ES4710BD 10 Slots L2/L3/L4 Chassis Switch User’s Guide www.edge-core.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Preface ES4710BD is a high performance routing switch released by Edge-Core that can be deployed as the core layer device for campus and enterprise networks, or as an aggregation device for IP metropolitan area networks (MAN). ES4710BD provides 10 slots, with support for various types of line cards and can seamlessly support a variety of network interfaces from 100Mb, 1000Mb to 10Gb Ethernet.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Content CHAPTER 1 PRODUCT OVERVIEW............................................................................................ 31 1.1 PRODUCT BRIEF .............................................................................................................................31 1.1.1 Introduction ..............................................................................................................................31 1.1.2 Features ...........................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.2.4 1.4.2.4.1 Front Panel ............................................................................................................................ 44 1.4.2.4.2 Front Panel - Indicator........................................................................................................... 45 1.4.2.4.3 Front Panel Port Description ................................................................................................. 45 1.4.2.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.3.1.2 Rack-mounting ES4710BD ............................................................................................................ 61 2.3.1.3 Wearing an ESD Wrist Strap .......................................................................................................... 62 2.3.2 Switch grounding ..................................................................................................................62 2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4.2.1.1.3.2 VLAN Mode ................................................................................................................... 88 4.2.1.1.3.3 DHCP Address Pool Mode.............................................................................................. 88 4.2.1.1.3.4 Route Mode..................................................................................................................... 88 4.2.1.1.3.5 ACL Mode .........................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.2.2.3.2 telnet ..................................................................................................................................... 100 5.2.2.3.3 telnet-server enable ............................................................................................................... 101 5.2.2.3.4 telnet-server securityip.......................................................................................................... 101 5.2.2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.4.4.2.6 snmp-server securityip.......................................................................................................... 116 5.4.5 Typical SNMP Configuration Examples ............................................................................. 116 5.4.6 SNMP Troubleshooting Help .............................................................................................. 117 5.4.6.1 Monitor and Debug Commands .............................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.2.3 Configure IP address of SNMP manager...................................................................................... 141 5.6.2.4 SNMP statistics ............................................................................................................................ 142 5.6.2.5 RMON and trap configuration...................................................................................................... 142 5.6.3 Switch upgrade............
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 6.4.1 Reset specific module..........................................................................................................155 6.4.2 Show slot.............................................................................................................................155 6.4.3 Show fan..............................................................................................................................156 6.4.4 Show power.....................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.4.1 Introduction to Port Mirroring...................................................................................................... 170 7.2.4.2 Port Mirroring Configuration Task Sequence............................................................................... 171 7.2.4.3 Port Mirroring Configuration ....................................................................................................... 171 7.2.4.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.4.1.1 show mac-address-table aging-time ............................................................................................. 185 8.4.1.2 show mac-address-table static ...................................................................................................... 186 8.4.1.3 show mac-address-table blackhole ............................................................................................... 186 8.4.2 Troubleshooting Help..........
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.2.2.5 8.6.2.3 Clearing port MAC.................................................................................................................... 199 MAC binding attribution configuration............................................................................200 8.6.2.3.1 Maximum port security IP number configuration...................................................................... 200 8.6.2.3.2 Port violation mode .............................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 9.5.1.1 Create/remove Vlan .................................................................................................................. 217 9.5.1.1.1 VID allocation ........................................................................................................................... 217 9.5.1.1.2 VID attribution configuration.................................................................................................... 218 9.5.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.2.2.9 spanning-tree link-type p2p........................................................................................................ 232 10.2.2.10 spanning-tree maxage............................................................................................................... 232 10.2.2.11 spanning-tree max-hop ............................................................................................................. 233 10.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.5.4 Show MSTP setting...........................................................................................................250 10.5.4.1 Instance information................................................................................................................... 250 10.5.4.2 MSTP field information .............................................................................................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 12.1.3 Access list Action and Global Default Action ...................................................................266 12.2 ACL CONFIGURATION ................................................................................................................267 12.2.1 ACL Configuration Task Sequence ...................................................................................267 12.2.2 ACL Configuration Commands..............................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 13.4 PORT CHANNEL TROUBLESHOOTING HELP ................................................................................290 13.4.1 Monitor and Debug Commands ........................................................................................290 13.4.1.1 show port-group........................................................................................................................ 290 13.4.1.2 debug lacp.................................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.5 DHCP TROUBLESHOOTING HELP ...........................................................................................313 14.5.1 Monitor and Debug Commands ........................................................................................313 14.5.1.1 clear ip dhcp binding ................................................................................................................ 313 14.5.1.2 clear ip dhcp conflict ................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 15.3.1.1 show sntp .................................................................................................................................. 329 15.3.1.2 debug sntp................................................................................................................................. 329 15.4 WEB MANAGEMENT ............................................................................................................329 15.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.4.1.4 show mls qos maps ................................................................................................................... 354 16.4.1.5 show class-map......................................................................................................................... 355 16.4.1.6 show policy-map....................................................................................................................... 355 16.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 17.2.1 Introduction to IP Forwarding............................................................................................369 17.2.2 IP Route Aggregation Configuration....................................................................................369 17.2.2.1 IP Route Aggregation Configuration Task ................................................................................ 369 17.2.2.2 IP Route Aggregation Configuration Command ...................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.2.3.2.1 ip route ................................................................................................................................ 380 18.2.3.2.2 show ip route ....................................................................................................................... 381 18.2.4 Configuration Scenario .....................................................................................................382 18.2.5 Troubleshooting Help....
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.4 OSPF .........................................................................................................................................404 18.4.1 Introduction to OSPF ........................................................................................................404 18.4.2 OSPF Configuration..........................................................................................................407 18.4.2.1 Configuration Task Sequence .........
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.4.2.2.34 debug ip ospf spf............................................................................................................... 429 18.4.3 Typical OSPF Scenario .....................................................................................................429 18.4.4 OSPF Troubleshooting Help .............................................................................................436 18.4.4.1 Monitor and Debugging Commands..................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch CHAPTER 19 MULTICAST PROTOCOL CONFIGURATION .................................................. 457 19.1 MULTICAST PROTOCOL OVERVIEW ............................................................................................457 19.1.1 Introduction to Multicast......................................................................................................457 19.1.2 Multicast Address.............................................................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.4.4.1.2 show ip pim interface .......................................................................................................... 475 19.4.4.1.3 show ip pim mroute sm ..................................................................................................... 476 19.4.4.1.4 show ip pim neighbor ........................................................................................................ 476 19.4.4.1.5 show ip pim rp................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.6.2.2.3 ip igmp query-interval ........................................................................................................ 496 19.6.2.2.4 ip igmp query-max-response-time ...................................................................................... 496 19.6.2.2.5 ip igmp query-timeout ........................................................................................................ 496 19.6.2.2.6 ip igmp static-group............
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.7.6.5 Show ip pim mroute sm..................................................................................................507 19.7.6.6 Show ip pim rp ...............................................................................................................507 19.7.6.7 Show ip dvmrp mroute ...................................................................................................507 19.7.6.8 Show ip dvmrp neighbor .................................
