port 11 of Switch A and C Port 10 11 of...

Страница 164: ...xt gvrp Switch Config Ethernet0 0 11 exit Switch C Switch Config bridge ext gvrp Switch Config vlan 100 Switch Config Vlan100 switchport interface ethernet 0 0 2 6 Switch Config Vlan100 exit Switch Co...

Страница 165: ...hich the ID is the SPVID assigned to the user Afterwards the packet will only be transmitted in VLAN3 when traveling in the ISP internet network while carrying two VLAN tags the inner tag is added whe...

Страница 166: ...ion on the ports 2 Configure the type of protocol TPID of the port 5 3 3 Dot1q Tunnel Configuration Command 5 3 3 1 dot1q tunnel enable Command dot1q tunnel enable no dot1q tunnel enable Function Set...

Страница 167: ...ce ethernet 0 0 1 Switch Config Ethernet0 0 1 dot1q tunnel enable Switch Config Ethernet0 0 1 exit 5 3 3 2 dot1q tunnel tpid Command dot1q tunnel tpid 8100 9100 9200 0 65535 Function Configure the typ...

Страница 168: ...lient network with VLAN3 The port1 of PE1 is connected to CE1 port10 is connected to public network the TPID of the connected equipment is 9100 port1 of PE2 is connected to CE2 port10 is connected to...

Страница 169: ...1 exit Switch Config interface ethernet 0 0 10 Switch Config Ethernet0 0 10 switchport mode trunk Switch Config Ethernet0 0 10 exit Switch Config 5 3 5 Dot1q tunnel Troubleshooting Enabling dot1q tunn...

Страница 170: ...ynamic VLAN Configuration Task List 1 Configure the correspondence between the Protocols and the VLAN 1 Configure the correspondence between the Protocols and the VLAN 5 4 2 2 Commands for Dynamic VLA...

Страница 171: ...e packets go through their belonging VLAN is the same The command will not interfere with VLAN labeled data packets It is recommended to configure ARP protocol together with the IP protocol or else so...

Страница 172: ...172 equipment positively send data packet to the switch such as ping to let the switch learn their source MAC then the two equipment will be able to communicate freely within the dynamic VLAN...

Страница 173: ...apping to the destination port Then the MAC table is queried for the destination MAC address if hit the data frame is forwarded in the associated port otherwise the switch forwards the data frame to i...

Страница 174: ...only a mapping entry of MAC address 00 01 11 11 11 11 and port 0 0 5 and no port mapping for 00 01 33 33 33 33 present the switch broadcast this message to all the ports in the switch assuming all por...

Страница 175: ...C2 and PC1 are in the same physical segment and filter the message i e drop this message Three types of frames can be forwarded by the switch Broadcast frame Multicast frame Unicast frame The followin...

Страница 176: ...figuration Task List Mac address table configuration task list 1 Configure the MAC address aging time 2 Configure static MAC forwarding or filter entry 1 Configure the MAC aging time Command Explanati...

Страница 177: ...ress mapping entry of which the inherent MAC address corresponds to the VLAN number Usage Guide In certain special applications or when the switch is unable to dynamically learn the MAC address users...

Страница 178: ...network environment dynamic learning is enabled PC1 holds sensitive data and can not be accessed by any other PC that is in another physical segment PC2 and PC3 have static mapping set to port 7 and...

Страница 179: ...warding data streams between known MAC addresses within the ports can be achieved If a MAC address is aged the packet destined for that entry will be broadcasted In other words a MAC address learned i...

Страница 180: ...dresses learned by the port to static secure MAC addresses port security timeout value no port security timeout Enable port locking timer function the no port security timeout restores the default set...

Страница 181: ...ynamic interface ethernet 0 0 1 6 6 1 3 2 port security Command port security no port security Function Enable MAC address binding function for the port and lock the port When a port is locked the MAC...

Страница 182: ...r the MAC address to be added deleted Usage Guide The MAC address binding function must be enabled before static secure MAC address can be added Example Adding MAC 00 03 0F FE 2E D3 to port1 Switch Co...

Страница 183: ...0 1 Switch Config Ethernet0 0 1 port security timeout 30 6 6 1 3 7 port security violation Command port security violation protect shutdown no port security violation Function Configure the port viol...

Страница 184: ...he secure MAC address belongs to Total Addresses Current secure MAC address number in the system 6 6 1 3 9 show port security address Command show port security address interface interface id Function...

Страница 185: ...curity interface Ethernet 0 0 1 Ethernet0 0 1 Port Security Enabled Port status Security Up Violation mode Protect Maximum MAC Addresses 1 Total MAC Addresses 1 Configured MAC Addresses 1 Lock Timer i...

Страница 186: ...not enabling Spanning tree or port aggregation and is not configured as a Trunk port MAC address binding is exclusive to such configurations If MAC address binding is to be enabled the functions ment...

Страница 187: ...he number of spanning tree instances which consumes less CPU resources and reduces the bandwidth consumption 7 1 1 MSTP Region Because multiple VLANs can be mapped to a single spanning tree instance I...

Страница 188: ...t of the CST and the IST master with both of the path costs to the CST root and to the IST master set to zero The bridge also initializes all of its MST instances and claims to be the root for all of...

Страница 189: ...TP Load Balance In a MSTP region VLANs can by mapped to various instances That can form various topologies Each instance is independent from the others and each distance can has its own attributes suc...

Страница 190: ...mst instance id priority bridge priority no spanning tree mst instance id priority Set bridge priority for specified instance Interface Mode spanning tree mst instance id cost cost no spanning tree ms...

Страница 191: ...level no revision level Set MSTP region revision level Abort Quit MSTP region mode and return to Global mode without saving MSTP region configuration Exit Quit MSTP region mode and return to Global mo...

Страница 192: ...Command Explanation Interface Mode spanning tree format standard spanning tree format privacy spanning tree format auto no spanning tree format Configure the format of port spanning tree packet standa...

Страница 193: ...e current MSTP region configuration quit MSTP region mode and return Command Explanation Global Mode spanning tree tcflush enable spanning tree tcflush disable spanning tree tcflush protect no spannin...

Страница 194: ...number The valid number is from 1 to 48 vlan list sets consecutive or non consecutive VLAN numbers refers to consecutive numbers and refers to non consecutive numbers Command mode MSTP Region Mode Def...

Страница 195: ...o 0 Parameter level is revision level The valid range is from 0 to 65535 Command mode MSTP Region Mode Default The default revision level is 0 Usage Guide This command is to set revision level for MST...

Страница 196: ...sure about which the packet format is on partner the AUTO configuration will be preferred so to identify the format by the packets they sent The privacy packet format is set by default in the concern...

Страница 197: ...1 0 seconds Example In global mode set MSTP forward delay time to 20 seconds Switch Config spanning tree forward time 20 7 3 9 spanning tree hello time Command spanning tree hello time time no spannin...

Страница 198: ...ime no spanning tree maxage Function Set the max aging time for BPDU The command no spanning tree maxage restores the default setting Parameter time is max aging time in seconds The valid range is fro...

Страница 199: ...s itself to run in STP mode The command is used to force the port to run in the MSTP mode But once the port receives STP messages it changes to work in the STP mode again This command can only be used...

Страница 200: ...em will generate the MST configuration identifier according to the MSTP configuration Only the switches with the same MST configuration identifier are considered as in the same MSTP region Example Ent...

Страница 201: ...y The valid range is from 0 to 240 The value should be the multiples of 16 such as 0 16 32 240 Command mode Interface Mode Default The default port priority is 128 Usage Guide By setting the port prio...

Страница 202: ...boundary port receives the BPDU the port becomes a non boundary port Example Set port 0 0 5 6 as boundary ports Switch Config interface Ethernet 0 0 5 6 Switch Config Port Range spanning tree portfas...

Страница 203: ...lush restores to default setting Parameter Enable the spanning tree flush once the topology changes Disable the spanning tree don t flush when the topology changes Protect the spanning tree flush ever...

Страница 204: ...network environment to do FLUSH with every topology change At the same time as a method to avoid network assault we allow the network administrator to configure FLUSH mode by the command Note For the...

Страница 205: ...s a tree topology in blue lines rooted with SwitchA The ports marked with x are in the discarding status and the other ports are in the forwarding status Configurations Steps Step 1 Configure port to...

Страница 206: ...B Config Port Range switchport mode trunk SwitchB Config Port Range exit SwitchB Config spanning tree SwitchC SwitchC Config vlan 20 SwitchC Config Vlan20 exit SwitchC Config vlan 30 SwitchC Config Vl...

Страница 207: ...e of the instance 0 of the entire network In the MSTP region which SwitchB SwitchC and SwitchD belong to SwitchB is the region root of the instance 0 SwitchC is the region root of the instance 3 and S...

Страница 208: ...the Instance 3 after the MSTP Calculation Fig 7 5 The Topology Of the Instance 4 after the MSTP Calculation SwitchB SwitchC SwitchD 2 3 5 4 2 3 6 7 5 4 6 7 x x x x SwitchB SwitchC SwitchD 2 3 5 4 2 3...

Страница 209: ...and IEEE 802 1x on the switch port If MAC binding or IEEE 802 1x is enabled on the port the MSTP can t apply to this port 7 5 1 Commands for Monitor And Debug 7 5 1 1 show spanning tree Command show...

Страница 210: ...hernet0 0 2 Total 2 PortName ID IntRPC State Role DsgBridge DsgPort Ethernet0 0 1 128 001 0 FWD MSTR 0 00030f010e30 128 001 Ethernet0 0 2 128 002 0 BLK ALTR 0 00030f010e30 128 002 Instance 4 Self Brid...

Страница 211: ...root of the entire network IntRPC Cost from the current port to the region root of the current instance State Port status of the current instance Role Port role of the current instance DsgBridge Upwar...

Страница 212: ...ion Switch Config spanning tree mst configuration Switch Config Mstp Region show mst pending Name switch Revision 0 Instance Vlans Mapped 00 1 29 31 39 41 4093 03 30 04 40 05 4094 Switch Config Mstp R...

Страница 213: ...ance and configure the VLAN Instance mapping or add VLAN table entry mapping to specified Instance Configure mapping between VLAN1 10 100 110 and Instance 1 Equivalent command 1 2 1 3 Set Instance nam...

Страница 214: ...et the priority for the current port on specified instance Set the priority for port 0 0 2 of instance1 to 32 7 6 2 3 Port route cost setting Click MSTP control to enter MSTP port operation then Port...

Страница 215: ...itch port configuration mode Enable MSTP under Global Mode and disable MSTP for port 0 0 2 7 6 3 MSTP global control 7 6 3 1 MSTP global protocol port configuration Click MSTP control to enter MSTP Gl...

Страница 216: ...Mode 7 6 3 5 Set the max hop count support for BPDU transmitting in MSTP field Click MSTP control MSTP Global control then set the BPDU Max Hop Time Config to support transmission in MSTP field Set th...

Страница 217: ...r Instance Information Display MSTP and instances information Display Instance0 MSTP information 7 6 4 2 MSTP field information Click MSTP control show MSTP setting enter MSTP Field Information Displa...

Страница 218: ...management according to the application requirement and network management policy 8 1 1 QoS Terms QoS Class of Service the classification information carried by Layer 2 802 1Q frames taking 3 bits of...

Страница 219: ...the adjustment and configuration for the current bandwidth resource Fully implemented QoS can achieve complete management over the network traffic The following is as accurate as possible a descriptio...

Страница 220: ...ssify traffic according to packet classification information and generate internal DSCP value based on the classification information For different packet types and switch configurations classificatio...

Страница 221: ...different policies that allocate bandwidth to classified traffic If the traffic exceeds the bandwidth set in the policy out of profile the out of profile traffic can be allowed discarded or remarked R...

Страница 222: ...ernal DSCP value to CoS value the queuing operation assigns packets to appropriate queues of priority according to the CoS value while the scheduling operation performs packet forwarding according to...

Страница 223: ...e enabled or disabled in Global Mode QoS must be enabled first in Global Mode to configure the other QoS commands 2 Configure class map Set up a classification rule according to ACL VLAN ID IP Precede...

Страница 224: ...ueue 6 Configure QoS mapping Configure the mapping from CoS to DSCP DSCP to CoS DSCP to DSCP mutation IP precedence to DSCP and policed DSCP 1 Enable QoS Command Explanation Global Mode mls qos no mls...

Страница 225: ...st kbyte exceed action drop policed dscp transmit Configure a policy to classify traffic data stream exceeding the limit will be dropped or degraded the no police rate kbps burst kbyte exceed action d...

Страница 226: ...Egress policy map is not supported yet mls qos dscp mutation dscp mutation name no mls qos dscp mutation dscp mutation name Apply DSCP mutation mapping to the port the no mls qos dscp mutation dscp m...

Страница 227: ...Command class class map name no class class map name Function Associates a class to a policy map and enters the policy class map mode the no class class map name command deletes the specified class Pa...

Страница 228: ...e number or name of the ACL ip dscp dscp list and ipv6 dscp dscp list match specified DSCP value the parameter is a list of DSCP consisting of maximum 8 DSCP values ip precedence ip precedence list ma...

Страница 229: ...map Mode Usage Guide Only the classified traffic which matches the matching standard will be assigned with the new values Example Set the IP Precedence of the packets matching the c1 class rule to 3 S...

Страница 230: ...ate policer name command deletes the specified policy set Parameters aggregate policer name is the name of the policy set rate kbps is the average baud rate in kb s of classified traffic range from 1...

Страница 231: ...incoming packets through the port will be set to this cos value This is irrelevant to the priority of the packet itself no modification is done to the packets Default No trust Command mode Interface M...

Страница 232: ...mls qos map cos dscp dscp cos dscp mutation dscp mutation name ip prec dscp policed dscp command restores the default mapping Parameters cos dscp dscp1 dscp8 defines the mapping from CoS value to DSC...

Страница 233: ...ng the CoS to DSCP mapping value to the default 0 8 16 24 32 40 48 56 to 0 1 2 3 4 5 6 7 Switch Config mls qos map cos dscp 0 1 2 3 4 5 6 7 8 3 11 police Command police rate kbps burst kbyte exceed ac...

Страница 234: ...ameters aggregate policer name is the policy set name Default No policy set is configured by default Command mode Policy class map configuration Mode Usage Guide The same policy set can be referred to...

Страница 235: ...p name no service policy input policy map name output policy map name Function Applies a policy map to the specified port the no service policy input policy map name output policy map name command del...

Страница 236: ...has the higher priority Example Setting the bandwidth weight proportion of the eight queue out to be 1 2 4 8 Switch Config Ethernet0 0 1 queue bandwidth 1 2 4 8 8 3 17 wrr queue cos map Command wrr q...

Страница 237: ...S value 0 to 7 correspond to queue out 1 2 3 4 respectively If the incoming packet has no CoS value it is default to 5 and will be put in queue 6 All passing packets would not have their DSCP values c...

Страница 238: ...th a burst value of 4 MB all packets exceed this bandwidth setting in that segment will be dropped Scenario 3 Fig 8 7 Typical QoS topology As shown in the figure inside the block is a QoS domain switc...

Страница 239: ...recedence pass through cos 8 5 QoS Troubleshooting QoS is disabled on switch ports by default 8 sending queues are set by default queue1 forwards normal packets other queues are used for some importan...

Страница 240: ...le for the class map 8 5 1 2 show policy map Command show policy map policy map name Function Displays policy map of QoS Parameters policy map name is the policy map name Default N A Command mode Admi...

Страница 241: ...istics Function Displays QoS configuration information on a port Parameters interface id is the port ID buffers is the queue buffer setting on the port policers is the policy setting on the port queui...

Страница 242: ...FQ Displayed information Explanation Cos queue map CoS value to queue mapping Queue and weight type Queue to weight mapping QType WFQ or PQ queue out method Switch show mls qos interface policers Ethe...

Страница 243: ...apping Default N A Command mode Admin Mode Example Switch show mls qos map Cos dscp map cos 0 1 2 3 4 5 6 7 dscp 0 8 16 24 32 40 48 56 IpPrecedence dscp map ipprec 0 1 2 3 4 5 6 7 dscp 0 8 16 24 32 40...

Страница 244: ...global configuration information for QoS Parameters N A Default N A Command mode Admin Mode Usage Guide This command indicates whether QoS is enabled or not Example Switch show mls qos Qos is enabled...

Страница 245: ...ndled by hardware not like router forwarding by CPU As a result forwarding efficiency can be greatly improved even to wire speed 9 1 Layer 3 Interface 9 1 1 Introduction to Layer 3 Interface Layer 3 i...

Страница 246: ...face VLANs should be configured first for details see the VLAN chapters When VLAN interface Layer 3 interface is created with this command the VLAN interface Layer 3 interface configuration mode will...

Страница 247: ...ge NAT technology has disrupted the end to end model which is the original intention of IP design by making it necessary for router devices that serve as network intermediate nodes to maintain every c...

Страница 248: ...need Foreign Agent Furthermore this kind of binding process enables Correspondent Node communicate with Mobile Node directly thereby avoids the extra system cost caused by triangle routing choice requ...

Страница 249: ...bnet mask dotted decimal format what secondary represents means the configured IP address is slave IP address Command Mode Interface Mode Default The system default is no IP address configuration Usag...

Страница 250: ...x announce parameters 8 Set static neighbor table entries 9 Clear neighbor table entries 3 IPv6 Tunnel configuration 1 Create Delete Tunnel 2 Configure Tunnel Source 3 Configure Tunnel Destination 4 C...

Страница 251: ...2 IPv6 Neighbor Discovery Configuration 1 Configure DAD Neighbor Query Message number Command Explanation Interface Configuration Mode no ipv6 nd dad attempts value Set the neighbor query message numb...

Страница 252: ...onfigure prefix announce parameters Command Explanation Interface Configuration Mode no ipv6 nd prefix ipv6 address prefix length valid lifetime preferred lifetime off link no autoconfig Configure the...

Страница 253: ...letes the IPv4 address of tunnel destination end 4 Configure Tunnel Next Hop Command Description Tunnel Configuration Mode no tunnel nexthop ipv4 daddress Configure tunnel next hop IPv4 address The NO...

Страница 254: ...lobal unicast address local site address and local link address for the interface Parameter Parameter ipv6 address is the prefix of IPv6 address parameter prefix length is the distance of the prefix o...

Страница 255: ...ddress of the next hop and the address of some interface of the switch must be in the same network segment Interface name can be specified directly for tunnel router Example Configure static router 1...

Страница 256: ...terface to send out Neighbor Request Message time interval to be 8 seconds Switch Config if Vlan1 ipv6 nd ns interval 8 9 2 2 4 6 ipv6 nd suppress ra Command no ipv6 nd suppress ra Function Prohibit r...

Страница 257: ...xceed 1 4 of the maximum time interval Example Set the minimum time interval of sending routing announcement is 10 seconds Switch Config if Vlan1 ipv6 nd min ra interval 10 9 2 2 4 9 ipv6 nd max ra in...

Страница 258: ...etime must be configured simultaneously Example Configure IPv6 announcement prefix as 2001 410 0 1 64 on Vlan1 the valid lifetime of this prefix is 8640 seconds and its preferred lifetime is 4320 seco...

Страница 259: ...ce type is Ethernet type interface number is Layer 2 interface name Command Mode Interface Configuration Mode Default Situation There is not static neighbor table entry Usage Guide IPv6 address and mu...

Страница 260: ...CMP Echoes to fe80 0000 0000 0000 0203 0fff fe01 2786 timeout is 2 seconds Success rate is 100 percent 1 1 round trip min avg max 1 1 1 ms Displayed information Explanation ping6 Execute ping6 functio...

Страница 261: ...uide This command is for ISATAP tunnel other tunnels won t check the configuration of nexthop Example Configure tunnel next hop 178 99 156 8 Switch Config if Tunnel1 tunnel nexthop 178 99 156 8 9 2 2...

Страница 262: ...isatap 9 2 2 4 20 clear ipv6 neighbor Command clear ipv6 neighbors Function Clear the neighbor cache of IPv6 Parameter None Command Mode Admin Mode Default None Usage Guide This command can not clear...

Страница 263: ...Ping each other among PCs Note First make sure PC A and Switch can access each other by ping and PC B and SwitchB can access each other by ping The configuration procedure is as follows SwitchA Config...

Страница 264: ...IPv6 address 2003 1 64 in vlan2 5 The IPv6 address of PC A is 2001 11 64 and the IPv6 address of PC B is 2003 33 64 6 Configure static routing 2003 33 64 on SwitchA and configure static routing 2001 1...

Страница 265: ...2001 33 64 2002 1 SwitchA ping6 2003 33 Configuration results SwitchA show run interface Vlan1 ipv6 address 2001 1 64 interface Vlan2 ipv6 address 2002 2 64 interface Loopback mtu 3924 ipv6 route 2003...

Страница 266: ...tchB and turn on RA function configure IPv4 address 203 203 203 1 on vlan3 5 Configure tunnel on SwitchA the source IPv4 address of the tunnel is 202 202 202 1 the tunnel routing is 0 6 Configure tunn...

Страница 267: ...nel1 tunnel source 203 203 203 1 SwitchB Config if Tunnel1 tunnel destination 202 202 202 1 SwitchB Config if Tunnel1 tunnel mode ipv6ip SwitchB config ipv6 route 0 tunnel1 9 2 4 IP Troubleshooting IP...

Страница 268: ...ask requests 0 mask replies 0 quench 0 parameter 0 timestamp 0 timestamp replies TCP statistics TcpActiveOpens 0 TcpAttemptFails 0 TcpCurrEstab 0 TcpEstabResets 0 TcpInErrs 0 TcpInSegs 0 TcpMaxConn 0...

Страница 269: ...amp 0 timestamp replies Statistics of total ICMP packets received and classified information Sent 0 total 0 errors 0 time exceeded 0 redirects 0 unreachable 0 echo 0 echo replies 0 mask requests 0 mas...

Страница 270: ...v6 PACKET rcvd Receive IPv6 data report Src fe80 203 fff fe01 2786 Source IPv6 address Dst fe80 1 Destination IPv6 address size 64 Size of data report proto 58 Protocol field in IPv6 header from Vlan1...

Страница 271: ...Destination IPv6 address 9 2 4 1 6 debug ipv6 tunnel packet Command no debug ipv6 tunnel packet Function tunnel data packets receive send debug message Parameter None Default None Command Mode Admin...

Страница 272: ...ST IPv6 is enabled Link local address es fe80 203 fff fe00 10 PERMANENT Global unicast address es 3001 1 subnet is 3001 1 64 PERMANENT Joined group address es ff02 1 ff02 16 ff02 2 ff02 5 ff02 6 ff02...

Страница 273: ...ISIS router kernel is kernel router statistics shows router number database is router database Default Situation None Command Mode Admin Mode Usage Guide show ipv6 route only shows IPv6 kernel routing...

Страница 274: ...table of which the destination network segment is 2002 64 via means passing fe80 250 baff fef2 a4f4 is the next hop Vlan1 is the exit interface name 1024 is router weight 9 2 4 1 9 show ipv6 neighbor...

Страница 275: ...an1 reachable IPv6 neighbour table 11 entries Displayed information Explanation IPv6 Address Neighbor IPv6 address Link layer Addr Neighbor MAC address Interface Exit interface name State Neighbor sta...

Страница 276: ...s Sent 110 generated 0 forwarded 0 dropped 0 no route IPv6 sent packets statistics 9 2 4 1 11 show ipv6 enable Command show ipv6 enable Function Display IPv6 transmission function on off status Parame...

Страница 277: ...tion of hardware and can achieve wire speed forwarding In addition flexible management is provided to adjust and monitor forwarding ES3628EA switch supports aggregation algorithm enabling disabling op...

Страница 278: ...of local switch CPU load is transferred to switches of the next hop Example Disabling optimized IP route aggregation algorithm Switch Config no ip fib optimize 9 4 ARP 9 4 1 Introduction to ARP ARP Ad...

Страница 279: ...mmand arp ip_address mac_address ethernet portName no arp ip_address Function Configures a static ARP entry the no arp ip_address command deletes a static ARP entry Parameters ip_address is the IP add...

Страница 280: ...whether the destination network is reachable before responding to the ARP request ARP request will only be responded if the destination is reachable Note the ARP request matching default route will no...

Страница 281: ...ARP entry dynamic for dynamic ARP entry count displays number of ARP entries Command mode Admin Mode Usage Guide Displays the content of current ARP table such as IP address MAC address hardware type...

Страница 282: ...282 Flag Describes whether ARP entry is dynamic or static...

Страница 283: ...er the server provides the network address and configuration parameters for the clients if DHCP server and clients are located in different subnets DHCP relay is required for DHCP packets to be transf...

Страница 284: ...bound IP address will be the same all the time 2 The lease period of IP address obtained dynamically is the same as the lease period of the address pool and is limited the lease of manually bound IP...

Страница 285: ...nts the no domain name command deletes the domain name netbios name server address1 address2 address8 no netbios name server Configures the address for WINS server netbios node type b node h node m no...

Страница 286: ...identifier no client identifier Specifies the unique ID of the user when binding address manually client name name no client name Configures a client name when binding address manually 3 Enable loggi...

Страница 287: ...pecified identifier DHCP server assigns the IP address defined in host command to the client Example Specifying the IP address 10 1 128 160 to be bound to user with the unique id of 00 10 5a 60 af 12...

Страница 288: ...way Parameters address1 address8 are IP addresses in decimal format Default No DNS server is configured for DHCP clients by default Command Mode DHCP Address Pool Mode Usage Guide Up to 8 DNS server a...

Страница 289: ...t Function Specifies the IP address to be assigned to the user when binding addresses manually the no host command deletes the IP address Parameters address is the IP address in decimal format mask is...

Страница 290: ...nment the no ip dhcp excluded address low address high address command cancels the setting Parameters low address is the starting IP address high address is the ending IP address Default Only individu...

Страница 291: ...168 1 101 45 10 2 2 13 lease Command lease infinite 0 365 0 23 0 59 no lease Function Sets the lease time for addresses in the address pool the no lease command restores the default setting Parameter...

Страница 292: ...nt to point node type number is the node type in Hex from 0 to FF Default No client node type is specified by default Command Mode DHCP Address Pool Mode Usage Guide If client node type is to be speci...

Страница 293: ...from the server on boot up This command is used together with bootfile Example Setting the hosting server address as 10 1 128 4 Switch dhcp 1 config next server 10 1 128 4 10 2 2 18 option Command op...

Страница 294: ...k configuration parameter for clients from multiple segments which is not only cost effective but also management effective DHCP Server DHCP Client DHCPDiscover Broadcast DHCPOFFER Unicast DHCPREQUEST...

Страница 295: ...ast packet Command Explanation Global Mode ip forward protocol udp port no ip forward protocol udp port The UDP port 67 is used for DHCP broadcast packet forwarding Interface Mode ip helper address ip...

Страница 296: ...ress for some reason before the lease period expires the DHCP server would not remove the binding information automatically The system administrator can use this command to delete that IP address clie...

Страница 297: ...dhcp server events linkage packets no debug ip dhcp server events linkage packets Function Enables DHCP server debug information the no debug ip dhcp server events linkage packets command disables th...

Страница 298: ...should be used for configuration 10 3 2 7 ip dhcp relay information policy drop Command ip dhcp relay information policy drop no ip dhcp relay information policy drop Function When layer 3 switches ar...

Страница 299: ...6 1 0 24 Switch dhcp A config lease 3 Switch dhcp A config default route 10 16 1 200 10 16 1 201 Switch dhcp A config dns server 10 16 1 202 Switch dhcp A config netbios name server 10 16 1 209 Switch...

Страница 300: ...h Config Erthernet0 0 2 switchport access vlan 2 Switch Config Erthernet0 0 2 exit Switch Config interface vlan 2 Switch Config if Vlan2 ip address 10 1 1 1 255 255 255 0 Switch Config if Vlan2 exit S...

Страница 301: ...rocedures can be followed when DHCP client hardware and cables have been verified ok Verify the DHCP server is running start the related DHCP server if not running If the DHCP clients and servers are...

Страница 302: ...ddress assigned to a DHCP client Hardware address MAC address of a DHCP client Lease expiration Valid time for the DHCP client to hold the IP address Type Type of assignment manual binding or dynamic...

Страница 303: ...ER 6 DHCPACK 6 DHCPNAK 0 DHCPRELAY 1907 DHCPFORWARD 0 Switch Displayed information Explanation Address pools Number of DHCP address pools configured Database agents Number of database agents Automatic...

Страница 304: ...figuration Click DHCP configuration DHCP server configuration The DHCP server configuration page is shown 10 6 1 1 Enable DHCP Click DHCP configuration DHCP server configuration Enable DHCP Users can...

Страница 305: ...est priority and Gateway 8 has the lowest priority For example Select DHCP pool name to 1 set Gateway 1 to 10 1 128 3 Gateway 2 to 10 1 128 100 and then click Apply The configuration is applied on the...

Страница 306: ...pool name to 1 set WINS server 1 to 10 1 128 30 and then click Apply The configuration is applied on the switch 10 6 1 6 DHCP file server address configuration Click DHCP configuration DHCP server con...

Страница 307: ...Apply The configuration is applied on the switch 10 6 1 8 Manual address pool configuration Click DHCP configuration DHCP server configuration Manual address pool configuration Users can configure DH...

Страница 308: ...iguration DHCP packet statistics Users can display DHCP packet statistics Users can configure DHCP relay 10 6 1 11 DHCP relay configuration Click DHCP configuration DHCP relay configuration DHCP relay...

Страница 309: ...deleted 10 6 2 2 Delete conflict log Click DHCP configuration DHCP debugging Delete conflict log Users can delete conflict log For example Delete all conflict address to Yes and then click Apply All...

Страница 310: ...310 10 6 2 5 Show conflict logging Click DHCP configuration DHCP debugging Show conflict logging Users can display conflict logging...

Страница 311: ...oute Simple Network Time Protocol SNTP is the simplified version of NTP removing the complex algorithm of NTP SNTP is used for hosts who do not require full NTP functions it is a subset of NTP It is c...

Страница 312: ...cal time and UTC time Parameter name is the name of local tomezone consist of max 16 characters hours is the time difference to UTC time range from 0 to 12 before utc means local time equals the UTC t...

Страница 313: ...onfigure an IPv4 address of a SNTP NTP server SNTPv4 version is adopted on the server Switch Config sntp server 10 1 1 1 version 4 2 Configure a SNTP NTP server IPv6 address Switch Config sntp server...

Страница 314: ...mode Admin Mode Example Displaying current SNTP configuration Switch show sntp SNTP server Version Last Receive 2 1 0 2 1 never 11 3 Typical SNTP Configuration Examples Fig 11 2 Typical SNTP Configura...

Страница 315: ...ers may then make configuration to switch s SNTP settings 11 4 1 SNMP NTP server configuration Click SNTP configuration SNTP NTP server configuration to configure SNTP NTP server address and server ve...

Страница 316: ...the UTC time z after utc means the configured time zone is the UTC time Example Configure time zone as Beijing select Add set the time difference as 8 and then click Apply to set the configuration in...

Страница 317: ...networks even though a host computer receives an ARP reply which is not requested by itself it will also insert an entry to its ARP cache table so it creates a possibility of ARP spoofing If the hacke...

Страница 318: ...tack other switches host computers or network equipment What the essential method on preventing attack and spoofing switches based on ARP in networks is to disable switch automatic update function the...

Страница 319: ...static ARP ND Command Explanation Admin Mode and Interface Mode ip arp security convert ipv6 nd security convert Change dynamic ARP ND to static ARP ND 4 Clear dynamic ARP ND Command Explanation Admi...

Страница 320: ...p security learnprotect Command ip arp security learnprotect no ip arp security learnprotect Function Forbid ARP automatic learning function of IPv4 Version the no ip arp security learning command re...

Страница 321: ...y convert Function Change all of dynamic nd to static nd Parameter None Command Mode Global Mode Interface Configuration Example Switch Config if Vlan1 ipv6 nd security convert Switch Config ipv6 nd s...