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.4.1.3 show aaa authenticating-user .................................................................................................... 524 20.4.1.4 show radius count ..................................................................................................................... 524 20.4.1.5 show dot1x................................................................................................................................ 525 20.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 21.4.1 Create VRRP Number .......................................................................................................543 21.4.2 Configure VRRP Dummy IP ......................................................................................................... 544 21.4.3 Configure VRRP Port.................................................................................................................... 544 21.4.4 Activate Virtual Router.............
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 1 Product Overview RECOMMENDATION: Please read this manual first before using the switch, following the instructions to avoid damaging the device. 1.1 Product Brief Fig 1-1 ES4710BD Switch 1.1.1 Introduction Edge-Core ES4710BD is a high performance routing switch that can be deployed as a core layer device for campus and enterprise networks, or an aggregation device for IP metropolitan area networks (MAN).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.1.2 Features Advanced Architecture The design for the ES4710BD core routing switch is fully distributed architecture. With a powerful ASIC chip dedicated to high-speed route lookup and traffic forwarding through “longest-match” and “packet-by-packet” mode, the switch ensures enhanced forwarding performance and scalability. ES4710BD can effectively block network viruses such as "Code red”, "Worm.Blaster” and "Worm.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Layer 3 Forwarding Layer 3 forwarding is the forwarding of Layer 3 packets (IP packet) across VLANs, which ES4710BD uses switch chip hardware to forward IP packets, facilitating the on-chip host route entries and default routing table entries, allowing IP packets to be forwarded at full wire speed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch IGMP Snooping ES4710BD supports IGMP Snooping based on multi-casting applications enabling various multi-cast services (e.g. multimedia playback, remote education and recreation) in an access network with lowered network traffic. Broadcast Storm Control ES4710BD can effectively prevent broadcast storms from wasting bandwidth with packet level Broadcast Storm Control function, resulting in improved overall system performance.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Restart and reset to factory setting can be done both locally and remotely TFTP /FTP firmware upgrade available Can be installed into standard 19-inch chassis 1.2 Technical specifications Protocols and Standards □ □ □ □ □ □ □ □ □ □ □ □ □ □ □ □ □ IEEE802.3 10BASE-T Ethernet IEEE802.3u 100BASE-TX/FX Fast Ethernet IEEE802.3x Flow control IEEE802.1x access control IEEE802.1D/w Spanning Tree IEEE802.1p Class of Service IEEE802.1Q VLAN IEEE802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch a grounding post has been provided on each side of the rack for grounding connections. In addition, on both sides of the lower section of the chassis, a handler is provided for easier transport. Fig 1-2 ES4710BD Front Panel view Management slot: 2 management slots are provided. One or two management switching modules EM4710BD-AGENT can be inserted in to the Management slots. Network slot: 8 network slots are provided.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch the panel as RUN) are provided for each board. On the Main Control cards there is Master-Slave indicator (printed on the panel as M/S) There is also a power module status indicator (printed on the panel as Power: Fail/OK), fan assembly status indicator (printed on the panel as Fan: Alarm/OK), and interface status indicators for corresponding management interfaces and network interfaces (printed on the panel as Link and Act).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z 12 fiber Gb ports line card (EM4700BD-12GX-SFP): supporting 12 SFP Gb fiber ports for layer 2 and layer 3 switching and routing. z Dual 10Gb fiber line card (EM4700BD-2XG-XENPAK): supporting 2 10GBase-X fiber port (XENPAK) for layer 2 and layer 3 switching and routing. z Enhanced processing card (EM-7600-ES): enabling enhanced services including IPv6, MPLS and firewall.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Master-Slave indicator M/S Power Supply Module Status indicator: POWER Cards are powered off and can be removed On (Green) Master Off Slave On (Green) Power Supply normally Off Power supply module malfunctioning or not present (with Fail off) On (Yellow) Power Supply Module malfunction Off Power supply module operating normally or not present (with OK off) On (Green) Fan operating normally Off Fan malfunctioning or not present (with Alarm off)
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Property Specification RJ-45 (Receptacle) Connector z Connector type 1.4.2.1.5 z 10/100Mbps auto sensing Cat 5 UTP: 300 m Front Panel – Reset Button EM4710BD-AGENT provides a RESET button for resetting the board. 1.4.2.1.6 Front Panel – SWAP Button The EM4710BD-AGENT provides a SWAP button for hot swapping the module during operation. Before removing the modules, users should press SWAP button first.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch indicator On (Green, blinks at 8 Hz) System is loading (Booting after card hot swapping) On (Yellow, blinks at 8 Hz) System is shutting down (Shutting Down after SWAP button pressed) On (Red, blinks at 8 Hz) Malfunction status Off Card is powered off and can be removed On (Green) Network connection on SFP transceiver is normal Off No network connection present on SFP transceiver Blinking (Green) Sending or receiving data RJ-45 port indicator Status i
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 1-5 1.4.2.3.2 EM4700BD-12GX-SFP Front Panel view Front Panel - Indicator The following table describes the EM4700BD-12GX-SFP’s front panel indicators: Table 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Table 1.7 EM4700BD-12GX-SFP port description Port Type Specification z SFP-SX transceiver: 62.5/125 µm multi-mode fiber: 275 m 50.0/125 µm multi-mode fiber: 550m z SFP-LX transceiver: 9/125 µm single-mode fiber: 10 km SFP z SFP-LH-40 transceiver: 9/125 µm single-mode fiber: 40 km z SFP-LH-70 transceiver: 9/125 µm single-mode fiber: 70 km z SFP-LH-120 transceiver: 9/125 µm single-mode fiber: 120 km 1.4.2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.2.4.2 Front Panel - Indicator The following table describes the front panel indicators for the EM4700BD-2XG-XENPAK: Table 1.8 LED Indicator Power Indicator Description of the EM4700BD-2XG-XENPAK indicators Panel Symbol PWR Status Description On (green) Card powered.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.2.4.5 Front Panel – SWAP Button The EM4700BD-2XG-XENPAK provides a SWAP button for hot swapping the module during operation. Before removing the modules, users should first press the SWAP button. The module will then prepare for a hot-swap and the system operation indicator (RUN) will turn yellow and blink at 8 Hz. When the RUN indicator is off, the cards are powered off and can be removed. 1.4.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.2.5.2 Front Panel - Indicator The following table describes the front panel indicators for EM-7600-ES and EM-7600-ES-2GB: Table 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Table 1.10 EM-7600-ES-2GB port description Port Type Specification z SFP-SX transceiver: 62.5/125 µm multi-mode fiber: 275m 50.0/125 µm multi-mode fiber: 550m z SFP-LX transceiver: 9/125 µm single-mode fiber: 10km SFP z SFP-LH-40 transceiver: 9/125 µm single-mode fiber: 40km z SFP-LH-70 transceiver: 9/125 µm single-mode fiber: 70km z SFP-LH-120 transceiver: 9/125 µm single-mode fiber: 120km 1.4.2.5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.3.1 EM4710BD-AC (Alternating Current Power Module) When powered by AC inputs, the AC power module EM4710BD-AC and corresponding AC distribution box should be used in the ES4710BD. The input voltage of the EM4710BD-AC is 110V/220 VAC, with ranges between 90 ~ 264 VAC and frequency between 50 ~ 60 Hz, the maximum output power is 600W. 1.4.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch VAC input socket for the positioning of power cords and easier wiring. In addition, on the left side of the AC distribution panel is a power supply switch used to control the modules’ power output . Please turn this power supply switch on during normal operation of the ES4710BD. Telco network users usually require equipment to have -48V DC input, the DC power modules and DC distribution box can satisfy this application.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.4.8 Rear Panel The rear panel of the ES4710BD covers the switch backplane. To ensure safe operation of the switch, please do not open the rear panel. There are two reversible handles on the rear panel, they are used only for the installation and removal of the rear panel. Never lift or move the switch with these handles! The rear panel is shown below: Fig 1-9 Rear panel and side view 1.