Страница 322: ...MAC address to C s IP so the switch changes IP address when it updates ARP list then data packet of 192 168 2 3 is transferred to 01 01 01 01 01 01 address A MAC address In further A transfers its rec...

Страница 323: ...ronment changing it enable to forbid ARP refresh once it learns ARP property it wont be refreshed by new ARP reply package and protect use data from sniffing Switch config Switch config ip arp securit...

Страница 324: ...layer3 switch Route can be grouped into direct route static route and dynamic route Direct route refer to the path directly connects to the layer3 switch and can be obtained with no calculation Stati...

Страница 325: ...al an address consists of 1 to 4 255 s When AND the destination address with network mask we can get the network address for the destination host or the network the layer3 switch resides For example t...

Страница 326: ...ess the router address publishing the routing messages The matching rules can be previously configured to be applied in the routing publishing receiving and distributing policies Five filters are prov...

Страница 327: ...out the switch Please refer to chapter ACL Configuration 3 Ip prefix list The ip prefix list acts similarly to acl while more flexible and more understandable The match object of ip prefix is the des...

Страница 328: ...the no route map map_name deny permit sequence_num command deletes the route map 2 Define the match clause in route map Command Explanation Route map configuration mode match as path list name no mat...

Страница 329: ...match metric metric val Match the routing metric value The no match metric metric val command deletes match condition match origin egp igp incomplete no match origin egp igp incomplete Match the route...

Страница 330: ...P atomic aggregate property The no set atomic aggregate command deletes the configuration set comm list community list name community list num delete no set comm list community list name community lis...

Страница 331: ...set metric metric_val metric_val Set routing metric value The no set metric metric_val metric_val command deletes the configuration set metric type type 1 type 2 no set metric type type 1 type 2 Set...

Страница 332: ...sequence_number deny permit any ip_addr mask_length ge min_prefix_len le max_prefix_len no ip prefix list list_name seq sequence_number deny permit any ip_addr mask_length ge min_prefix_len le max_pr...

Страница 333: ...otted decimal notation and the length of mask ge means greater than or equal to min_prefix_len is the minimum length of prefix to be matched ranging between 0 32 le means less than or equal to max_pre...

Страница 334: ...ermit 5 Switch config route map match as path 60 13 2 3 4 match community Command match community community list name community list num exact match no match community community list name community li...

Страница 335: ...ip ACL num prefix list list name no match ip address next hop ip ACL name ip ACL num prefix list list name Function Configure the routing prefix or next hop The no match ip address next hop ip ACL nam...

Страница 336: ...routing message The no match origin egp igp incomplete deletes the configuration Parameter egp means the route is learnt from the external gateway protocols IGP means the route is learnt from the int...

Страница 337: ...Guide This command matches according to the tag value in the OSPF route If the matching succeeded then the permit or deny action in the route map is performed Example Switch config terminal Switch con...

Страница 338: ...not be able to pass that route map Example Switch config terminal Switch config route map r1 permit 5 Switch config route map match as path 60 Switch config route map set weight 30 13 2 3 12 set aggr...

Страница 339: ...cified route other than the more specified routes included in it To use this command one match clause should at first be defined Example Switch config terminal Switch config route map r1 permit 5 Swit...

Страница 340: ...ributes from the prefix of this route additive means add following existing community attributes Command Mode route map mode Usage Guide To use this command one match clause should at first be defined...

Страница 341: ...mode Usage Guide The local priority attribute is the priority level of a route A route with a higher local priority level when compared with other route of the same destination will be more preferred...

Страница 342: ...hes the OSPS type 1 external route type 2 means matches the OSPS type 2 external route Command Mode route map mode Usage Guide To use this command one match clause should at first be defined Example S...

Страница 343: ...g domain of OSPF routing messages The no set tag tag_val command deletes this configuration Parameter tag val is the tag value ranging between 0 4294967295 Command Mode route map mode Usage Guide Ther...

Страница 344: ...iority is more preferred To use this command one match clause should at first be defined Example Switch config terminal Switch config route map r1 permit 5 Switch config route map set weight 60 13 2 4...

Страница 345: ...5 Troubleshooting Faq The routing protocol could not achieve the routing messages study under normal protocol running state Troubleshooting check following errors Each node of route map should at lea...

Страница 346: ...and the length of mask first match stands for the first route table matched with specified ip address longer means longer prefix is required seq means show by sequence number sequence number is the se...

Страница 347: ...ces 5 10 Displayed information Explanation ip prefix list mylist Show the prefix list named mylist count 2 range entries 0 sequences 5 10 count 2 means two prefix list entries sequences 5 10 shows the...

Страница 348: ...route is mainly used in the following two conditions 1 in stable networks to reduce load of route selection and routing data streams For example static route can be used in route to STUB network 2 For...

Страница 349: ...deletes a static route entry 2 VPN configuration Command Explanation Global mode ip route vrf name ip prefix mask ip prefix prefix length gateway address gateway interface distance no ip route vrf na...

Страница 350: ...xit interface are available The default distance values of each route type in the layer 3 switch of our company are listed below Route Type Distance Value Direct Route 0 Static Route 1 OSPF 110 RIP 12...

Страница 351: ...t route namely the segment directly connected with the layer 3 switch S static Static route the route manually configured by users R RIP derived RIP route acquired by layer 3 switch through the RIP pr...

Страница 352: ...nction Show the routing table Parameter name is the name of VPN route forwarding instances destination is the destination network address destination length is the prefix length plus destination netwo...

Страница 353: ...nd PC is 255 255 255 0 PC A and PC C are connected via the static route set in SwitchA and SwitchC PC3 and PC B are connected via the static route set in SwitchC to SwitchB PC B and PC C is connected...

Страница 354: ...l send this information to its own neighbor layer3 switches As a result the route selection table is built on second hand information route beyond 15 hops will be deemed as unreachable RIP protocol is...

Страница 355: ...RIP I the RIP I packets should be discarded if such fields are non zero RIP II is a more improved version than RIP I RIP II sends route update packets by multicast packets multicast address is 224 0 0...

Страница 356: ...id timer interval it considers the route from that neighbor invalid after holding the route fro a certain interval holddown timer interval it will delete that route 13 4 2 RIP Configuration Task List...

Страница 357: ...ion mode network A B C D M ifname no network A B C D M ifname Enables the segment running RIP protocol the no network A B C D M ifname command deletes the segment 2 Configure RIP protocol parameters 1...

Страница 358: ...e authentication mode and password Command Explanation Interface configuration mode ip rip authentication mode text md5 no ip rip authentication mode text md5 Sets the authentication method the no ip...

Страница 359: ...e route metric value when the port sends or receives RIP data packet the no offset list access list number access list name in out number ifname command removes the deviation table 4 configure and app...

Страница 360: ...nd cancels the limit timers basic update invalid garbage no timers basic Adjust the update timeout and garbage collection time the no timers basic command restore the default configuration recv buffer...

Страница 361: ...IP packets on the interface the no ip rip send packet command disables sending RIP packets on the interface 4 Delete the specified route in RIP route table Command Explanation Admin Mode clear ip rip...

Страница 362: ...ss day month year hh mm ss specify the concrete valid time of accept lifetime in hours minutes and second day specifies the date of valid ranging between 1 31 month specifies the month of valid shown...

Страница 363: ...Clear specific route in the RIP route table Parameter Clear the routes which match the destination address from the RIP route table A B C D M specifies the IP address prefix and its length of the dest...

Страница 364: ...01 01 01 43 IMI SEND Vlan1 Send to 224 0 0 9 520 1970 01 01 01 01 47 IMI RECV Vlan1 Receive from 20 1 1 2 520 13 4 3 5 default information originate Command default information originate no default in...

Страница 365: ...cess list name access list number specifies the access list number or name applied Default The default managing distance of RIP is 120 Command Mode Router mode and address family mode Usage Guide In c...

Страница 366: ...er 13 4 3 10 ip rip authentication key Command ip rip authentication key name of chain no ip rip authentication key Function Use this command to enable RIPV2 authentication on an interface and further...

Страница 367: ...nfig interface vlan 1 Switch Config if Vlan1 ip rip authentication mode md5 13 4 3 12 ip rip authentication string Command ip rip authentication string text no ip rip authentication string Function Se...

Страница 368: ...inal Switch config interface vlan 1 Switch Config if Vlan1 ip rip authentication cisco compatible 13 4 3 14 ip rip receive packet Command ip rip receive packet no ip rip receive packet Function Set th...

Страница 369: ...he version information of the RIP packets the interface receives The default version is 2 the no ip rip send version command restores the value set by using the version command Parameter 1 and 2 respe...

Страница 370: ...tch config terminal Switch config key chain mychain Switch config keychain key 1 Switch config keychain key 13 4 3 20 key chain Command key chain name of chain no key chain name of chain Function This...

Страница 371: ...t 75 Command Mode router mode Usage Guide The maximum RIP routes only limits the number of routes learnt through RIP but not includes direct route or the RIP static route configured by the route comma...

Страница 372: ...ll not be able to send or receive data packets Example Switch config terminal Switch config router rip Switch config router network 10 0 0 0 8 Switch config router network vlan 1 13 4 3 25 offset list...

Страница 373: ...o recv buffer size Function This command configures the size of UDP receiving buffer zone of RIP the no recv buffer size command restores the system default Parameter size is the buffer zone size in b...

Страница 374: ...no route A B C D M command deletes this route Parameter Specifies this destination IP address prefix and its length Command Mode Router mode Usage Guide The command add a static RIP route and is mainl...

Страница 375: ...such as Jan year Specifies the year of valid start ranging between 1993 2035 end time hh mm ss month day year hh mm ss day month year end time Specifies the due of the time period of which the form s...

Страница 376: ...roadcasting RIPng update packets every 30 seconds and the route is considered invalid after 180 seconds but still exists for another 120 seconds before it is deleted from the routing table Example Set...

Страница 377: ...A Configure the IP address of interface vlan 1 SwitchA config SwitchA config interface vlan 1 SwitchA Config if Vlan1 ip address 10 1 1 1 255 255 255 0 SwitchA config if Vlan1 Configure the IP address...

Страница 378: ...otocol and configure the RIP segments SwitchB config router rip SwitchB config router network vlan 1 SwitchB config router exit c Layer 3 SwitchC SwitchC config SwitchC config interface vlan 1 Configu...

Страница 379: ...if Vlan1 ip vrf forwarding vpnb SwitchA config if Vlan1 ip address 10 1 1 1 255 255 255 0 SwitchA config if Vlan1 exit SwitchA config in vlan2 SwitchA config if Vlan2 ip vrf forwarding vpnc SwitchA co...

Страница 380: ...following First ensure the physic connection is correct Second ensure the interface and chain protocol are UP use show interface command Then initiate the RIP protocol use router rip command and confi...

Страница 381: ...ent debugging is on RIP packet detail debugging is on RIP NSM debugging is on 13 4 5 1 2 show ip protocols rip Command show ip protocols rip Function Show the RIP process parameter and statistics info...

Страница 382: ...t redistribution metric is 1 Redistributing static Redistributing the static route into the RIP route Default version control send version 2 receive version 2 Interface Send Recv Key chain Ethernet0 0...

Страница 383: ...Switch show ip rip database Codes R RIP K Kernel C Connected S Static O OSPF I IS IS B BGP Network Next Hop Metric From If Time R 10 1 1 0 24 1 Vlan1 R 20 1 1 0 24 1 Vlan2 Command show ip rip 13 4 5...

Страница 384: ...vrf IPI Vlan1 Ethernet0 0 1 is up line protocol is up Routing Protocol RIP VPN Routing Forwarding vpnb Receive RIP packets Send RIP packets Passive interface Disabled Split horizon Enabled with Poison...

Страница 385: ...s IPI Vlan1 Name Default RD Interfaces IPI Vlan1 13 5 RIPng 13 5 1 Introduction to RIPng RIP is first introduced in ARPANET this is a protocol dedicated to small simple networks RIPng is a distance ve...

Страница 386: ...essively This greatly affects the route selection and route aggregation time To avoid infinite count RIPng provides mechanism such as split horizon and triggered update to solve route loop Split horiz...

Страница 387: ...hanism for outdated route that is if a switch does not receive regular update packets from a neighbor within a certain interval invalid timer interval it considers the route from that neighbor invalid...

Страница 388: ...Png protocol 2 Configure RIPng protocol parameters 1 Configure RIPng sending mechanism 1 configure the RIPng data packets point transmitting Command Explanation Router configuration mode no neighbor I...

Страница 389: ...command cancels the feature 2 Configure the route offset Command Explanation Router configuration mode no offset list access list number access list name in out number ifname Configure that provide a...

Страница 390: ...ion mode timers basic update invalid garbage no timers basic Adjust the renew timeout and garbage recycle RIPng timer the no timers basic command restore the default configuration 4 Delete the specifi...

Страница 391: ...rip delete RIPng route from the RIPng route table only ospf delete IPv6 OSPF route from the RIPng route table only bgp delete IPv6 BGP route from the RIPng route table only ISIS delete ivp6 isis rout...

Страница 392: ...c value of the routes from other routing protocols when distributed into the RIPng routes as 3 Switch Config router default metric 3 13 5 3 5 ipv6 rip split horizon Command ipv6 rip split horizon pois...

Страница 393: ...ter rip no ipv6 router rip Function Enable RIPng on the interface The no ipv6 router rip command disables RIPng on the interface Default Not configured Command Mode Interface Mode Usage Guide The comm...

Страница 394: ...erface Default The default offset value is the metric value of the interface defined by the system Command Mode Router mode Example Switch config terminal Switch config router ipv6 rip Switch config r...

Страница 395: ...route ipv6 address Function This command configures a static RIP route The no route ipv6 address command deletes this route Parameter Specifies this destination IPv6 address prefix and its length show...

Страница 396: ...1 64 exchange update information with SwitchB VLAN1 2001 1 1 2 64 only update information is not exchanged between SwitchA and SwitchC VLAN1 2001 1 1 2 64 The configuration for SwitchA SwitchB and Swi...

Страница 397: ...1 2 64 SwitchB config if IPv6 router rip SwitchB config if exit Enable RIPng protocol SwitchC config router IPv6 rip SwitchC config router rip exit Configure the IPv6 address and interfaces of Etherne...

Страница 398: ...detail all Function For opening various debugging switches of RIPng showing various debugging messages The no debug ipv6 rip events nsm packet recv send detail all command close the corresponding deb...

Страница 399: ...RIPng is not enabled on this interface Vlan1 is up line protocol is up Routing Protocol RIPng Passive interface Disabled Split horizon Enabled with Poisoned Reversed IPv6 interface address 3000 1 1 1...

Страница 400: ...er 180 seconds garbage collect after 120 seconds The route timeout time is 180 seconds the garbage collect time is 120 seconds Outgoing update filter list for all interface is not set Outgoing update...

Страница 401: ...es related to RIPng database Command Mode Any mode Example Switch show ipv6 rip database 13 5 5 1 7 show ipv6 rip interface Command show ipv6 rip interface ifname Function Show RIPng interface related...

Страница 402: ...witch copy the LSA to their routing table and transfer the information to the rest part of the network This process is referred to as flooding In this way firsthand information is sent throughout the...

Страница 403: ...and interface based packet verification OSPF supports sending packets in multicast Each OSPF layer3 switch maintains a database describing the topology of the whole autonomous system Each layer3 swit...

Страница 404: ...SPF area of multi access network and is sent to all other neighboring layer3 switches in this area In order to reduce traffic on layer3 switches in the multi access network designated layer3 switch an...

Страница 405: ...ch is different OSPF protocol is developed by the IETF the OSPF v2 widely used now is fulfilled according to the content described in RFC2328 13 6 2 OSPF Configuration Task List The OSPF configuration...

Страница 406: ...can use the default settings If OSPF protocol parameters need to be modified please refer to 2 Configure OSPF protocol parameters Command Explanation Global mode no router ospf process id Enables OSP...

Страница 407: ...cost cost no ip ospf cost Sets the cost for running OSPF on the interface the no ip ospf cost command restores the default setting 4 Configure OSPF package sending timer parameter timer of broadcast...

Страница 408: ...tic routings as external routing messages the no redistribute bgp connected static rip kernel command cancels the distributed external messages 3 Configure other OSPF protocol parameters 1 configure h...

Страница 409: ...lt information originate no redistribution no summary translator role range range shortcut disable enable stub no summary virtual link neighbor command restores the default settings 4 Configure the pr...

Страница 410: ...cost Function Configure the cost of sending to the default summary route in stub or NSSA area the no area id default cost command restores the default value Parameter id is the area number which coul...

Страница 411: ...ed translator Type 7 LSA can be translated to Type 5 LSA the default is candidate never means the router will never translate Type 7 LSA to Type 5 LSA always means the route always translate Type 7 LS...

Страница 412: ...usly a summary route can be advertised by configuring this command on ABR This route consists of all single networks belong to specific range Example Switch config terminal Switch config router ospf 1...

Страница 413: ...for the routers in the stub area stub and default cost All routers connected to the stub area should be configured with area stub command As for area border routers connected to the stub area their in...

Страница 414: ...all non backbone areas will be connected to a backbone area If the connection to the backbone area is lost virtual link will repair this connection You can configure virtual link between any two back...

Страница 415: ...mple Switch config terminal Switch config router ospf 100 Switch config router no capability opaque 13 6 3 11 compatible rfc1583 Command no compatible rfc1583 Function This command configures to rfc15...

Страница 416: ...ance Manage distance value ranging between 1 255 Default Default distance value is 110 Command Mode OSPF protocol mode Usage Guide Manage distance shows the reliability of the routing message source T...

Страница 417: ...tain area The no host host address area area id cost cost command cancels this configuration Parameter host address is host IP address show in dotted decimal notation area id area ID shown in dotted d...

Страница 418: ...LINE no ip ospf ip address authentication Function Specify the authentication key required in sending and receiving OSPF packet on the interface the no ip ospf ip address authentication cancels the au...

Страница 419: ...terval time no ip ospf ip address dead interval Function Specify the dead interval for neighboring layer 3 switch the no ip ospf ip address dead interval command restores the default value Parameter i...

Страница 420: ...rameter ip address is the interface IP address shown in dotted decimal notation time is the interval sending HELLO packet shown in seconds and ranging between 1 65535 Default The hello interval on the...

Страница 421: ...ted The last configuration of this command will overwrite the previous one to prevent the system from communicating with the former key id Example Switch config terminal Switch config interface vlan 1...

Страница 422: ...roadcast non broadcast Set the OSPF network type to NBMA point to point Set the OSPF network type to point to point point to multipoint Set the OSPF network type to point to multipoint Default The def...

Страница 423: ...ransmit interval command restores the default value Parameter ip address is the interface IP address show in dotted decimal notation time is the retransmit interval of link state announcements between...

Страница 424: ...of dd in the OSPF process the no max concurrent dd command restores the default Parameter value ranges between 1 65535 which is the capacity of processing the concurrent dd data packet Default Not set...

Страница 425: ...h the network address The no network NETWORKADDRESS area area id command removes the configuration and stop OSPF on corresponding interface Parameter NETWORKADDRESS A B C D M A B C D X Y Z W Shown wit...

Страница 426: ...d cancels the ID number Parameter address IPv4 address format of router id Default No default configuration Command Mode OSPF protocol mode Usage Guide The new router id takes effect immediately Examp...

Страница 427: ...overflow database external 5 3 13 6 3 37 passive interface Command no passive interface ifname Function Configure that the hello group not sent on specific interfaces The no passive interface ifname c...

Страница 428: ...onfiguration succeeded The no router ospf process_id vrf name command deletes the VPN routing forwarding instance related OSPF instances Parameter process_id specifies the id of the OSPF process to be...

Страница 429: ...1 default metric Command default metric value no default metric Function The command set the default metric value of OSPF routing protocol the no default metric returns to the default state Parameter...

Страница 430: ...timers spf spf delay spf holdtime no timers spf Function Adjust the value of the route calculating timer The no timers spf command restores relevant values to default Parameter spf delay 5 seconds by...

Страница 431: ...if vlan2 ip address 100 1 1 1 255 255 255 0 SwitchA config if vlan2 exit Enable OSPF protocol configure the area number for interface vlan1 and vlan2 SwitchA config router ospf SwitchA config router n...

Страница 432: ...wn SwitchC config if vlan3 exit Enable OSPF protocol configure the OSPF area interfaces vlan3 resides in Initiate the OSPF protocol configure the OSPF area to which interface vlan3 belongs SwitchC con...

Страница 433: ...config router network 30 1 1 0 24 area 0 SwitchE config router network 100 1 1 0 24 area 0 SwitchE config router exit SwitchE config exit Scenario 2 Typical OSPF protocol complex topology Fig 13 7 Typ...

Страница 434: ...formation from the other edge layer3 switches Virtual link can not only maintain the connectivity of the backbone area but also strengthen the backbone area For example if the connection between backb...

Страница 435: ...authentication key DCS SwitchA config If Vlan2 exit Configure IP address and area number for interface vlan1 SwitchA config interface vlan 1 SwitchA config If Vlan1 ip address 20 1 1 1 255 255 255 0 S...

Страница 436: ...rea number for interface vlan2 SwitchC config router ospf SwitchC config router network 10 1 1 0 24 area 1 SwitchC config router exit Configure simple key authentication SwitchC config interface vlan...

Страница 437: ...chD config router network 10 1 1 0 24 area 1 SwitchD config router exit Configure simple key authentication SwitchD config interface vlan 2 SwitchD config If Vlan2 ip ospf authentication SwitchD confi...

Страница 438: ...xit SwitchA config SwitchA config ip vrf vpnc SwitchA config vrf SwitchA config vrf exit Associate the vlan 1 and vlan 2 respectively with vpnb and vpnc while configuring IP address SwitchA config in...

Страница 439: ...hernet E 0 0 2 SwitchC config SwitchC config interface Vlan1 SwitchC config if vlan1 ip address 20 1 1 2 255 255 255 0 SwitchC config if vlan1 exit Initiate OSPF protocol and configuring OSPF segments...

Страница 440: ...nk Function Open debugging switches showing various OSPF events messages the no debug ospf events abr asbr lsa nssa os router vlink command closes the debugging switch Default Closed Command Mode Admi...

Страница 441: ...cket Command no debug ospf packet dd detail hello ls ack ls request ls update recv detail Function Open debugging switches showing OSPF packet messages the no debug ospf packet dd detail hello ls ack...

Страница 442: ...er of areas attached to this router 1 Area 0 BACKBONE Inactive Number of interfaces in this area is 0 0 Number of fully adjacent neighbors in this area is 0 Area has message digest authentication SPF...

Страница 443: ...ase Command show ip ospf process id database linkstate_id asbr summary self originate adv router advertiser_router linkstate_id externel self originate adv router advertiser_router linkstate_id networ...

Страница 444: ...6 1 1 0 24 22 1 1 0 192 168 1 2 308 0x8000000c 0xc8f0 22 1 1 0 24 ASBR Summary Link States Area 0 0 0 2 Link ID ADV Router Age Seq CkSum 192 168 1 1 192 168 1 2 1702 0x8000002a 0x89c7 AS External Link...

Страница 445: ...es of all neighbors detail Display detailed messages of all neighbors ifaddress Interface IP address Default Not displayed Command Mode All modes Usage Guide OSPF neighbor state can be checked by view...

Страница 446: ...Vlan4 Area 0 0 0 3 E1 100 1 0 0 16 21 via 10 1 1 1 Vlan1 E1 100 2 0 0 16 21 via 10 1 1 1 Vlan1 13 6 5 1 14 show ip ospf virtual links Command show ip ospf process id virtual links Function Display the...

Страница 447: ...all interfaces is Redistributing Routing for Networks 10 1 1 0 24 12 1 1 0 24 Routing Information Sources Gateway Distance Last Update Distance default is 110 Address Mask Distance List Routing Protoc...

Страница 448: ...py the LSA to their routing table and transfer the information to the rest part of the network This process is referred to as flooding In this way firsthand information is sent throughout the network...

Страница 449: ...rotocols and interface based packet verification OSPFv3 supports sending packets in multicast Each OSPFV3 layer3 switch maintains a database describing the topology of the whole autonomous system Each...

Страница 450: ...ea To reduce data traffic among each Layer 3 switches in the multi access network designated layer3 switch and backup designated layer3 switch should be selected in the multi access network and the ne...

Страница 451: ...s system can be recorded As a result the route table of each layer3 switch is different OSPFv3 protocol is developed by the IETF the OSPF v3 used now is fulfilled according to the content described in...

Страница 452: ...ch of ES3628EA switch normally only enabling OSPFv3 implement OSPFv3 interface the default value is defined to OSPFv3 protocol parameters Refer to 2 Configure OSPF auxiliary parameters if the OSPFv3 p...

Страница 453: ...default setting 3 Configure OSPFv3 package sending timer parameter timer of broadcast interface sending HELLO package to poll timer of neighboring layer3 switch invalid timeout timer of LSA transmiss...

Страница 454: ...nected static rip isis bgp metric value metric type 1 2 route map word command cancels imported external routing message 3 Configure Other Parameters of OSPFv3 Protocol 1 Configure OSPFv3 STUB Area De...

Страница 455: ...the default value Parameter id is the area number which could be shown as digits 0 4294967295 or as an IP address cost ranges between 0 16777215 Default Default OSPFv3 cost is 1 Command Mode OSPFv3 p...

Страница 456: ...cels this function Parameter id is the area number which could be digits ranging between 0 4294967295 and also as an IPv4 address no summary The area border routes stop sending link summary announceme...

Страница 457: ...before a router sending a group messages 1 second by default Default No default configuration Command Mode OSPFv3 protocol mode Usage Guide In the OSPF all non backbone areas will be connected to a ba...

Страница 458: ...hrough If the metric value can not be translated the default value provides alternative option to carry the route introducing on This command will result in that all introduced route will use the same...

Страница 459: ...neighboring layer 3 switch according to the actual link state The set dead interval value is written into the Hello packet and transmitted To ensure the normal operation of the OSPF protocol the dead...

Страница 460: ...the hello interval parameter between the layer 3 switches adjacent to the interface must be in accordance The command can configure on IPv6 tunnel interface but it is successful configuration to only...

Страница 461: ...g between 1 65535 Default Default retransmit interval is 5 seconds Command Mode Interface Mode Usage Guide When a layer 3 switch transmits LSA to its neighbor it will maintain the link state announcem...

Страница 462: ...id tag tag instance id instance id tag tag area area id instance id instance id command cancels this configuration Parameter area id is an area ID which could be shown in digits ranging between 0 4294...

Страница 463: ...p not sent on specific interfaces The no passive interface ifname command cancels this function Parameter ifname is the specific name of interface Default Not configured Command Mode OSPFv3 protocol m...

Страница 464: ...ommand Mode OSPFv3 protocol mode Example Switch config terminal Switch config router ipv6 ospf Switch config router router id 192 168 2 1 13 7 3 19 router ipv6 ospf Command no router ipv6 ospf tag Fun...

Страница 465: ...switch for example where layer3 SwitchA and Switch Emake up OSPF area 0 layer3 SwitchB and SwitchC form OSPF area 1 assume vlan1 interface of layer3 SwitchA belongs to area 0 layer3 SwitchD forms OSPF...

Страница 466: ...router router id 192 168 2 2 Configure interface vlan1 address vlan2 IPv6 address and affiliated OSPFv3 area SwitchB config SwitchB config interface vlan 1 SwitchB config if vlan1 IPv6 address 2010 1...

Страница 467: ...nfig interface vlan 2 SwitchE config if vlan2 IPv6 address 2100 1 1 2 64 SwitchE config if vlan2 IPv6 router ospf area 0 SwitchE config if vlan2 exit Configure interface vlan3 IPv6 address and affilia...

Страница 468: ...technical service center 13 7 5 1 Monitor And Debug Command 13 7 5 1 1 debug ipv6 ospf ifsm Command no debug ipv6 ospf ifsm status events timers Function Open debugging switches showing the OSPF inter...

Страница 469: ...spf packet dd detail hello ls ack ls request ls update recv detail Function Open debugging switches showing OSPF packet messages the no debug ipv6 ospf packet dd detail hello ls ack ls request ls upda...

Страница 470: ...Function Display the OSPF link state data base message Parameter tag is the process tag which is a character string advertiser_router is the ID of Advertising router shown in IPv4 address format Defau...

Страница 471: ...SA Interface Vlan1 Link LSA messages of interface Vlan1 Router LSA Area 0 0 0 0 Router LSA messages in Area 0 Network LSA Area 0 0 0 0 Network LSA in Area 0 Intra Area Prefix LSA Area 0 0 0 0 Intra do...

Страница 472: ...llo 10 Dead 40 Wait 40 Retransmit 5 Hello due in 00 00 10 Neighbor Count is 1 Adjacent neighbor count is 1 Displayed information Explanations Vlan1 is up line protocol is up Let the interface up both...

Страница 473: ...he neighbor ID shown in IPv4 address format detail Show neighbor details ifname name of the interface Default Not displayed Command Mode All modes Usage Guide OSPF neighbor state can be checked by vie...

Страница 474: ...sages of OSPF topology Parameter tag is the processes tag which is a character string area id is an area ID which could be shown in digits ranging between 0 4294967295 or an IPv4 address Default Not d...

Страница 475: ...Ps Interior Gateway Protocol in order to exchange routing information in the AS such as RIP and OSPF which are IGPs and exchange information among ASes with EGP Exterior Gateway Protocol For example B...

Страница 476: ...olicies which make BGP 4 more extendable to encourage the internet development 2 The Overview of BGP 4 operation Unlike RIP and OSPF protocols BGP protocol is connection oriented BGP switches must est...

Страница 477: ...it s called IBGP When in the different AS it s called EBGP Generally the outer neighbors are connected physically and the inner neighbors can be in any place of the AS The difference is finally shown...

Страница 478: ...tination BGP need select the best route to the destination The decision making process is as the following 1 Select the route with the most weight first 2 If the weights are the same select the route...

Страница 479: ...ups Parameters 8 Adjust BGP Timers 9 Adjust BGP Announcement Interval 10 Configure the default Local Priority 11 Allow to Transfer Default Route 12 Configure BGP s MED Value 13 Configure BGP Routing R...

Страница 480: ...nfiguration Command Explanation Admin Mode clear ip bgp as id external peer group NAME ip address soft out Configure outbound soft reconfiguration 3 Configure inbound soft reconfiguration Command Expl...

Страница 481: ...command cancels routing filter 6 Configure Next Hop 1 Set Next Hop as the switch s address Command Explanation BGP configuration mode neighbor ip address TAG next hop self no neighbor ip address TAG...

Страница 482: ...onfigure the BGP Version Command Explanation BGP configuration mode neighbor ip address TAG version value no neighbor ip address TAG version Set the version used by BGP neighbors the no neighbor ip ad...

Страница 483: ...ress TAG send community command enables the route without community attributes 4 Configure BGP Confederation Command Explanation BGP configuration mode bgp confederation identifier as id no bgp confed...

Страница 484: ...ter id command cancels the cluster id configuration 3 If the route reflector from clients to clients is needed the following commands can be used Command Explanation BGP configuration mode bgp client...

Страница 485: ...on neighbor ip address TAG default originate route map NAME no neighbor ip address TAG default originate route map NAME Permit to send the default route 0 0 0 0 the no neighbor ip address TAG default...

Страница 486: ...ring neighbor ip address TAG route reflector client no neighbor ip address TAG route reflector client Configure the current switch as route reflector and specify a client the no neighbor ip address TA...

Страница 487: ...ime no timers bgp Configure the BGP timers of all the neighbors the no timers bgp command recovers the default value 2 Configure the timer value of a particular neighbor Command Explanation BGP config...

Страница 488: ...no neighbor ip address TAG default originate command cancels sending default route 12 Configure BGP s MED Value 1 Configure MED value Command Explanation Route map configuration command set metric me...

Страница 489: ...c rip ospf command cancels the redistribution 14 Configure Route Dampening Command Explanation BGP configuration mode bgp dampening 1 45 1 20000 1 20000 1 255 1 45 no bgp dampening 1 45 1 20000 1 2000...