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1.5 System Features Table 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 2 2.1 Hardware Installation Safety Information During the installation and use of the ES4710BD Switch, please follow the safety guidelines listed below: Basic Guidelines 1. Disconnect power supplies from the chassis before disassembly or moving the switch. 2. Install the switch in a clean area, ensuring proper temperature and humidity conditions. 3. Keep the device accessories in a safe place. 4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (including rings, necklaces, watches and bracelets). 2. Metal objects will cause short circuits and damage the device when in contact with both powered items and the ground. 3. An improper connection between the device and power sockets may be hazardous. 4. Only trained and qualified personnel should be allowed to operate and maintain the device. 5. Reading through the installation guidelines before powering on the system.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Notice ! ! ! ! Watch out for potential dangers, e.g. wet floors, ungrounded power lines, and worn power lines. Have an emergency switch installed inside the workshop, so that power can be cut off promptly should an accident occur. Do not work alone if potential dangers are present. On the event of an accident, take the following measures: 1. Power down the system 2. Make emergency calls if required 3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Temperature: Relative humidity Long term condition Short term condition Long term condition Short term condition 15 ~ 30°C 0 ~ 40°C 40~65% 10~90% Notice A sample of ambient temperature and humidity should be taken at 1.5m above the floor and 0.4m in front of the switch rack, with no protective panel covering the front and rear of the rack.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.1.4 Preventing Electrostatic Discharge Damage Static electric discharges can cause damage to internal circuits, even the entire switch. Follow these guidelines for preventing ESD damage: 1. Ensure proper earth grounding of the device 2. Perform regular cleaning to reduce dust 3. Maintain proper temperature and humidity 4. Always wear an ESD wrist strap and antistatic uniform when in contact with circuit boards 2.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.1.7 Power Supply Requirements The ES4710BD is designed to use modular switching power supplies, supporting 2 +1 redundant backup of power modules. The power input specification is shown below: Nominal Input Voltage AC: 90 ~ 264 VAC, 50 ~ 60Hz DC: -36 ~ -72 VDC Total power consumption: ≤700W Before installing the power modules, please check the power input to ensure proper grounding of the power supply system.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch A basic configuration ES4710BD should include the following: ITEM No. Part name Number 1 ES4710BD Ethernet Switch 1 2 AC cable 3 3 Serial port cable 1 4 Grounding cord 1 5 Chassis hanger 2 6 Hanger screw 12 8 Manual CD 1 9 Qualification certificate 1 10 Warranty card 1 Memo Note: The above list is subject to change without notice, please use the packing list shipped with the switch as the checklist. 2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch & Cards and modules installation & Connecting to the Console Connecting to the Console port & Connecting to the Management Port Connecting to the Ethernet port & SFP transceiver installation Install the SFP transceiver in the SFP slot & XENPAK transceiver installation Install the XENPAK transceiver in the XENPAK slot 60
EES4710BD 10 Slots L2/L3/L4 Chassis Switch & Copper Cable/Fiber cable connection Ethernet cable connection Fiber cable connection & Power supply connection 2.3.1 Switch Installation 2.3.1.1 z Desktop installation Note: ● Choose a smooth level workbench ● Verify that the workbench is strong enough to support the ES4710BD’s fully configured weight ● Plan a good position for your ES4710BD that is easy to operate and has an appropriate power source and grounding point.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The figure below shows the steps for mounting the hangers: Fig 2-1 Installing ES4710BD Switch Hangers Step 2: Put the hanger-mounted switch smoothly into a standard 19’’ rack. Because of the size and weight of a ES4710BD, 2 people are required to complete the installation. With a person standing on each side of the chassis, grasp the chassis handle in the lower side panel with one hand, and use the other hand near the top of the chassis for balance.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z Proper grounding When using an AC power source, the device must be grounded with the green and yellow ground cables, otherwise, shock hazards may occur when insulation resistance between the internal power supply and the chassis degrades. z Lightning protection grounding The lightning protection system is an independent system consisting of a lightning rod, conductor and connection joint with the grounding system.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.3.3.1 Removing and Installing the Cards The installation procedure is the same for all cards, as shown below: Step 1: Power down the switch (Hot-swapping is supported by optional cards for the switch. However, for better convenience, it is recommended to power down the switch before installing the cards, if no module in the switch is running.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch front panel of the fan tray will lock automatically. Upon removal, hold the handle in the front panel of fan tray with your middle and ring fingers, press the locker slightly down, and the fan tray can be drawn out smoothly. Note: The fan trays are installed on switch chassis shipment. The installation and removal of a fan tray is shown below: Fig2-4 The installation and removal of a fan tray 2.3.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z Cleaning of power supply dust gauze: Dust gauzes are provided in the front panels of the EM4710BD-AC and EM-7608-DC power supply modules, which can be installed and removed easily. Dust gauze is meant to prevent large debris or particles in the air from being ingested into the power supply modules, and should be cleaned regularly according to operating conditions.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.3.5 Connecting to the Management Port The EM4710BD-AGENT provides a RJ-45 (female) Ethernet port. Users can connect to this administration port through a backend host with Ethernet interface for program loading, or use this port to connect to remote devices (e.g., an administrative workstation) for remote administration.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Step 4: Tighten (clockwise) the panel fasteners in the front of XENPAK transceiver until fastened to the front panel of the 10GB line card. Note: the XENPAK 10GB fiber transceiver is hot swappable Notice Do not stare directly at the 2 fiber bore in the XENPAK 10GB fiber transceiver when the switch is in operation. The laser may hurt your eyes. 2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Step 1: Before connecting the AC power cable, ensure that the ES4710BD is properly grounded and the output switch of the power supply module in the AC distribution box is off. Step 2: Insert one end of the three power cables into the power source socket (dedicated branch circuits are recommended), and the other end to the power socket in the switch distribution box. Fix the cables with the wiring clips.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 3 Setup Configuration Setup configuration refers to the initial operation of the switch after the user purchases the switch. For first-time users of the ES4710BD, this chapter provides a very practical instruction. When using CLI (command line interface), the user can type setup under admin mode to enter the Setup configuration interface. 3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Selection number: The corresponding menu items in Chinese are: 配置菜 [0]:配置交 机主机名 [1]:配置 Vlan1 的接口 [2]:配置交 机 Telnet 服 [3]:配置交 机 Web 服 器 器 [4]:配置 SNMP [5]:退出 setup 模式不保存配置 [6]:退出 setup 模式保存配置 果 果 序号: 3.1.2 Setup Submenu 3.1.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The corresponding prompt in Chinese is: 配置 Vlan1 接口 [0]: 配置 Vlan1 接口的 IP 地址 [1]: 配置 Vlan1 接口的状 [2]: 返回上一 菜 序号: Select “0” in the Vlan1 interface configuration menu and press Enter, the following screen will appear: Please input interface-Vlan1 IP address (A.B.C.D): The corresponding prompt in Chinese is: 入 Vlan1 接口的 IP 地址(A.B.C.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch [0]: Add telnet user [1]: Config telnet server status [2]: Exit Selection number: The corresponding prompt in Chinese is: 配置 Telnet 服 器 [0]: 添加 Telnet 服 器用 [1]: 配置 Telnet 服 器的状 [2]: 返回上一 菜 序号: Select “0” in the Telnet server configuration menu and press Enter, the following screen will appear: Please input the new telnet user name : The corresponding prompt in Chinese is: 入要添加的 Telnet 用 名: Note: Valid username length is 1 to 16 characters.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch enable Telnet service. The Telnet server configuration menu will then appear. Select “2” in the Telnet server configuration menu to return to the Setup main menu. 3.1.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Note: valid password length is 1 to 8 characters. After configuring the username and password, the menu will return to the Web server configuration section. Select “1” in the Web server configuration menu and press Enter, the following screen appears: Enable switch web-server or no?(y/n) [y]: The corresponding prompt in Chinese is: 是否使能交 机 Web 服 器?(y/n) [y]: Type “n” and press Enter to disable Web service.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch [2]: 配置 Traps 主机 IP 地址和 [3]: 配置交 机 SNMP 状 [4]: 配置交 机 Traps 状 体字符串 [5]: 添加 SNMP 管理站安全 IP 地址 [6]: 返回上一 菜 序号: Select “0” in the SNMP configuration menu and press Enter, the following screen will appear: Please input the read-write access community string[private]: The corresponding prompt in Chinese is: 入 SNMP 写 体字符串[private]: Note: valid length for a read-write access community string is 1 to 255 characters, the default value is “private”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Select “3” in the SNMP configuration menu and press Enter, the following screen will appear: Enable SNMP-server? (y/n) [y]: The corresponding prompt in Chinese is: 是否使能交 机 SNMP? (y/n) [y]: Type “n” and press Enter to disable SNMP service. Type “y” and press Enter, or just press Enter to enable SNMP service. The SNMP configuration menu will then appear.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 4 4.1 Switch Management Management Options After purchasing the switch, the user needs to configure the switch for network management. ES4710BD provides two management options: in-band management and out-of-band management. 4.1.1 Out-of-band Management Out-of-band management is the management through Console interface. Generally, out-of-band management is used for initial switch configuration, or when in-band management is not available.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Step 2 Entering the HyperTerminal. Open HyperTerminal in Windows after the connection has been established. The example below is based on HyperTerminal that is included in Windows XP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 4-4 Opening HyperTerminal (3) 4) COM1 properties appears, select “9600” for “Baud rate”, “8” for “Data bits”, “none” for “Parity checksum”, “1” for “stop bits” and “none” for “flow control”; or, you can also click “Restore default” and click “OK”. Fig 4-5 Opening HyperTerminal (4) 5)The HyperTerminal window appears.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SWITCH# SWITCH# Fig 4-6 Opening HyperTerminal (5) Step 3 Entering switch CLI interface: Power on the switch. The following appears in the HyperTerminal windows, this is the CLI configuration mode for ES4710BD. ES4710BD Management Switch Copyright (c) 2001-2004 by Edge-Core Networks Limited. All rights reserved. Testing RAM... 134,217,728 RAM OK. Initializing... Attaching to file system ... done. Loading nos.img ... done. Starting at 0x10000...
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Current time is WED APR 20 09:37:52 2005 ES4710BD Series Switch Operating System, Software Packet Version ES4704BD_2.2.10.0 Copyright (C) 2001-2004 by Accton Technology Corp. http://www.edge-core.com ES4710BD Switch (MPC8245-266M) processor ES4710BD> The user can now enter commands to manage the switch. For a detailed description of commands, please refer to the following chapters. 4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Connect with Ethernet cable Fig 4-7 Managing the switch by Telnet Step 1: Configure the IP addresses for the switch and start the Telnet function on the switch. First, the configuration of the host’s IP address should be within the same network segment as the switch’s VLAN1 interface IP address. Suppose the switch’s VLAN interface IP address is 10.1.128.251/24, then a possible host IP address is 10.1.128.252/24. Run “ping 10.1.128.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Run the Telnet client program included in Windows with the specified Telnet target. Fig 4-8 Step 3: Running the Telnet client program included in Windows Log in to the switch Log in to the Telnet configuration interface. Valid login name and password are required, otherwise the switch will reject Telnet access. This method protects the switch from unauthorized access.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 4-9 4.1.2.2 Telnet Configuration Interface Managing the Switch through ECview To manage the switch with ECview, the following conditions should be met: 1) Switch has an IP address configured 2) The host’s IP address and the switch’s VLAN interface IP address are in the same network segment.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4.2.1 CLI Interface CLI interface is familiar to most users. As aforementioned, out-of-band management and Telnet login are all performed through CLI interface to manage the switch. CLI Interface is supported by Shell program, which consists of a set of configuration commands. Those commands are categorized according to their functions in switch configuration and management. Each category represents a different configuration mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4.2.1.1.2 Admin Mode Admin Mode prompt “Switch#” can be entered under the User Mode by running the enable command and entering the corresponding admin user password, if set. Or, when the exit command is run under Global Mode, it will return to the Admin Mode. ES4710BD also provides the shortcut key sequence "Ctrl+z”, that allows an easy way to exit to Admin Mode from any configuration mode (except User Mode).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch under Global Mode. mode, speed, etc. 4.2.1.1.3.2 VLAN Mode Using the vlan command under Global Mode, you can enter the corresponding VLAN Mode. Under VLAN Mode the user can configure all member ports of the corresponding VLAN. Run the exit command to exit the VLAN Mode to Global Mode. 4.2.1.1.3.3 DHCP Address Pool Mode Type the ip dhcp pool command under Global Mode to enter the DHCP Address Pool Mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4.2.1.2 extended for return to command under Extended IP Global Mode. Global Mode. ACL Mode Configuration Syntax ES4710BD provides various configuration commands. Although all the commands are different, they all abide by the syntax of ES4710BD configuration commands.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Right “→” The cursor moves one character to the right. Ctrl+p The same as Up key “↑”. Ctrl+n The same as Down key “↓”. Ctrl+b The same as Left key “←”. Ctrl+f The same as Right key “→”. Ctrl+z Returns to the Admin Mode directly from the other configuration modes (except User Mode). Ctrl+c Breaks the ongoing command process, such as ping or other command execution.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Unrecognized command or illegal The entered command does not exist, or there is error parameter! in parameter scope, type or format. Ambiguous command At least two interpretation are possible based on the current input. Invalid command or parameter The command is recognized, but no valid parameter record is found. This command does not exist in current The command is recognized, but this command can mode not be used under current mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4.3.2 Module Front Panel When entering username, password and passing authentication, you will see the following web management main page. On the left of the management page is the main management menu and on the right of the page system information and command parameter are displayed. Click the main menu link to browse other management links and to display configuration and statistic information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 5 5.1 Basic Switch Configuration Basic Switch Configuration Commands This section covers the basic configuration for the switch, including all the commands for entering and exiting the Admin Mode and Interface Mode, setting and displaying switch clock and displaying system version information. 5.1.1 clock set Command: clock set Function: Sets system date and time.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch user password are all wrong, it remains in the User Mode. Set the Admin user password under Global Mode with the “enable password” command. Example: Switch>enable password: ***** (admin) Switch# Related command: enable password 5.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: The default value is 5 minutes. Usage Guide: To ensure security for the switch and prevent malicious operation of unauthorized users, timeout count will start after the last configuration by the Admin user. The system will automatically exit the Admin Mode upon the preset timeout threshold. If the user needs to enter Admin Mode, the Admin user password needs to be entered again.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the host name, up to 15 characters are allowed; is the corresponding IP address for the host name and takes a decimal format. Command mode: Global Mode Usage Guide: Sets the association between host and IP address, which can be used in commands like “ping ”. Example: Setting the IP address of a host with the hostname of “ES4710BD” to 200.121.1.1. Switch(Config)#ip host ES4710BD 200.121.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch#reload 5.1.12 setup Command: setup Function: Enters the Setup Mode of the switch. Command mode: Admin Mode Usage Guide: ES4710BD provides a Setup Mode, in which the user can configure IP addresses, etc. 5.1.13 language Command: language {chinese|english} Function: Sets the language for displaying the help information. Parameters: chinese for Chinese display; english for English display. Command mode: Admin Mode Default: The default setting is English..