Страница 490: ...de route update dynamic capability outgoing route filtering capability and the address family s capability of supporting the negotiation Use these command to enable these capabilities its format no cl...

Страница 491: ...ddress family mode Parameter AFI address family such as IPv4 IPv6 VPNv4 etc SAFI sub address family such as unicast multicast Default None Command Mode BGP routing mode Usage Guide Since the BGP 4 sup...

Страница 492: ...ne Command Mode BGP mode Usage Guide To support VPN VRF has to be enabled on the border routers to realize VPN create neighbors for BGP with the VRF address family on the private network and with VPNv...

Страница 493: ...ck command cancels this configuration namely not check the next hop accordance of aggregate route Parameter None Default No nexthop checked during aggregating Command Mode Global mode Usage Guide When...

Страница 494: ...onfig router bgp 200 Switch config router bgp bestpath as path ignore 13 8 3 8 bgp bestpath compare confed aspath Command bgp bestpath compare confed aspath no bgp bestpath compare confed aspath Funct...

Страница 495: ...is configuration Parameter confed Compare MED in the confederation path missing is worst Consider as max MED value when missing Default Not configured Command Mode BGP route mode Usage Guide Choose wh...

Страница 496: ...r more reflector identification Example Switch config router bgp cluster id 1 1 1 1 13 8 3 13 bgp confederation identifier Command bgp confederation identifier as id no bgp confederation identifier as...

Страница 497: ...ide Abundant route update due to unstable route could be reduced with route dampening technology of which the algorithm is lay penalty on the route when the route fluctuates and when penalty exceeds t...

Страница 498: ...n other main attributes equal to compare with other AS After the best one is elected select the path among AS with no regard to MED value Example Switch config router bgp deterministic med 13 8 3 18 b...

Страница 499: ...plays as PE whether the route bgp acquired from VPN is saved in BGP depends on if the VRF configured in this PE has got matched information With the no bgp inbound route filter command the BGP will s...

Страница 500: ...k import check command sets to not checking the IGP accessibility Parameter None Default Not configured Command Mode BGP route mode Usage Guide Checking the IGP accessibility of the route advertised b...

Страница 501: ...ually The no bgp router id IP ADDRESS cancels this configuration Parameter ip address Router ID Default Automatically acquire router ID Command Mode BGP route mode Usage Guide Manually set the router...

Страница 502: ...configuration if it is already set Example Switch clear ip bgp soft in When soft reconfiguration is set use this commands for soft reconfiguration Switch clear ip bgp Will clear up all established con...

Страница 503: ...rameter 1 255 Manage distance ip address M Routing prefix WORD Access list name Default Not set Command Mode BGP route mode Usage Guide Set the manage distance for specified BGP route as the path sele...

Страница 504: ...is the route map name used Command Mode vrf mode Usage Guide Use the route map command route map NAME permit deny 1 65535 to create the route map and establish the regulations Using this command will...

Страница 505: ...for pass filter Example Switch config ip as path access list ASPF deny 100 13 8 3 36 ip community list Command ip community list LISTNAME 1 199 expanded WORD standard WORD deny permit COMMUNITY no ip...

Страница 506: ...ommand we can configure the community list so to supply terms for the pass filter search Example Switch config ip extcommunity list LN permit 100 10 13 8 3 38 neighbor activate Command neighbor ip add...

Страница 507: ...ly mode Usage Guide Reduce this value will improve the route updating speed while also consumes more bandwidth Example Switch config router neighbor 10 1 1 64 advertisement interval 20 Switch config r...

Страница 508: ...and address family mode Usage Guide With this configuration specified route attributes will not change when transmitted to the specified neighbor The BGP route mode is the IPv4 unicast configuration...

Страница 509: ...af exit address family The route is successfully transmitted to CE2 after refresh on CE2 shown Switch show ip bgp BGP table version is 5 local router ID is 100 1 1 70 Status codes s suppressed d dampe...

Страница 510: ...Command neighbor ip address TAG capability orf prefix list both send receive no neighbor ip address TAG capability orf prefix list both send receive Function Configure the out route filter capability...

Страница 511: ...g router neighbor 10 1 1 64 collide established 13 8 3 46 neighbor default originate Command neighbor ip address TAG default originate route map WORD no neighbor ip address TAG default originate route...

Страница 512: ...9 WORD in out no neighbor ip address TAG distribute list 1 199 1300 2699 WORD in out Function Configure the policy applied in partner route update transmission The no neighbor ip address TAG distribut...

Страница 513: ...dress TAG ebgp multihop 1 255 no neighbor ip address TAG ebgp multihop 1 255 Function Configures the EBGP neighbors can existing in different segment as well as its hop count TTL The no neighbor ip ad...

Страница 514: ...irect connected check will not be performed at exit in enforce multihop conditions Example Switch config router neighbor 10 1 1 66 enforce multihop 13 8 3 52 neighbor filter list Command neighbor ip a...

Страница 515: ...ion accessibility should be ensured Example Switch config router neighbor 10 1 1 64 interface Vlan2 13 8 3 54 neighbor maximum prefix Command neighbor ip address TAG maximum prefix 1 4294967295 1 100...

Страница 516: ...t the nexthop will automatically point to the source neighbor However in IBGP environment the nexthop remains the same for route in the same segment If it is not broadcast network errors will be encou...

Страница 517: ...ide do not attempt to create connection but stays in ACTIVE state waiting for the TCP connection request from the partner 13 8 3 58 neighbor peer group Command neighbor TAG peer group no neighbor TAG...

Страница 518: ...hbor ip address port 0 65535 command restore the port number to default value Parameter ip address Neighbor IP address TAG Name of the peer group 0 65535 TCP port number Default Default port number is...

Страница 519: ...ss TAG Name of peer group as id Neighbor AS number ranging between 1 65535 Default No neighbors Command Mode BGP mode and address family mode Usage Guide The BGP neighbors are completely generated thr...

Страница 520: ...in out command cancels this configuration Parameter ip address Neighbor IP address TAG Name of peer group NAME Name of route mapping in out Direction of route mapping Default Not set Command Mode BGP...

Страница 521: ...nt no neighbor ip address TAG route server client Function Configure the route server client The no neighbor ip address TAG route server client command cancels this configuration Parameter ip address...

Страница 522: ...s to the neighbors or else not Omission of the following choice will be equal to standard Example Switch config router no neighbor 10 1 1 66 send community Switch config router neighbor 10 1 1 66 send...

Страница 523: ...P area this attribute can be set Once this attribute is set it spreads with route routes carrying SOO attributes will not be spreader to a neighbor configured with the attribute Example Switch config...

Страница 524: ...65535 Respectively the KEEPALIVE and HOLD TIME Default Default KEEPALIVE time is 60s while HOLD TIME is 240s Command Mode BGP mode and address family mode Usage Guide Send KEEPALIVE interval and HOLD...

Страница 525: ...6 unsuppress map rmp Switch config access list 10 permit 10 1 1 100 0 0 0 255 Switch config route map rmp permit 5 Switch config route map match ip next hop 10 Route with nexthop as 10 1 1 100 will no...

Страница 526: ...ure the route weight sent from the partner The no neighbor ip address TAG weight 0 65535 command restores the default value Parameter ip address Neighbor IP address TAG Name of IP address 0 65535 Weig...

Страница 527: ...redistribute route from other modes into BGO The no redistribute ROUTES route map WORD command cancels this configuration Parameter ROUTES Route source or protocol including connected isis kernel osp...

Страница 528: ...ig router state the protocol can be configured at this prompt In case no bgp multiple instance is configured while a BGP is enabled enabling new BGP instance will return with error If bgp multiple ins...

Страница 529: ...oth mode so to equal the RD and RT_VALUE Example Switch config ip vrf DC1 Switch config vrf rd 100 10 Switch config vrf route target both 100 10 Switch config vrf In above example is created a VRF nam...

Страница 530: ...the nexthop 10 1 1 68 of the VPN route is changed to 10 1 1 250 after applied with route map 13 8 3 84 timers bgp Command timers bgp 0 65535 0 65535 no timers bgp 0 65535 0 65535 Function Configure al...

Страница 531: ...13 1 1 4 remote as 200 SwitchB config router bgp exit The configurations of SwitchC are as following SwitchC config router bgp 200 SwitchC config router bgp network 12 0 0 0 SwitchC config router bgp...

Страница 532: ...from itself More detailed route information about 193 0 0 0 will be announced SwitchB config router bgp 100 SwitchB config router bgp aggregate 193 0 0 0 24 At the same time the aggregation command a...

Страница 533: ...ch config router bgp neighbor 16 1 1 6 route map match community in Switch config router bgp exit Switch config route map match community permit 10 Switch config route map match community com1 Switch...

Страница 534: ...tchB config router bgp neighbor 12 1 1 3 remote as 10 SwitchB config router bgp neighbor 13 1 1 4 remote as 20 SwitchB config router bgp neighbor 11 1 1 1 remote as 100 SwitchC SwitchC config router b...

Страница 535: ...chC SwitchD SWE SWF and SWG establish IBGP connection which is affiliated to AS100 SwitchC creates EBGP connection with AS200 SwitchA creates EBGP connection with AS300 SwitchC SwitchD and SWG make ro...

Страница 536: ...ghbor 5 5 5 5 route reflector client SwitchD config router bgp neighbor 6 6 6 6 remote as 100 SwitchD config router bgp neighbor 6 6 6 6 route reflector client SwitchD config router bgp neighbor 3 3 3...

Страница 537: ...bgp neighbor 2 2 2 2 remote as 100 SwitchC config router bgp neighbor 2 2 2 2 route map set metric out SwitchC config router bgp neighbor 1 1 1 2 remote as 300 SwitchC config router bgp exit SwitchC...

Страница 538: ...ibute At this time the route with lower value is the better route But the comparison of metric attribute will only be done with the routes from the same AS For SwitchA the routes passed SwitchC are pr...

Страница 539: ...en send them to ourTechnology Service Center 13 8 5 1 Monitor And Debug Command 13 8 5 1 1 show ip bgp Command show ip bgp ADDRESS FAMILY ip address ip address M longer prefixes cidr only Function For...

Страница 540: ...GP with community information Parameter ADDRESS FAMILY Address family such as ipv4 unicast TYPE Community attributes number show in AA NN form or combination of local AS no advertise and no export Def...

Страница 541: ...e the community list with ip community list command and the contained community as well When displayed with its name communities included in all the lists are contained Example Switch config ip commun...

Страница 542: ...P table version is 13 local router ID is 10 1 1 66 Status codes s suppressed d damped h history valid best i internal S Stale Origin codes i IGP e EGP incomplete Network From Flaps Duration Reuse Path...

Страница 543: ...s ipv4 unicast Default None Command Mode All modes Usage Guide If same prefix comes from different origin AS the AS will be regarded as inconsistent This command is for displaying this kind of routes...

Страница 544: ...ive interval is 60 seconds Neighbor capabilities Route refresh advertised and received old and new Address family IPv4 Unicast advertised and received Received 17 messages 0 notifications 0 in queue S...

Страница 545: ...Status codes s suppressed d damped h history valid best i internal S Stale Origin codes i IGP e EGP incomplete Network Next Hop Metric LocPrf Weight Path 100 1 1 0 24 10 1 1 66 0 200 300 10 1 1 100 0...

Страница 546: ...1 13 show ip bgp regexp Command show ip bgp ADDRESS FAMILY regexp LINE Function For displaying the BGP routes meets specific AS related normal expressions Parameter ADDRESS FAMILY address family such...

Страница 547: ...router ID is 11 1 1 100 Status codes s suppressed d damped h history valid best i internal S Stale Origin codes i IGP e EGP incomplete Network Next Hop Metric LocPrf Weight Path 100 1 1 0 24 10 1 1 6...

Страница 548: ...s Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up Down State PfxRcd 10 1 1 68 4 300 0 0 0 0 0 never Active Total number of neighbors 1 Relevant Commands None 13 8 5 1 17 show ip bgp view Command show...

Страница 549: ...or IP address digits such as 100 10 vrf name is the name of VRF created through if vrf vrf name command Command Mode All modes Usage Guide Available to display by specified RD or VRF Example Switch s...

Страница 550: ...ease IPv6 unicast address family configuration 13 9 2 MBGP4 Configures Mission List 1 Configure IPv6 neighbor 2 Configure and enable IPv6 address family 3 Configure IPv6 neighbor Command Explanation B...

Страница 551: ...chB config router bgp neighbor 2003 4 remote as 200 SwitchB config router bgp address family IPv6 unicast SwitchB config router af neighbor 2001 1 activate SwitchB config router af neighbor 2002 3 act...

Страница 552: ...onfig router af neighbor 2002 2 activate SwitchD config router af neighbor 2003 3 activate SwitchD config router af exit address family SwitchD config router bgp exit Here the connection between Switc...

Страница 553: ...hip reports a message IGMP Snooping is also referred to as IGMP listening The switch prevents multicast traffic from flooding through IGMP Snooping multicast traffic is forwarded to ports associated t...

Страница 554: ...gures a static multicast address and port member to join 3 Configure IGMP to send Query Command Explanation Global Mode ip igmp snooping vlan vlan id query no ip igmp snooping vlan vlan id query Enabl...

Страница 555: ...gmp snooping vlan 100 14 3 2 ip igmp snooping vlan immediate leave Command ip igmp snooping vlan vlan id immediate leave no ip igmp snooping vlan vlan id immediate leave Function Enable the IGMP fast...

Страница 556: ...oping vlan vlan id Function Enable the IGMP Snooping function for the specified VLAN the no ip igmp snooping vlan vlan id command disables the IGMP Snooping function for the specified VLAN Parameter v...

Страница 557: ...port Parameter vlan id vlan id ranging between 1 4094 value mrouter port survive period ranging between 1 65535 seconds Command Mode Global mode Default 255s Usage Guide This command validates on dyna...

Страница 558: ...n id query robustness Function Configure the query robustness The no ip igmp snooping vlan vlan id query robustness command restores to the default value Parameter vlan id vlan id ranging between 1 40...

Страница 559: ...es ports 1 2 6 10 and 12 Four hosts are connected to port 2 6 10 12 respectively and the multicast router is connected to port 1 As IGMP Snooping is disabled by default either in the switch or in the...

Страница 560: ...s 2 6 10 will not receive the traffic of program 2 and port 12 will not receive the traffic of program 1 Scenario 2 IGMP Query Fig 14 2 The switches as IGMP Queries The configuration of SwitchB is the...

Страница 561: ...properly because of physical connection or configuration mistakes So the users should noted that z Make sure correct physical connection z Activate IGMP Snooping on whole config mode use ip igmp snoo...

Страница 562: ...tch is disabled on the switch by default Usage Guide The command is used for enable the IGMP Snooping debugging switch of the switch switch IGMP data packet message can be shown with packet parameter...

Страница 563: ...gmp snooping mrouter port keep alive time 255 s Igmp snooping query suppression time 255 s IGMP Snooping Connect Group Membership Note All Source S Include Source S Exclude Source Groups Sources Ports...

Страница 564: ...ress table multicast Command show mac address table multicast vlan vlan id Function Show the multicast MAC address table messages Parameter vlan id VLAN ID included in the entries to be shown Command...

Страница 565: ...e multicast VLAN is configured the multicast traffic will be continuously sent to the users 15 2 Multicast VLAN Configuration Task 1 Enable the multicast VLAN function 2 Configure the IGMP Snooping 1...

Страница 566: ...of the VLAN configuration of VLANs associated with the multicast VLAN should be deleted Note that the default vlan can not be configured with this command and only one multicast vlan is allowed on a s...

Страница 567: ...server is connected to the layer 3 switch switchA through port 0 0 1 which belongs to the vlan10 of the switch The layer 3 switch switchA is connected with layer 2 switches through the port 0 0 10 the...

Страница 568: ...thernet0 0 10 SwitchA Config Ethernet0 0 10 switchport mode trunk SwitchB config SwitchB config vlan 100 SwitchB config vlan100 Switchport access Ethernet 0 0 15 SwitchB config vlan100 exit SwitchB co...

Страница 569: ...al of valuable bandwidth resource and furthermore Broadcast mode goes against the security and secrecy The emergence of IP Multicast technology solved this problem in time The Multicast source only se...