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: The switch sends an ICMP packet to remote devices to verify the connectivity between the switch and remote devices. Parameters: is the target host IP address for ping, in decimal format. Default: Sends 5 ICMP packets of 56 bytes each, timeout is 2 seconds.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Telnet is a simple remote terminal protocol for remote login. Using Telnet, the user can login to a remote host with its IP address of hostname from his own workstation. Telnet can send the user’s keystrokes to a remote host and send the remote host’s output to the user’s screen through a TCP connection. This is a transparent service. To the user, the keyboard and monitor seem to be connected to the remote host directly.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch information. 2. Telnet to a remote host from the switch Command Explanation Admin Mode Logs in to a remote host with the Telnet telnet [] [] 5.2.2.3 Telnet Commands 5.2.2.3.1 monitor client included in the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Connecting Host 20.1.1.123 Port 23... Service port is 23 Connected to 20.1.1.123login:123 password:*** router> 5.2.2.3.3 telnet-server enable Command: telnet-server enable no telnet-server enable Function: Enables the Telnet server function in the switch: the “no telnet-server enable” command disables the Telnet function in the switch. Default: Telnet server function is enabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch command deletes the specified Telnet user. Parameters: is the Telnet client’s username, up to 16 characters are allowed; is the login password, up to 8 characters are allowed; 0|7 indicate non-masked password display and masked password display. Command mode: Global Mode Default: No Telnet client username and password is set by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch#show clock Current time is TUE AUG 22 11:00:01 2002 Related command: clock set 5.2.4.2 show debugging Command: show debugging Function: Displays the debugging switch status. Usage Guide: If a user needs to check what debugging switches have been enabled, show debugging command can be executed. Command mode: Admin Mode Example: Checking for currently enabled debugging switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch enable config interface ethernet 1/3 enable show flash show ftp 5.2.4.5 show memory Command: show memory Function: Displays the contents in the memory. Command mode: Admin Mode Usage Guide: This command is used for switch debugging purposes. The command will interactively prompt the user to enter start address of the desired information in the memory and output word number.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch#show running-config 5.2.4.7 show startup-config Command: show startup-config Function: Displays the switch parameter configurations written in the Flash memory at the current operation, those are usually also the configuration files used for the next power-up. Default: If the configuration parameters read from the Flash are the same as the default operating parameter, nothing will be displayed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.2.4.9 show tcp Command: show tcp Function: Displays the current TCP connection status established to the switch. Command mode: Admin Mode Example: Switch#show tcp LocalAddress LocalPort 0.0.0.0 23 ForeignAddress 0.0.0.0 0.0.0.0 80 Displayed information ForeignPort 0 0.0.0.0 0 Description State LISTEN LISTEN LocalAddress Local address of the TCP connection. LocalPort Local pot number of the TCP connection.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Switch#show telnet login Authenticate login by local. Login user: aa Switch# 5.2.4.12 show telnet user Command: show telnet user Function: Displays authorized Telnet client’s information Usage Guide: This command can be used to check for all current authorized Telnet clients. Example: Switch#show telnet user Antony Switch# Related command: telnet-user password 5.2.4.13 show version Command: show version Function: Displays the switch version.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.3 Configuring Switch IP Addresses All Ethernet ports of ES4710BD perform layer 2 forwarding. The VLAN interface represents a Layer 3 interface function, which can be assigned an IP address, this is also the IP address of the switch. All VLAN interface related configuration commands can be configured under VLAN Mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 3.DHCP Command Explanation ip dhcp-client enable Enables the switch to be a DHCP client and no ip dhcp-client enable obtain IP address and gateway address through DHCP negotiation; the “no ip dhcp-client enable” command disables the DHCP client function. 5.3.2 Commands for Configuring Switch IP Addresses 5.3.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip bootp-client enable Switch (Config-If-Vlan1)#exit Switch (Config)# Related command: ip address, ip dhcp-client enable 5.3.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SNMP protocol provide a relatively direct way of exchanging management information between two points in the network. SNMP employs a polling mechanism of message query transmitted through UDP (a connectionless transport layer protocol), and is therefore well supported by the existing computer networks. SNMP protocol works in NMS(Network Management Station)-Agent mode, thus consists of two parts: NMS and Agent.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 5-1 ASN.1 tree instance In this figure, the OID of object A is 1.2.1.1. NMS can find this object without ambiguity through the object’s unique OID to get the standard variable contained in the object. MIB will define a set of standard variables for monitored network devices according to this structure. If the variable information inside Agent MIB needs to be browsed, MIB browsing software needs to be run in NMS, such as the MIB browser included in ECview.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Statistics: Maintains basic utilization and error statistics for each subnet monitored by the Agent. History: Records periodical statistic samples available from Statistics. Alarm: Allows users to set any count or integer for sample intervals and alert thresholds for RMON Agent records. Event: A list of all events generated by RMON Agent. Alert depends on the implementation of Event. Statistics and History display some current or history subnet statistics.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch configured secure address. 4. Configuring TRAP Command Explanation snmp-server enable traps Sets the switch to enable to send Trap no snmp-server enable traps messages; the “no snmp-server enable traps” command disables Trap messages.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the community string set; ro|rw is the specified access mode to MIB, ro for read-only and rw for read-write. Usage Guide: Up to 4 community strings are supported by the switch. Example: Adding a community string named “private” with read-write permission. Switch(Config)#snmp-server community rw private Add a community string named “public” with read-only permission.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.4.4.2.5 snmp-server host Command: snmp-server host no snmp-server host Function: Sets the IP address and Trap community string of the NMS to receive SNMP trap message; the “no snmp-server host ” command deletes the IP address of the NMS to receive SNMP Trap message.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1. 1. 1. 9 1. 1. 1. 5 Fig 5-2 SNMP Configuration Example The IP address of NMS is 1.1.1.5; the Switch (Agent) IP address is 1.1.1.9. Scenario 1: The NMS network administrative software uses SNMP protocol to obtain data from the switch. The configuration of the switch is listed below: Switch(Config)#snmp-server enable Switch(Config)#snmp-server community rw private Switch(Config)#snmp-server community ro public Switch(Config)#snmp-server securityip 1.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Displays all SNMP counter information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch MIB objects bad values errors Number of “Bad_values” error SNMP packets general errors Number of “General_errors” error SNMP packets response PDUs Number of response packets sent trap PDUs Number of Trap packets sent 5.4.6.1.2 show snmp status Command: show snmp status Function: Displays SNMP configuration information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.4.6.1.3 debug snmp packet Command: debug snmp packet no debug snmp packet Function: Enables the SNMP debug function: the “no debug snmp packet” command disables this debug function. Command mode: Admin Mode Usage Guide: When problems occur in SNMP, SNMP debug function can be enabled to locate the cause. Example: Switch#debug snmp packet 5.4.6.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.5.1 BootROM Upgrade There are two methods for BootROM upgrade: TFTP and FTP, which can be selected at BootROM command settings. Console cable connection cable connection Fig -5-3 Typical topology for switch upgrade in BootROM mode The upgrade procedures are listed below: Step 1: As shown in the figure, a PC is used as the console for the switch. A console cable is used to connect PC to the management port on the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 219.32 BogoMIPS SST39VF040 CPU: PowerPC MPC8245MH266, Revision 14 Version: 1.4.1 Creation date: Apr 14 2005, 09:33:18 Attached TCP/IP interface to lnPci0. [Boot]: Step 3: Under BootROM mode, run “setconfig” to set the IP address and mask of the switch under BootROM mode, server IP address and mask, and select TFTP or FTP upgrade. For example, suppose the switch address is 192.168.1.2/24, the PC address is 192.168.1.66/24. Select TFTP upgrade.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch mirror file. [Boot]: write nos.img Programming... Program OK. [Boot]: Step 6: After successful upgrade, execute the “run” command in BootROM mode to return to CLI configuration interface. [Boot]:run(or reboot) Other commands in BootROM mode 1. DIR command Used to list existing files in the FLASH. [Boot]: dir boot.rom boot.conf 327,440 1900-01-01 00:00:00 --SH 83 1900-01-01 00:00:00 --SH nos.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch to establish management connection on port 21 in the server, and negotiate a data connection through the management connection. There are two types of data connections: active connection and passive connection. In active connection, the client transmits its address and port number for data transmission to the sever, the management connection maintains until data transfer is complete.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch backup and update of the configurations. Start up configuration file: refers to the configuration sequence used in switch start up. ES4710BD start up configuration file stores in FLASH only, corresponding to the so called configuration save. To prevent illicit file upload and easier configuration, ES4710BD mandates the name of start up configuration file to be startup-config. Active configuration file: refers to the active configuration sequence used in the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1. FTP/TFTP client configuration (1)FTP/TFTP client upload/download file Command Explanation Admin Mode copy [ascii | binary] FTP/TFTP client upload/download file (2)For FTP client, server file list can be checked Global Mode For FTP client, server file list can be checked. FtpServerUrl dir format looks like: ftp://user:password@IP Address 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 3. TFTP server configuration (1)Start TFTP server Command Explanation Global Mode tftp-server enable no tftp-server enable Starts TFTP server, the “no ftp-server enable” command shuts down TFTP server and prevents TFTP users from logging in. (2)Modify TFTP server connection idle time Command Explanation Global Mode tftp-server retransmission-number < number > Sets maximum retransmission time within timeout interval.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Special Keywords in filename keyword Source/Target IP address running-config Active configuration file startup-config Start up configuration file nos.img System file Boot.rom System boot file Command mode: Admin Mode Usage Guide: The command provides command line prompt messages. If the user enters a command like copy ftp:// or copy ftp:// and presses Enter, the following prompt will appear: ftp server ip address [x.x.x.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: viewing the file list of the FTP server 10.1.1.1 with the username “Switch” and password “edgecore”. Switch#config Switch(Config)#dir ftp:// Switch:edgecore@10.1.1.1 5.5.2.2.5 ftp-server enable Command: ftp-server enable no ftp-server enable Function: Enables FTP server, the “no ftp-server enable” command shuts down FTP server and prevents FTP user from logging in. Default: FTP server is not enabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.5.2.2.7 ip ftp Command:ip ftp password [type{0|7}] no ip ftp username Function: Configures the FTP username and password; the “no ip ftp username ” command deletes the password as well as the username configured.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: The command provides command line prompt messages. If the user enters a command like copy tftp:// or copy tftp:// and presses Enter, the following prompt will appear: tftp server ip address> tftp filename> This prompts for the TFTP server address and file name. Example: (1)Saving the mirror in FLASH to TFTP server 10.1.1.1: Switch#copy nos.img tftp:// 10.1.1.1/ nos.img (2)Getting the system file nos.img from TFTP server 10.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.5.2.2.10 tftp-server retransmission-number Command: tftp-server retransmission-number Function: Sets the retransmission time for TFTP server Parameters: < number> is the time to re-transfer, the valid range is 1 to 20. Default: The default value is 5 retransmission. Command mode: Global Mode Example: Modifying the retransmission time to 10 times. Switch#config Switch(Config)#tftp-server retransmission-number 10 5.5.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Scenario 1: The switch is used as FTP/TFTP client. The switch connects from one of its ports to a computer, which is a FTP/TFTP server with an IP address of 10.1.1.1; the switch acts as a FTP/TFTP client, the IP address of the switch management VLAN is 10.1.1.2. Download “nos.img” file in the computer to the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1)#ip address 10.1.1.2 255.255.255.0 Switch (Config-If-Vlan1)#no shut Switch (Config-If-Vlan1)#exit Switch (Config)#ftp-server enable Switch(Config)#ip ftp Switch password 0 edgecore Computer side configuration: Log in to the switch with any FTP client software, with the username “Switch” and password “edgecore”, use the command “get nos.img 12_25_nos.img” to download the “nos.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch “edgecore”. Save “Profile1”, “Profile2” and “Profile3” in the appropriate FTP server directory on the computer. The configuration procedures of the switch are listed below: Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1)#ip address 10.1.1.2 255.255.255.0 Switch (Config-If-Vlan1)#no shut Switch (Config-If-Vlan1)#exit Switch (Config)#exit Switch#copy ftp://Switch:edgecore@10.1.1.1/Profile1 Profile1 Switch#copy ftp://Switch:edgecore@10.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch FTP Configuration PC side: Start the FTP server software on the PC and set the username as “Switch”, and the password as “edgecore”. ES4710BD: Switch (Config)#inter vlan 1 Switch (Config-If-Vlan1)#ip address 10.1.1.2 255.255.255.0 Switch (Config-If-Vlan1)#no shut Switch (Config-If-Vlan1)#exit Switch (Config)#dir ftp://Switch:edgecore@10.1.1.1 220 Serv-U FTP-Server v2.5 build 6 for WinSock ready... 331 User name okay, need password. 230 User logged in, proceed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Switch#show ftp Timeout :600 Displayed information Description Timeout Timeout time. 5.5.2.4.3 show tftp Command: show tftp Function: displays the parameter settings for the TFTP server Default: There is no display by default. Command mode: Admin Mode Example: Switch#show tftp timeout Retry Times :60 :10 Displayed information Explanation Timeout Timeout time Retry Times Retransmission times 5.5.2.