Страница 570: ...an be permanent or temporary Some of the Multicast group addresses are assigned officially they are called Permanent Multicast Group Permanent Multicast Group keeps its IP address fixed but its member...

Страница 571: ...ndicated by the Multicast group address in the destination address field of IP data packet Unlike Unicast mode Multicast data packet must be forwarded to a number of external interfaces to be sent to...

Страница 572: ...ork Multicast has tremendous market potential and Multicast operation will be generalized and popularized 16 2 PIM DM 16 2 1 Introduction to PIM DM PIM DM Protocol Independent Multicast Dense Mode is...

Страница 573: ...ermine whether the coming path is correct first If the arrival interface is the interface connected to Multicast source indicated by Unicast routing then this Multicast packet is considered to be from...

Страница 574: ...And then turn on PIM SM switch on the interface Command Explanation Interface Configuration Mode ip pim dense mode Setup PIM DM Protocol of the interface Required 2 Configure PIM DM Sub parameters 1 C...

Страница 575: ...l on interface vlan1 Switch Config ip pim multicast routing Switch Config interface vlan 1 Switch Config if Vlan1 ip pim dense mode 16 2 3 2 ip pim hello interval Command ip pim hello interval interva...

Страница 576: ...mits stat refresh messages to maintain PIM DM list items of all the downstream routers The command can modify origination interval of state refresh messages Usually do not modify relevant timer interv...

Страница 577: ...able to implement dynamic routing update in virtue of Unicast Routing Protocol 16 2 5 PIM DM Troubleshooting In configuring and using PIM DM Protocol PIM DM Protocol might not operate normally caused...

Страница 578: ...etail the no debug pim timer srt command disenables the debug switch Parameter None Default Disabled Command Mode Admin Mode and Global Mode Usage Guide Enable the switch and display PIM DM state refr...

Страница 579: ...92 168 1 12 226 0 0 1 S G Forwarding item RPF nbr Backward path neighbor upstream neighbor of source direction in DM 0 0 0 0 expresses the switch is the first hop RPF idx Interface located in RPF neig...

Страница 580: ...ed on RP using Join Prune message of routers Consequently the network bandwidth occupied by data packets and message control is cut down and the transaction cost of routers decreases Multicast data ge...

Страница 581: ...urce direction which results in the switch from RPT to SPT 2 Preparation before PIM SM configuration 1 Configuration Candidate RP More than one RPs candidate RP can exist in PIM SM network and each C...

Страница 582: ...below are required to really enable PIM SM protocol on the interface Required And then turn on PIM SM switch on the interface Command Explanation Interface Configuration Mode ip pim sparse mode Enabl...

Страница 583: ...mmand is the global candidate BSR configuration command which is used to configure the information of PIM SM candidate BSR so that it can compete for BSR router with other candidate BSRs The no ip pim...

Страница 584: ...er Function Filter the specified multicast group and multicast address Parameter list number list number is the access list number it ranges from 100 to 199 Default Permit the multicast registers from...

Страница 585: ...used to configure PIM SM information about candidate BSR in order to compete the BSR router with other candidate BSRs Only this command is configured this switch is the BSR candidate router Example G...

Страница 586: ...M do not include GenId option The no ipv6 pim exclude genid command restores the default value Parameter None Default The Hello packets include GenId option Command Mode Interface Configuration Mode U...

Страница 587: ...pim hello interval command restores the default value Parameter interval is the hello_interval of periodically transmitted pim hello packets ranges from 1 to 18724s Default The default periodically t...

Страница 588: ...l of JOIN PRUNE packets sent by PIM periodically the default value is 60s The default value is recommended if no special reasons Example Configure the interval of timer Switch config ip pim jp timer 5...

Страница 589: ...ss list 2 deny 10 1 4 10 0 0 0 255 Switch config access list 2 permit any source Switch config show ip pim neighbor 16 3 3 12 ip pim register rate limit Command ip pim register rate limit limit no ip...

Страница 590: ...e Usage Guide The no ip pim register source command restores the default value no more parameter is needed Configured address must be reachable to Register Stop messages sent by RP It s usually a circ...

Страница 591: ...ng interface globally Switch Config ip pim rp address 10 1 1 1 238 0 0 0 8 16 3 3 17 ip pim rp candidate Command ip pim rp candidate vlan vlan id ifname A B C D M priority no ip pim rp candiate Functi...

Страница 592: ...P s S G item to 180s Switch config ip pim rp register kat 180 16 3 3 19 ip pim sparse mode Command ip pim sparse mode passive no ip pim sparse mode passive Function Enable PIM SM on the interface the...

Страница 593: ...fter the bondage only command no ip pim ssm can release the bondage 5 If ssm is needed this command should be configured at the related edge route For example the local switch with igmp must and multi...

Страница 594: ...Vlan1 ip pim sparse mode Switch Config If Vlan1 exit Switch Config interface vlan 2 Switch Config If Vlan2 ip address 24 1 1 2 255 255 255 0 Switch Config If Vlan2 ip pim sparse mode Switch Config If...

Страница 595: ...incorrect configuration Therefore the user should pay attention to the following issues Assure that physical connection is correct Assure the Protocol of Interface and Link is UP use show interface c...

Страница 596: ...in Mode and Global Mode Usage Guide Enable pim mfc debug switch and display generated and transmitted multicast id s information Example Switch debug ip pim mfc 16 3 5 1 3 debug pim mib Command debug...

Страница 597: ...ug pim packet in debug pim packet out no debug pim packet no debug pim packet in no debug pim packet out Function Enable or Disable pim debug switch Parameter in display only received pim packets out...

Страница 598: ...pim timer joinprune ppt debug pim timer joinprune pt debug pim timer joinprune debug pim timer register rst debug pim timer register no debug pim timer no debug pim timer assert no debug pim timer as...

Страница 599: ...uide Display the BSR information maintained by the PIM Example show ip pim bsr router PIMv2 Bootstrap information This system is the Bootstrap Router BSR BSR address 10 1 4 3 Uptime 00 06 07 BSR Prior...

Страница 600: ...ount The interface s neighbor count DR Prior Dr priority DR The interface s DR address 16 3 5 1 11 show ip pim mroute sparse mode Command show ip pim mroute sparse mode group A B C D source A B C D Fu...

Страница 601: ...rom upstream and more options such as RPT Not Joined Pruned Not Pruned are available for S G rpt Local Local join interface this interface receive IGMPJoin Joined PIM join interface this interface rec...

Страница 602: ...e neighbor is the interface s DP 16 3 5 1 13 show ip pim nexthop Command show ip pim nexthop Function Display the PIM buffered nexthop router in the unicast route table Parameter None Default None Com...

Страница 603: ...ample testS2 Config if Vlan1 show ip pim rp hash 239 192 1 10 RP 10 1 6 1 Info source 10 1 6 1 via bootstrap Displayed Information Explanations RP Queried group sRP Info source The source of Bootstrap...

Страница 604: ...is received at the correct interface Otherwise the packet will be discarded to prevent Multicast circulation The check which determines if the packet gets to the correct interface is called RPF check...

Страница 605: ...neighbor is called upstream interface The routing report includes source network use net mask address and the hop entry for routing scale In order to finish transmission correctly every DVMRP switch...

Страница 606: ...d disables DVMRP Protocol globally Required 2 Enable DVMRP Protocol on the interface The basic configuration to function DVMRP routing protocol on EDGECORE series Layer 3 switch is very simple After g...

Страница 607: ...n pruners command restores to being able to set up neighbor ship 4 Configure DVMRP Tunnel Command Explanation Interface Configuration Mode ip dvmrp tunnel index src ip dst ip no ip dvmrp tunnel index...

Страница 608: ...tream of some route after calculation and judgment it will transmit report message included the route to upstream The route metric increases 32 based on original value in order to indicate downstream...

Страница 609: ...e Interface Configuration Mode Usage Guide The command determines if it will establish neighboring ship with DVMRP router of non pruning grafting or not Example Switch Config If vlan1 ip dvmrp reject...

Страница 610: ...Config ip dvmrp multicast routing Switch Config interface vlan 1 Switch Config if Vlan1 ip address 10 1 1 1 255 255 255 0 Switch Config if Vlan1 ip dvmrp Switch Config if Vlan1 exit Switch Config inte...

Страница 611: ...all attempts including Check are made but the problems on DVMRP can t be solved yet then please use commands such as debug dvmrp and then copy DEBUG information in 3 minutes and send to Technology Se...

Страница 612: ...DVMRP protocol information Parameter None Default Do not display Off Command Mode Any Configuration Mode Usage Guide The command applies to display some total statistic information of DVMRP protocol...

Страница 613: ...4 5 1 4 show ip dvmrp neighbor Command show ip dvmrp neighbor ifname A B C D detail ifname detail detail Function Display DVMRP neighbor Parameter ifname is interface name namely displaying neighbor...

Страница 614: ...1 1 0 24 239 0 0 1 1 01 59 56 Off Displayed Information Explanations Source Address Source address Mask Len Mask length Group Address Group address State Table item state FCR Exptime FCR expire time P...

Страница 615: ...wing manners 1 On the edge switch if source under control multicast is configured then only multicast data from specified group of specified source can pass 2 For RP switch in the core of PIM SM for R...

Страница 616: ...ollows Command Explanation Global Configuration Mode no ip multicast source control Required Enable source control globally the no ip multicast source control command disables source control globally...

Страница 617: ...rce control uses to port the NO form cancels the configuration Destination Control Configuration Like source control configuration destination control configuration also has three steps First enable d...

Страница 618: ...access group 6000 7999 Used to configure the rules destination control uses to port the NO form cancels the configuration Global Configuration Mode no ip multicast destination control 1 4094 macaddr a...

Страница 619: ...ce destination destination wildcard host destination destination host ip any destination command deletes the access list Parameter 5000 5099 source control access list number deny permit deny or permi...

Страница 620: ...command deletes the access list Parameter 6000 7999 destination control access list number deny permit deny or permit source multicast source address source wildcard multicast source address wildcard...

Страница 621: ...ticast destination control access group vmac Command ip multicast destination control 1 4094 macaddr access group 6000 7999 no ip multicast destination control 1 4094 macaddr access group 6000 7999 Fu...

Страница 622: ...t be add The command uses the format IPADDRESS IPADDRESS to match on layer 2 switch format IPADDRESS M on layer 3 switch If relevant group or source in show ip igmp groups detail has been established...

Страница 623: ...on layer 3 switch Carefully the packet transmitted in UNTAG mode does not modify its priority Example switch config ip multicast policy 10 1 1 0 24 225 1 1 0 24 cos 7 16 5 3 8 ip multicast source cont...

Страница 624: ...ily we configure Edge Switch so that only the switch at port Ethernet0 0 5 is allowed to transmit multicast and the data group must be 225 1 2 3 Also switch connected up to port Ethernet0 0 10 can tra...

Страница 625: ...milar to ACL and the problems occurred are usually related to improper configuration Please read the descriptions above carefully If you still can determine the cause of the problem please send your c...

Страница 626: ...6000 deny ip any source host destination 224 1 1 1 access list 6000 deny ip host source 2 1 1 1 any destination access list 6001 deny ip host source 2 1 1 1 225 0 0 0 0 255 255 255 access list 6002 p...

Страница 627: ...and Global Mode Usage Guide The command displays source control multicast access list of configuration Example Switch sh ip multicast source control access list access list 5000 permit ip 10 1 1 0 0...

Страница 628: ...only one switch is required to transmit membership query message so an exchange election mechanism is required to determine a switch as query machine In IGMP version1 the selection of query machine i...

Страница 629: ...includes his her Robustness Variable and Query Interval in query group to allow the synchronization with these variables of non queries 5 Max Response Time in Query Message has an exponential range w...

Страница 630: ...ace Configuration Mode ip dvmrp ip pim dense mode ip pim sparse mode Enable IGMP Protocol the corresponding commands no ip dvmrp no ip pim dense mode no ip pim sparse mode disable IGMP Protocol Requir...

Страница 631: ...nse time time_val no ip igmp query max response time Configure the maximum response time of the interface for IGMP query the no ip igmp query max response time command restores default value ip igmp q...

Страница 632: ...that is when the host transmits member identity report of equivalent to leave a group router does not transmit query it directly confirms there is no member of this group in subnet the no ip igmp imme...

Страница 633: ...aves states which are not more than state count groups and sources If it reaches upper limit of state count it does not deal with when receiving related new group member identity report If it has save...

Страница 634: ...nterface enables some group multicast protocol The command applies to configure this query period time Example Configure interval of periodically transmitted IGMP query message to 10s Switch Config in...

Страница 635: ...Example Configure timeout of IGMP query message on interface to 100s Switch Config interface vlan 1 Switch Config If Vlan1 ip igmp query timeout 100 16 6 3 9 ip igmp static group Command ip igmp stati...

Страница 636: ...same version IGMP in the same network When other routers which are not upgraded to IGMPv3 on interface connected subnet need to join member identity collection of subnet IGMP together the interface i...

Страница 637: ...the following issues Firstly to assure that physical connection is correct Next to assure the Protocol of Interface and Link protocol is UP use show interface command Afterwards to assure to start a...

Страница 638: ...38 58 IGMP Send membership query on dvmrp2 for 0 0 0 0 02 17 38 58 IGMP Received membership query on dvmrp2 from 192 168 1 11 for 0 0 0 0 02 17 39 26 IGMP Send membership query on vlan1 for 0 0 0 0 02...

Страница 639: ...1 Flags Uptime 00 00 19 Group Mode INCLUDE Last Reporter 10 1 1 1 Exptime stopped Source list 2 members S Static Source Address Uptime v3 Exp Fwd Flags 1 1 1 1 00 00 19 00 04 01 Yes 2 2 2 2 00 00 19...

Страница 640: ...ce Default Do not display Command Mode Admin Mode Example Display interface valn1 IGMP message on Ethernet Switch config show ip igmp interface Vlan1 Interface Vlan1 2005 Index 2005 Internet address i...

Страница 641: ...ork by single cast packet of IPv4 encapsulation The working process of PIM DM can be summarized as Neighbor Discovery Flooding Prune and Graft 1 Neigh hour Discovery When PIM DM router is started at b...

Страница 642: ...used as path judgment can root in any Unicast Routing Protocol such as messages found by RIP OSPF etc It doesn t rely on any specific unicast routing protocol 4 Assert Mechanism If two multicast route...

Страница 643: ...arameters Configure PIM DM hello message interval time Command Explanation Port Configuration Mode ipv6 pim hello interval interval no ipv6 pim hello interval Configure PIM DM hello message interval t...

Страница 644: ...l on interface vlan1 Switch Config ipv6 pim multicast routing Switch Config interface vlan 1 Switch Config if Vlan1 ipv6 pim dense mode 17 1 3 2 ipv6 pim dr priority Command ipv6 pim dr priority prior...

Страница 645: ...elete Parameter value is configure time of holdtime Default Define 3 5 times of Hello_interval and default hello_interval as 30s so default value of hello_holdtime is 105s Command Mode Interface Confi...

Страница 646: ...v6 pim hello interval 20 17 1 3 6 ipv6 pim multicast routing Command ipv6 pim multicast routing no ipv6 pim multicast routing Function Globally enable PIM DM protocol the no ipv6 pim multicast routing...

Страница 647: ...rom 4s to 100s Default 60s Usage Guide The first hop router periodically transmits stat refresh messages to maintain PIM DM list ltems of all the downstream routers The command can modify origination...

Страница 648: ...ubleshooting When configuring and using PIM DM protocol PIM DM protocol may fail to work normally due to physical connections incorrect configuration and so on So users shall note the following points...

Страница 649: ...Parameter None Default Disabled Command Mode Admin Mode Usage Guide Enable the switch and display PIM DM state refresh timer information in detail Example Switch debug ipv6 pim timer srt Remark Other...

Страница 650: ...rection in DM 0 0 0 0 expresses the switch is the first hop RPF idx Interface located in RPF neighbor Upstream State Upstream direction including FORWARDING forwarding upstream data PRUNED Upstream st...

Страница 651: ...oint and BSR Bootstrap Router PIM SM announce multicast packet to all PIM SM routers and establish using Join Prune message of routers RPT RP rooted shared tree based on RP Consequently the network ba...