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch send file 150 Opening ASCII mode data connection for nos.img. 226 Transfer complete. close ftp client. & The following is the message displays when files are successfully received. Otherwise, please verify link connectivity and retry “copy” command again. 220 Serv-U FTP-Server v2.5 build 6 for WinSock ready... 331 User name okay, need password. 230 User logged in, proceed. 200 PORT Command successful.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch & The following is the message displayed when files are successfully received. Otherwise, please verify link connectivity and retry the “copy” command again. begin to receive file,wait... recv 1526037 ************************ write ok transfer complete close tftp client.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z Basic host configuration – configures the mapping relationship between the switch and the IP address. Please refer to the CLI command 5.1.8. Example: configure the Hostname as “London” and IP address as 200.121.1.1 and then click on the “Apply” button. This configuration will be applied to the switch. Users should click “Switch basic configuration” and “Configure exec timeout” to configure the timeout of quitting privileged configuration mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.2.2 Trap manager configuration Users should click “Switch basic configuration”, “SNMP configuration”, and “TRAP manager configuration” to configure the IP address of the management station which will receive SNMP Trap messages and Trap community strings. Please refer to the CLI command 5.4.4.2.5. z Trap receiver – the IP address of NMS management station that will receive Trap messages.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.2.4 SNMP statistics When users click “Switch basic configuration”, “SNMP configuration” and “SNMP statistics”, a variety of counter information will appear. Please refer to the CLI command 5.4.6.1.1. 5.6.2.5 RMON and trap configuration Users should click “Switch basic configuration”, “SNMP configuration” and “RMON and TRAP configuration” to configure the RMON function of the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.3 Switch upgrade Users should click “Switch basic configuration” and “Switch update” to configure the upgrade Node Tree Diagram. Two categories are explained below: z z TFTP Upgrade, including 9 TFTP client service – to configure TFTP client 9 TFTP server service – to configure TFTP server FTP Upgrade, including 9 FTP client service – to configure FTP client 9 FTP server service – to configure FTP server 5.6.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Server state-status of the server. (“Open” or “Close”) Please refer to the CLI command 5.5.2.2.10 TFTP Timeout-the timeout. Please refer to the CLI command 5.5.2.2.12. TFTP Retransmit times-times of retransmission. Please refer to the CLI command 5.5.2.2.11. Users should open the TFTP server, and choose “Open” and then click “Apply.” 5.6.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch configuration.” Words and phrases of “user configuration” are explained in the following: z FTP Server state-status of the server. (“Open” or “Close”.) Please refer to the CLI command 5.5.2.2.5. z FTP Timeout-the timeout. Please refer to the CLI command 5.5.2.2.6. z User name-the name of the user. Please refer to the CLI command 5.5.2.2.8. z Password-the specific password. Please refer to the CLI command 5.5.2.2.7. z State- display the status of the password.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z Show telnet user-to display all Telnet client messages with authenticated switch access through Telnet. Please refer to the CLI command 5.2.4.12. Show version-to display the number/version of the switch. Please refer to the CLI command 5.2.4.13. 5.6.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.4.3 Others Other parts are easier to configure. Users just click a configuration node and the relating messages will appear. Example: to display the clock: to display FLASH files: 5.6.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.6 Switch on-off information Users should click “Switch on-off information” to enter into the configuration page and make configuration nodes. Words and phrases are explained in the following: RIP Status-on-off switch of RIP. (“Open” or “Close”) Refer to the CLI command 18.3.2.2.17. IGMP Snooping-on-off switch of IGMP Snooping. (“Open” or “Close”) Refer to the CLI command 11.2.2.1. Switch GVRP Status-on-off switch of GVRP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 5.6.7.2 Exit current web configuration Users should quit the web-login by clicking “Switch maintenance” and “Exit current web configuration.” 5.6.7.3 Save current running-config Users should save the current running-config by clicking “Switch maintenance”, “Save current running-config” and “Apply”. Please refer to the CLI command 5.1.14. 5.6.7.4 Reboot Users should reboot the switch by clicking “Switch maintenance.” Please refer to the CLI command 5.1.10.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z Telnet server State-to choose from the drop-down list. (“Open” and “Close” service) Please refer to the CLI command 5.2.2.3.3. User name-a specific name of the Telnet user Password-to configure a specific password Encrypted text-to configure whether the password is encrypted when displaying configuration information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 6 6.1 Device Management Device Management Brief The device management function of ES4710BD provides information about line card status, line card operation debugging, power supply and fan status. This function enables the maintenance and management of the physical devices and restart of the switch and line cards, and hot swapping of the cards. ES4710BD supports dual-master mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Switch # show slot M1 ------------------Slot : M1-----------------Inserted: YES Module type: EM4710BD-AGENT Work mode: ACTIVE MASTER Work state: RUNNING Software version: 1.0.3.0 Hardware version: v001 Bootrom version: 1.4.1 Serial number: DC-2396882-1234 Manufacture date: 2004/04/20 Temperature: 43.2500 6.2.2.1.2 show fan Command: show fan Function: Shows whether the fan tray is in place. Parameters: N/A. Default: No display by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Switch # show power ----------power information---------power1 Inserted: NO power2 Inserted: NO power3 Inserted: YES 6.2.2.1.4 debug devsm Command: debug devsm { send | receive | state } no debug devsm {send | receive | state } Function: Displays the device management packet traffic and cards status conditions. The “no debug devsm {send | receive | state }” command disables DEBUG display. Parameters: send displays outgoing device management packets.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch If the cards need to be replaced during normal operation, the following guidelines should be followed: Display a message of processing card hot removal. The card can be removed when the RUN indicator for the card to be removed goes off and the status of the card in master control board is REMOVED. Remove the card, the master control board will indicate the card has been removed (the message displayed on the panel is EMPTY).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 6.4.1 Reset specific module Click “Device management”, “Reset specific module”, select a module number and click “Apply”, then that module will be hot-swapped. This function is equal to the CLI command showing in 6.2.1. Click the Reset button to confirm the selection of the module number. Note that the Active master module is not hot-swappable. 6.4.2 Show slot Click “Device management”, “Show slot”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 6.4.3 Show fan Click “Device management”, “Show power”. The information column displayed on the right will show the current power status and display even if the power is plugged in or not. This function is equal to CLI command 6.2.2.1.3. 6.4.4 Show power Click “Device management”, “Show module” in slot one.