Страница 652: ...SM configuration 1 Configuration Candidate RP More than one RPs candidate RP are permitted in PIM SM network and each C RP Candidate RP takes charge of forwarding multicast packets with destination ad...

Страница 653: ...n PIM multicast switch in Global Mode and turn on PIM SM switch on relevant interface Command Explanation Global Mode no ipv6 pim multicast routing Enable PIM SM Protocol on each interface but below c...

Страница 654: ...ccess list name Configure Neighbor Access list If a neighbor is filtered by the list and a connection has been set up with this neighbor then this connection will be cut off immediately and if no conn...

Страница 655: ...PIM SM Protocol Command Explanation Port Configuration Mode no ipv6 pim sparse mode Shut down PIM SM Protocol Global Mode no ipv6 pim multicast routing Shut down PIM SM Protocol globally 17 2 3 Comma...

Страница 656: ...This switch is not a candidate BSR router Command Mode Global Mode Usage Guide This command is the candidate BSR configure command in global mode and is used to configure PIM SM information about can...

Страница 657: ...lan1 ipv6 pim dr priority 100 17 2 3 5 ipv6 pim exclude genid Command ipv6 pim exclude genid no ipv6 pim exclude genid Function This command makes the Hello packets sent by PIM SM do not include GenId...

Страница 658: ...hello interval Command ipv6 pim hello interval interval no ipv6 pim hello interval Function Configure the interface s hello_interval of pim hello packets The no ipv6 pim hello interval command restore...

Страница 659: ...no ipv6 pim jp timer restores the default value Parameter value ranges from 10 to 65535 Default 60s Command Mode Global Mode Usage Guide Configure the interval of transmitting J P messages to59s Exam...

Страница 660: ...rate limit Command ipv6 pim Register rate limit limit no ipv6 pim Register rate limit Function This command is used to configure the speedrate of DR sending register packets the unit is packet second...

Страница 661: ...but it can be other physical addresses This address must be announcable through unicast router protocols of DR Example Configure the source address of the sent register packets to vlan1 s address Swi...

Страница 662: ...idate RPs The no ipv6 pim rp candiate command cancels the candidate RP Parameter ifname is the name of the interface group range is the group range of the candidate RP the format is X X X X M ipv6 add...

Страница 663: ...ets and only enable IGMP receive and transmit IGMP packets Default Disabled PIM SM Command Mode Interface Configuration Mode Usage Guide Enable PIM SM on the interface The command can configure on IPv...

Страница 664: ...2000 13 1 1 1 64 Switch Config If Vlan2 ipv6 pim sparse mode 2 Configure Switch B Switch Config ipv6 pim multicast routing Switch Config interface vlan 1 Switch Config If Vlan1 ipv6 address 2000 12 1...

Страница 665: ...ch Config If Vlan1 ipv6 pim sparse mode Switch Config If Vlan1 exit Switch Config interface vlan 2 Switch Config If Vlan2 ipv6 address 2000 24 1 1 4 64 Switch Config If Vlan2 ipv6 pim sparse mode Swit...

Страница 666: ...tch Parameter None Default Disabled Command Mode Admin Mode and Global Mode Usage Guide Enable pim events debug switch and display events information about pim operation Example Switch debug ipv6 pim...

Страница 667: ...ameter None Default Disabled Command Mode Admin Mode and Global Mode Usage Guide Inspect the communicating information between pim and Network Services by this switch Example Switch debug ipv6 pim nsm...

Страница 668: ...et debug ipv6 pim timer joinprune grt debug ipv6 pim timer joinprune jt debug ipv6 pim timer joinprune kat debug ipv6 pim timer joinprune ot debug ipv6 pim timer joinprune plt debug ipv6 pim timer joi...

Страница 669: ...ied timer s debug information Example Switch debug ipv6 pim timer assert 17 2 5 1 9 show ipv6 pim bsr router Command show ipv6 pim bsr router Function Display BSR address Parameter None Default None C...

Страница 670: ...ss fe80 203 fff fee3 1244 Global Address 2000 10 1 13 1 DR this system Displayed Information Explanations Address Interface address Interface Interface name VIF index Interface index Ver Mode Pim vers...

Страница 671: ...RPF idx None Upstream State JOINED Local l Joined Asserted FCR 2000 1 111 11 ff1e 15 RPF nbr RPF idx None SPT bit 1 Upstream State JOINED Local Joined Asserted Outgoing o 2000 1 111 11 ff1e 15 rpt RP...

Страница 672: ...g of multicast data 17 2 5 1 12 show ipv6 pim neighbor Command show ipv6 pim neighbor detail Function Display router neighbors Parameter None Default None Command Mode Any Mode Usage Guide Display mul...

Страница 673: ...hop Metric Pref Refcnt Num Addr Ifindex Name _______________________________________________________________________ _____________ 2000 1 111 11 S 1 2004 0 0 2 2000 1 111 100 RS 1 2004 0 0 2 2004 0 0...

Страница 674: ...rap information 17 2 5 1 15 show ipv6 pim rp mapping Command show ipv6 pim rp mapping Function Display Group to RP Mapping and RP Parameter None Default None Command Mode Any Mode Usage Guide Display...

Страница 675: ...MLD query message of multicast switch with membership report message the switch periodically sends membership query message and determines if there is host joining a specific group in its subnetworks...

Страница 676: ...ion Mode ipv6 pim dense mode ipv6 pim sparse mode Start MLD Protocol The NO operation of corresponding command shuts MLD Protocol Required 2 Configure MLD auxiliary parameters 1 Configure MLD group pa...

Страница 677: ...d access group Command ipv6 mld access group acl_name no ipv6 mld access group Function Configure the access control of the interface to MLD groups the no ipv6 mld access group command stops the acces...

Страница 678: ...default value Parameter interval is the interval of querying specific group it ranges from 1000 to 25000ms It s the integer times of 1000ms If it s not the integer times of 1000ms the system will conv...

Страница 679: ...he query messages and the router can also get the group members existing states quickly Example Configure the maximum response time of MLD queries to 20s Switch Config interface vlan 1 Switch Config I...

Страница 680: ...roup Command ipv6 mld join group address no ipv6 mld join group address Function Configure the interface to join in certain multicast group the no ipv6 mld join group address command cancels joining c...

Страница 681: ...interface vlan 2 Switch Config if Vlan2 ipv6 mld join group ff1e 1 3 mode include source 2003 1 2003 2 17 3 3 10 ipv6 mld limit Command ipv6 mld limit state count no ipv6 mld limit Function Configure...

Страница 682: ...MLD protocol will consider that the group or source exist Note the configured static source is the source to be forwarded Example Configure an MLD static group ff1e 1 3 on interface vlan2 Switch Confi...

Страница 683: ...ting Switch Config ipv6 pim rp address 3FFE 1 Switch Config interface vlan1 Switch Config If Vlan1 ipv6 address 3FFE 2 64 Switch Config If Vlan1 ipv6 pim sparse mode Switch Config If Vlan1 exit Switch...

Страница 684: ...he debug switch that displays MLD events the no debug ipv6 mld events command disables the debug switch Parameter None Default Disabled Command Mode Admin Mode Usage Guide This switch can be enabled t...

Страница 685: ...roup information Parameter ifname is the name of the interface Display the MLD group information group_addr is the group address Display the specified group information Default Do not display Command...

Страница 686: ...terface Vlan1 2003 Index 2003 Internet address is fe80 203 fff fe01 e4a MLD querier MLD query interval is 100 seconds MLD querier timeout is 205 seconds MLD max query response time is 10 seconds Last...

Страница 687: ...ctive combination of conditions such as source IP destination IP IP protocol number and TCP port Access lists can be categorized by the following criteria z Filter information based criterion IP acces...

Страница 688: ...matches z When an access list is bound to the outgoing direction of a port the action in the rule can only be deny 18 2 ACL Configuration 18 2 1 ACL Configuration Task Sequence 1 Configuring access l...

Страница 689: ...Clear the filter information of the specific port 1 Configuring access list 1 Configuring a numbered standard IP access list Command Explanation Global Mode access list num deny permit sIpAddr sMask...

Страница 690: ...y permit udp sIpAddr sMask any host sIpAddr s port sPort dIpAddr dMask any destination host destination dIpAddr d port dPort precedence prec tos tos Creates a numbered UDP extended IP access rule if t...

Страница 691: ...me based standard IP access rule c Exit name based standard IP ACL configuration mode Command Explanation Standard IP ACL Mode Exit Exits name based standard IP ACL configuration mode 4 Configuring an...

Страница 692: ...tos Creates an extended name based TCP IP access rule the no form command deletes this name based extended IP access rule no deny permit udp sIpAddr sMask any host sIpAddr s port sPort dIpAddr dMask a...

Страница 693: ...ged 802 3 offset1 length1 value1 offset2 length2 value2 offset3 length3 value3 offset4 length4 value4 no access list num Creates a numbered MAC extended access list if the access list already exists t...

Страница 694: ...st_smac smac smac mask any destination mac host destination mac host_dmac dmac dmac mask untagged 802 3 Creates an MAC access rule matching 802 3 frame the no form command deletes this MAC access rule...

Страница 695: ...eates a numbered mac icmp extended mac ip access rule if the numbered extended access list of specified number does not exist then an access list will be created using this number access list num deny...

Страница 696: ...sti nation host destination destination host ip d port port3 precedence precedence tos tos time range time range name Creates a numbered mac icmp extended mac ip access rule if the numbered extended a...

Страница 697: ...rce host ip destination destination wildcard any desti nation host destination destination host ip icmp type icmp code precedence precedence tos tos time range time range name Creates an extended name...

Страница 698: ...estination destination wildcard any desti nation host destination destination host ip d port port3 precedence precedence tos tos time range time range name Creates an extended name based MAC UDP acces...

Страница 699: ...he name of the time range Command Explanation Global Mode time range time_range_name Create a time range named time_range_name no time range time_range_name Stop the time range function named time_ran...

Страница 700: ...ute start start_time start_data end end_time en d_data stop the function of the time range 4 Bind access list to a specific direction of the specified port Command Explanation Physical Interface Mode...

Страница 701: ...MM SS hour minute second end_time end time HH MM SS hour minute second Remark time range polling is one minute per time so the time error shall be one minute Command Mode time range mode Default No ti...

Страница 702: ...ormer configuration Examples Make configurations effective from 6 00 00 to 13 30 00 from Oct 1 2004 to Jan 26 2005 Switch config Time range doc_timer Switch Config Time Range absolute start 6 00 00 20...

Страница 703: ...sition o ignored position 1 igmp type the type of igmp 0 15 icmp type the type of icmp 0 255 icmp code protocol No of icmp 0 255 prec IP priority 0 7 tos to value 0 15 sPort source port No 0 65535 dPo...

Страница 704: ...ts configured Usage Guide When the user assign specific num for the first time ACL of the serial number is created then the lists are added into this ACL Examples Create a numeric standard IP access l...

Страница 705: ...x 3 it is0 ffffff when Length x 4 it is 0 ffffffff For Offset x different types of data frames are with different value ranges for untagged eth2 type frame 12 52 for untagged 802 2 type frame 12 60 f...

Страница 706: ...ion mac host_dmac dmac dmac mask udp source source wildcard any source host source source host ip s port port1 destination destination wildcard any destination host destination destination host ip d p...

Страница 707: ...ort optional means need to match TCP UDP destination interface port3 optional value of TCP UDP destination interface No Interface No is an integer from 0 65535 ack fin psh rst urg syn optional only fo...

Страница 708: ...X 00 ab Switch Config access list 700 permit 00 00 00 00 00 01 00 00 FF FF 00 01 Switch Config access list 700 deny 00 00 00 00 00 ab 00 00 00 FF 00 ab 18 2 2 8 clear access group statistic Command cl...

Страница 709: ...etes this name expansion IP access list including all list items Parameters name name the access list the length of character string is 1 16 no pure number sequences permitted Command Mode Global mode...

Страница 710: ...list configured Usage Guide Creates a numbered 520 standard IP access list first time the following configuration will add to the current access list Examples Creates a numbered 520 standard IP acces...

Страница 711: ...is added statistic counter or not by options the no ip mac mac ip access group command deletes access list binding on the port Parameter name is the name for access list the character string length i...

Страница 712: ...tion Example Binding aaa access list to entry direction of port Switch Config Ethernet0 0 1 ip access group aaa in 18 2 2 17 mac access extended Command Mac access list extended name no mac access lis...

Страница 713: ...sIpAddr dIpAddr dMask any destination host destination dIpAddr icmp type icmp code precedence prec tos tos time range time range name no deny permit igmp sIpAddr sMask any source host source sIpAddr...

Страница 714: ...extended udpFlow Switch Config Ext Nacl udpFlow deny igmp any source any destination Switch Config Ext Nacl udpFlow permit udp any source host destination 192 168 0 1 d port 32 18 2 2 20 permit deny...

Страница 715: ...2 3 cos cos val cos bitmask vlanId vid value vid mask Functions Define an expansion name MAC ACL rule and no form of this command deletes this expansion name IP access rule Parameters any source mac a...

Страница 716: ...any destination host destination destination host ip igmp type precedence precedence tos tos time range time range name no deny permit any source mac host source mac host_smac smac smac mask any dest...

Страница 717: ...d reverse mask destination host ip destination No of destination network or host to which packets are delivered Numbers of 32 bit binary system with dotted decimal notation expression host source mean...

Страница 718: ...estination dIPv6Addr d port dPort dscp dscp flow label fl no deny permit proto sIPv6Prefix sPrefixlen any source host source sIPv6Addr dIPv6Prefix dPrefixlen any destination host destination dIPv6Addr...

Страница 719: ...mmand Mode Standard IPv6 nomenclature access list mode Default No access list configured by default Example Permit packets with source address of 2001 1 2 3 1 64 while denying those with source addres...

Страница 720: ...fault Rule Permit Switch show access lists access list 110 used 1 time s access list 110 deny tcp 10 0 0 0 0 0 0 255 any destination d port 21 Switch show access group interface Ethernet 0 0 10 interf...

Страница 721: ...dmin mode Usage Guide When not assigning names of ACL all ACL will be revealed used x time s indicates the times of ACL to be used Examples Switch show access lists access list 10 used 0 time s access...

Страница 722: ...how access group interface Ethernet name Functions Reveal tying situation of ACL on port Parameters name Interface name Default None Command Mode Admin mode Usage Guide When not assigning interface na...

Страница 723: ...g function is permit 18 4 1 4 show time range Command show time range word Functions Reveal configuration information of time range functions Parameters word assign name of time range needed to be rev...

Страница 724: ...ipv6 access list 520 permit ip any source any destination 18 5 Web Management By clicking the ACL configuration icon it will open up the ACL sub sections which include the following parts z Numeric A...

Страница 725: ...Add ICMP numeric extended ACL z Add IGMP numeric extended ACL z Add TCP numeric extended ACL z Add UDP numeric extended ACL z Add numeric extended ACL for other protocols By clicking the icons it will...

Страница 726: ...s z Source port z Target port Regarding numeric extended ACL for other protocols there is one sub category Matched protocol z Matched protocol includes IP EIGRP OSPF IPINIP and Input Protocol manually...

Страница 727: ...rs should change the ACL number to the ACL name This should be entered in ACL name not ACL number CLI command 1 2 2 6 There are seven sub sections of this z ACL name z ACL type standard and extended z...

Страница 728: ...with numeric extended ACL The only difference is the ACL number needs to be changed to ACL name and entered into the ACL name rather than number CLI command 1 2 2 5 18 5 6 Firewall configuration Clic...

Страница 729: ...ort to bind to ACL z ACL name the target ACL name to bind z Ingress Egress the target direction to bind z Operation type Add or Remove To enable this function you need to select the action in each ite...

Страница 730: ...ical port or a physical port Typically one physical port of the switch connects with one terminal device physical port based only The architecture of IEEE 802 1x is shown below Fig 19 1 802 1x archite...

Страница 731: ...IEEE 802 1x authentication is implemented in ES3628EA for better security and management Only authenticated user access devices connecting to the same physical port can access the network the unauthor...

Страница 732: ...enable Enables the 802 1x function in the switch and ports the no dot1x enable command disables the 802 1x function Command Explanation Port Mode dot1x port control auto force authorized forc e unauth...

Страница 733: ...re authentication interval the no dot1x timeout re authperiod command restores the default setting dot1x timeout tx period seconds no dot1x timeout tx period Sets the interval for the supplicant to r...

Страница 734: ...adius server authentication host IPaddress Specifies the IP address or IPv6 address and listening port number for RADIUS authentication server the no radius server authentication host IPaddress comman...

Страница 735: ...tion for the switch must be enabled first to enable IEEE 802 1x authentication for the switch Example Enabling AAA function for the switch Switch Config aaa enable 19 3 2 aaa accounting enable Command...

Страница 736: ...sage Guide The dot1x address filter function is implemented according to the MAC address filter table dot1x address filter table is manually added or deleted by the user When a port is specified in ad...

Страница 737: ...cation for the switch must be enabled first to enable 802 1x authentication for the respective ports If Spanning Tree or MAC binding is enabled on the port or the port is a Trunk port or member of por...

Страница 738: ...5 frames to 5 times Switch Config dot1x max req 5 19 3 8 dot1x max user Command dot1x max user macbased number no dot1x max user macbased Function Sets the maximum users allowed to connect to the port...

Страница 739: ...Config interface Ethernet 0 0 1 Switch Config Ethernet0 0 1 dot1x port control auto 19 3 10 dot1x port method Command dot1x port method macbased portbased no dot1x port method Function Sets the access...

Страница 740: ...e When periodical re authentication for supplicant is enabled the switch will re authenticate the supplicant at regular interval This function is not recommended for common use Example Enabling the pe...

Страница 741: ...the interval for the supplicant to re transmit EAP request identity frame the no dot1x timeout tx period command restores the default setting Parameters seconds is the interval for re transmission of...

Страница 742: ...r of IP address to 100 100 100 60 as the primary server with the accounting port number as 3000 Switch Config radius server accounting host 100 100 100 60 port 3000 primary 19 3 17 radius server authe...

Страница 743: ...ver from inaccessible to accessible When the switch acknowledges a server to be inaccessible it marks that server as having invalid status after the interval specified by this command the system reset...

Страница 744: ...e considered to as not working the switch sets the server as invalid Example Setting the RADIUS authentication packet retransmission time to five times Switch Config radius server retransmit 5 19 3 21...

Страница 745: ...lient software is installed on the PC and is used in IEEE 802 1x authentication The configuration procedures are listed below Switch Config interface vlan 1 Switch Config if vlan1 ip address 10 1 1 2...

Страница 746: ...parameter shall be modified if the event log indicates no such authenticator the authenticator needs to be added to the RADIUS server if the event log indicates no such login user the user login ID an...

Страница 747: ...Guide Usually the administrator is concerned only with the online user information the other information displayed is used for troubleshooting by technical support Example Switch show aaa authenticate...

Страница 748: ...r TRUE and 0 for FALSE AAA config data Is Aaa Enabled 1 Is Account Enabled 1 MD5 Server Key aa authentication server sum 2 authentication server 0 Host IP 30 1 1 30 Udp Port 1812 Is Primary 1 Is Serve...

Страница 749: ...The number of accounting servers accounting server X Host IP Udp Port Is Primary Is Server Dead Socket No Displays the accounting server number and corresponding IP address UDP port number Primary se...

Страница 750: ...ist dot1x EAPoR Enable 802 1x is enabled on ethernet 1 Authentication Method Port based Status Authorized Port control Auto Supplicant 00 03 0F FE 2E D3 Authenticator State Machine State Authenticated...

Страница 751: ...ne status 19 5 1 7 show radius count Command show radius authencated user authencating user count Function Displays the statistics for users of RADIUS authentication Parameters authencated user displa...

Страница 752: ...hentication function z Accounting Status Enables disables switch AAA accounting function Disable Accounting disable accounting function Enable Accounting enable accounting function z RADIUS key Config...

Страница 753: ...non primary server z Operation type Add authentication server adds an authentication server Remove authentication server remove an authentication server Example Configure Authentication server IP as...

Страница 754: ...function 19 6 2 1 802 1X configuration Click Authentication configuration 802 1X configuration 802 1X configuration to configure the 802 1x global configurations z 802 1x status Enables disables the s...

Страница 755: ...port authentication configuration Click Authentication configuration 802 1X configuration 802 1X port authentication configuration to Configure port 802 1x function z Port assigns port z 802 1x statu...

Страница 756: ...s table to dot1x address filter z Port If specify port the added list only suitable for specific port specify All Ports the added list suitable for all port z Mac adds MAC address z Operation type add...

Страница 757: ...tion status Authentication status z Authentication mode Authentication mode Example Choose Ethernet port 0 0 1 then Click Reauthenticate button the user in Ethernet port 0 0 1 will be force to make re...

Страница 758: ...router is actually undertaken by the active router while the Backup routers serve as backups for the active router The virtual router has its own virtual IP address can be identical with the IP addres...

Страница 759: ...VRRP 7 Configure VRRP priority 8 Configure VRRP Timer intervals 9 Configure VRRP interface monitor 1 Create Remove the Virtual Router Command Explanation Global Mode no router vrrp vrid Creates Remov...

Страница 760: ...authentication string 5 Configure VRRP Sub parameters 1 Configure the preemptive mode for VRRP Command Explanation VRRP protocol configuration mode preempt mode true false Configures the preemptive mo...

Страница 761: ...ating properly therefore turns its status to Master The user can use this command to adjust the VRRP packet sending interval of the Master For members in the same Standby cluster this property should...

Страница 762: ...Config Router Vrrp circuit failover vlan 2 10 20 3 3 debug vrrp Commands debug vrrp all event packet recv send no debug vrrp all event packet recv send Function Displays information for VRRP standby c...

Страница 763: ...h Config Router Vrrp enable 20 3 6 interface Commands interface IFNAME Vlan ID no interface Function Configures the VRRP interface Parameters interface IFNAME Vlan ID stands for the interface name Def...

Страница 764: ...switch in a Standby cluster the higher priority the more likely to become the Master When a router or L3 Ethernet switch is configured as Master dummy IP address its priority is always 255 and does no...

Страница 765: ...is TRUE VrId 10 State is Initialize Virtual IP is 10 1 10 1 IP owner Interface is Vlan1 Configured priority is 255 Current priority is 255 Advertisement interval is 1 sec Preempt mode is TRUE Circuit...

Страница 766: ...virtual ip 10 1 1 1 20 4 Typical VRRP Scenario As shown in the figure below SwitchA and SwitchB are Layer 3 Ethernet Switches in the same group and provide redundancy for each other Fig 20 1 VRRP Netw...

Страница 767: ...switches in the same standby cluster are the same Verify the timer time of different routers or L3 Ethernet switches in the same standby cluster are the same Verify the dummy IP address is in the sam...

Страница 768: ...mber 1 and VLAN port IP 23 Click Apply to add port 23 to Virtual Router number 1 Click Remove to remove port 23 from Virtual Router number 1 20 6 4 Activate Virtual Router Click VRRP control to config...

Страница 769: ...ample Enter created Virtual Router number 1 and interval 3 Click Enable to set the interval of virtual router number 1 to 3 Click Disable to disable the interval of Virtual Router number 1 20 6 8 Conf...

Страница 770: ...ck VRRP control to enter VRRP AuthenMode and configure VRRP authentication mode Example Choose created Vlan1 for Port and yes for AuthenMode Click Apply to finish Port Vlan1 authentication mode config...

Страница 771: ...MRPP has below characters compare to STP protocol 1 MRPP specifically uses to Ethernet ring topology 2 fast convergence less than 1 s ideally it can reach 100 50 ms 21 1 1 Conception Introduction SWIT...

Страница 772: ...node The primary port of primary node is used to send ring health examine packet hello the secondary port is used to receive Hello packet sending from primary node When the Ethernet is in health stat...

Страница 773: ...block state and sends LINK DOWN FLUSH_FDB packet to inform all of transfer nodes to refresh own MAC address forward list 3 Ring Restore After the primary node occur ring fail if the secondary port rec...

Страница 774: ...on Task List 1 Globally enable MRPP 2 Configure MRPP ring 3 Display and debug MRPP relevant information 1 Globally enable MRPP Command Explanation Global Mode MRPP enable no MRPP enable Globally enabl...

Страница 775: ...on Show MRPP statistics INT Display receiving data package statistic information of MRPP ring clear MRPP statistics INT Clear receiving data package statistic information of MRPP ring 21 3 Commands Fo...

Страница 776: ...le MRPP loop may can t work normally or form broadcast Example Configure control VLAN of mrpp ring 4000 is 4000 Switch Config mrpp ring 4000 Switch mrpp ring 4000 control vlan 4000 21 3 3 debug mrpp C...

Страница 777: ...INT valid range is from 1 to 3000s Command Mode MRPP ring mode Default Default configure timer interval 3s Usage Guide If primary node of MRPP ring doesn t receives Hello packet from primary port of...

Страница 778: ...no mrpp enable command disables MRPP protocol Parameter Command Mode Global Mode Default The system doesn t enable MRPP protocol module Usage Guide If it needs to configure MRPP ring it enables MRPP...

Страница 779: ...uses primary port to send Hello packet secondary port is used to receive Hello packet from primary node There are no difference on function between primary port and secondary of secondary node Exampl...

Страница 780: ...figuration of MRPP ring 4000 of switch Switch show mrpp 4000 21 3 13 show mrpp statistics Command show mrpp statistics INT Function Display statistic information of data package of MRPP ring receiving...

Страница 781: ...port separately To avoid ring it should temporarily disable one of the ports of primary node when it enables each MRPP ring in the whole MRPP ring and after all of the nodes are configured open the p...

Страница 782: ...MRPP ring 4000 control vlan 4000 Switch MRPP ring 4000 primary port Ethernet 0 0 1 Switch MRPP ring 4000 secondary port Ethernet 0 0 2 Switch MRPP ring 4000 enable Switch MRPP ring 4000 exit Switch C...

Страница 783: ...d to E0 0 1 E0 0 2 MRPP Ring 4000 configuration Task Sequence SWITCH A configuration Task Sequence Switch Config MRPP enable Switch Config MRPP ring 4000 Switch MRPP ring 4000 control vlan 4000 Switch...

Страница 784: ...ontrol vlan 4000 Switch MRPP ring 4000 primary port Ethernet 0 0 1 Switch MRPP ring 4000 secondary port Ethernet 0 0 2 Switch MRPP ring 4000 enable Switch MRPP ring 4000 exit Switch Config SWITCH E co...

Страница 785: ...exit Switch Config SWITCH E configuration Task Sequence Switch Config MRPP enable Switch Config MRPP ring 100 Switch MRPP ring 100 control vlan 100 Switch MRPP ring 100 primary port Ethernet 0 0 1 Swi...

Страница 786: ...ring of the port must be transfer node In the above configuration SWITCH B E D has some port belonging to more than two rings The special port changing takes a effect on more than two rings sometimes...

Страница 787: ...ing 4000 secondary port Ethernet 0 0 2 Switch MRPP ring 4000 enable Switch MRPP ring 4000 exit Switch Config SWITCH H configuration Task Sequence Switch Config MRPP enable Switch Config MRPP ring 4000...

Страница 788: ...100 control vlan 100 Switch MRPP ring 100 primary port Ethernet 0 0 2 Switch MRPP ring 100 secondary port Ethernet 0 0 3 Switch MRPP ring 100 enable Switch MRPP ring 100 exit Switch Config SWITCH E c...

Страница 789: ...to form ring and broadcast storm Configuring MRPP ring you d better disconnected the ring and wait for each switch configuration then open the ring When the MRPP ring of enabled switch is disabled on...

Страница 790: ...idate switches Network administrators can statically or dynamically add the candidate switches to the cluster which is already established Accordingly they can configure and manage the member switches...

Страница 791: ...of heartbeat of the cluster 3 Set interval of sending heartbeat packets among the switches of the cluster 4 Clear the list of candidate switches discovered by the commander switch 4 Configure attribu...

Страница 792: ...ord pass no cluster member mem id Add or remove a member switch Command Explanation Global Mode cluster auto add enable no cluster auto add enable Enable or disable adding newly discovered candidate s...

Страница 793: ...Config no cluster run 22 3 2 cluster register timer Command cluster register timer time value no cluster register timer Function Sets interval of sending cluster register packet the no cluster registe...

Страница 794: ...created if the private IP address pool is not set When candidate switches join the cluster the commander switch assigns a private IP address for each member switch These IP addresses are used to commu...

Страница 795: ...to the cluster in the commander switch the no cluster member mem id command deletes a member switch from the cluster Parameter mem id is the member ID valid range is 1 to 23 cand sn is the sequence nu...

Страница 796: ...luster Parameter mem id is the cluster ID of the member switch valid rang is 1 to 23 Command mode Admin Mode Instructions Enter the Admin Mode of the member switch and configure the member switch remo...

Страница 797: ...dst url is the destination path of the file which need to be copied ascii means that the file is transmitted in ASCII format binary means that the file is transmitted in binary format When src url is...

Страница 798: ...holdtime of heartbeat And this information is distributed to all the member switches If this command is executed in a non commander switch and the value is less than the current holdtime the setting i...

Страница 799: ...Clear the list of candidate switches discovered by the commander switch Switch clear cluster candidate table 22 4 Examples of Cluster Administration Scenario The four switches SwitchA SwitchD amongst...

Страница 800: ...urs 30 minutes 15 seconds Heartbeat interval 8 seconds Heartbeat hold time 80 seconds Cluster s snmp rw community string public 22 5 1 2 show cluster members Command show cluster members Function Disp...

Страница 801: ...displays the debugging messages related to the command or member switches sending packets Command Mode Admin Mode 22 5 1 5 debug cluster application Command debug cluster application no debug cluster...

Страница 802: ...under current application Whether the connection between the command switch and the member switch is correct We can use the debug cluster packets to check if the command and the member switches can re...

Отзывы:

Нет отзывов

Похожие инструкции для ES3628EA

KELCO E30 Installation & Programming Manual preview
E30
Бренд: KELCO Страницы: 41
jablotron UC-230 Quick Start Manual preview
UC-230
Бренд: jablotron Страницы: 2
PRO SIGNAL PSG3450 Manual preview
PSG3450
Бренд: PRO SIGNAL Страницы: 5
netvox ZigBee Z815B User Manual preview
ZigBee Z815B
Бренд: netvox Страницы: 14
König KNVMA3444 Instruction preview
KNVMA3444
Бренд: König Страницы: 8
Lantech IPES-3408GSFP User Manual preview
IPES-3408GSFP
Бренд: Lantech Страницы: 119
Manhattan 177290 User Manual preview
177290
Бренд: Manhattan Страницы: 4
Quartz Q16 System Manual preview
Q16
Бренд: Quartz Страницы: 43
Gira 2324 Series Operating Instructions preview
2324 Series
Бренд: Gira Страницы: 2
Jabra EHS - Brochure preview
EHS -
Бренд: Jabra Страницы: 13
Barksdale 9671 Series Operating Instructions Manual preview
9671 Series
Бренд: Barksdale Страницы: 6
SMART-AVI DVN-8P Installation Manual preview
DVN-8P
Бренд: SMART-AVI Страницы: 2
Edimax ES-3308P Datasheet preview
ES-3308P
Бренд: Edimax Страницы: 2
BZB Gear BG-UHD44MA User Manual preview
BG-UHD44MA
Бренд: BZB Gear Страницы: 27
APG FT-100 Series Operator'S Manual preview
FT-100 Series
Бренд: APG Страницы: 7
ALC AHSS41 Quick Start Manual preview
AHSS41
Бренд: ALC Страницы: 2
VS LIGHTING SOLUTIONS Blu2Light PrimeLine 187042 Quick Start Manual preview
Blu2Light PrimeLine 187042
Бренд: VS LIGHTING SOLUTIONS Страницы: 2
ALFAtron MUH88E User Manual preview
MUH88E
Бренд: ALFAtron Страницы: 45

Бренды по названию

Популярные бренды

Загрузить еще бренды