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 7 7.1 Port Configuration Introduction to Port ES4710BD comes with line cards and master control boards. Line cards provide various network ports. The master control boards provide no network ports, only Console interface and network management port. The Console interface and network management port are used for out-of-band management of the switch. This chapter focuses on network ports and the network management port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2 Port Configuration 7.2.1 Network Port Configuration 7.2.1.1 Network Port Configuration Task Sequence 1. Enter the network port configuration mode 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch speed-duplex {auto | force10-half | force10-full | force100-half | force100-full | { {force1g-half | force1g-full} [nonegotiate [master | slave]] } } Sets port speed and duplex mode of 100/1000Base-TX ports. The “no” format of this command restores the default setting, i.e., negotiates speed and duplex mode automatically. Enables/Disables the auto-negotiation function negotiation {on|off} of 1000Base-T ports.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch the port. For example, a bandwidth limit of 101 M (or more) cannot be set for a 10/100M Ethernet port. But for a 10/100/1000M port working under 100M, a bandwidth limit of 101M (or more) is permitted. Example: setting the bandwidth limit of ports 1 – 8 of slot 3’s card to 40M. Switch(Config)#interface ethernet 3/1-8 Switch(Config-Port-Range)#bandwidth control 40 both 7.2.1.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Note: & Combo port is a conception involving the physical layer and the LLC sublayer of the datalink layer. The status of a combo port will not affect any operation in the MAC sublayer of the datalink layer and upper layers. If the bandwidth limit for a combo port is 1Mbps, then this 1Mbps applies to the active port of this combo port, regardless of the port type being copper or fiber.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.1.2.4 interface ethernet Command: interface ethernet Function: Enters Ethernet Interface Mode from Global Mode. Parameters: stands for port number. Command mode: Global Mode Usage Guide: Run the exit command to exit the Ethernet Interface Mode to Global Mode. Example: Entering the Ethernet Interface Mode for ports 1/1, 2/4-5, 3/8. Switch(Config)#interface ethernet 1/1;2/4-5;3/8 Switch(Config-Port-Range)# 7.2.1.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Setting the cable type support of Ethernet ports 3/5 – 8 to straight-through cable only. Switch(Config)#interface ethernet 3/5-8 Switch(Config-Port-Range)#mdi normal 7.2.1.2.7 name Command: name no name Function: Sets a name for the specified port; the “no name” command cancels the setting. Parameters: is a string, up to 32 characters are allowed. Command mode: Interface Mode Default: No name is set by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.1.2.9 rate-suppression Command: rate-suppression {dlf | broadcast | multicast} no rate-suppression {dlf | broadcast | multicast} Function: Sets the traffic limit for broadcasts, multicasts and unknown destination unicasts on all ports in the switch; the “no rate-suppression” command disables this traffic throttle function on all ports in the switch, i.e.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.1.2.11 speed-duplex Command: speed-duplex {auto | force10-half | force10-full | force100-half | force100-full | { {force1g-half | force1g-full} [nonegotiate [master | slave]] } } no speed-duplex Function: Sets the speed and duplex mode for 1000Base-TX or 100Base-TX ports; the “no speed-duplex” command restores the default speed and duplex mode setting, i.e., auto speed negotiation and duplex.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Global Mode Enters VLAN Interface Mode; the “no interface vlan interface vlan ” command no interface vlan deletes specified VLAN interface. . 2. Configure the IP address for VLAN interface and enables VLAN interface.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the IP address in decimal format; is the subnet mask in decimal format; [secondary] indicates the IP configured is a secondary IP address. Command mode: VLAN Interface Mode Default: No IP address is configured by default. Usage Guide: This command configures the IP address for VLAN interface manually.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Global Mode Enters the network management interface ethernet port configuration mode 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.3.2.2 interface ethernet Command: interface ethernet Function: Enters network management port configuration mode from Global Mode. Parameters: stands for port number, the default value is 0. Command mode: Global Mode Usage Guide: Run the exit command to exit the network management Interface Mode to Global Mode. Example: Entering network management interface mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.2.3.2.5 shutdown Command: shutdown no shutdown Function: Shuts down the network management port; the “no shutdown” command opens the port. Command mode: Network management port configuration Mode Default: Network management port is open by default. Usage Guide: When network management port is shut down, no data frames are sent in the port, and the port status displayed when the user typed “show interface” command is “down”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch mirror destination port. A protocol analyzer (such as Sniffer) or RMON monitoring instrument is often attached to the mirror destination port to monitor and manage the network and diagnostic. ES4710BD support one mirror destination port only. The number of mirror source ports are not limited, one or more may be used. Multiple source ports can be within the same VLAN or across several VLANs. The destination port and source port(s) can be located in different VLANs.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: stands for mirror session value, only 1 may be used at present; stands for mirror source port list, special characters like “-“ and “;” are supported; cpu slot stands for use the CPU of the card in the specified slot as mirror source, to mirroring traffic sent/received by the CPU (for debug); rx stands for traffic received by the source port; tx stands for traffic sent by the source port; both stands for traffic sent
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Displays information about mirror source/destination ports. Command mode: Admin Mode Usage Guide: This command displays the mirror source port(s) and destination port currently configured. Example: Switch#show monitor 7.2.4.5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch No VLAN has been configured in the switches, default VLAN1 is used.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: Port statistics are not cleared by default. Usage Guide: If no port is specified, then statistics of all ports will be cleared. Example: Clearing the statistics for Ethernet port 1/1. Switch#clear counters ethernet 1/1 7.4.1.2 show interface Command: show interface [{ethernet | vlan | port-channel | }] Function: Displays information about specified port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.5.1 Ethernet port configuration Click “Port configuration”, “Ethernet port configuration” to open the Ethernet port configuration management table to configure Ethernet port duplex, speed, bandwidth control and so on. 7.5.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z Bandwidth control level: port bandwidth control. The unit is Mbps and the value range is 1~10000Mbps Control type: Ingress means to control port bandwidth when receiving data packet sent from outside the switch. Egress means to control port bandwidth when sending data packets to outside of the switch. Ingress and Egress means to control port bandwidth when both receiving and sending.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 7.5.2.2 L3 port IP addr mode configuration Click “Port configuration”, “vlan interface configuration”, “L3 port IP addr mode configuration” to set up L3 port IP address mode configuration. z Port: L3 port z IP mode: Specifies the Ip address, meaning users need to set up L3 IP address manually. Bootp-client means to gain an IP address and gateway address through BootP. Equals to CLI command 5.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Configure mirroring destination port. Equals to CLI command 7.2.3.3.2. z Session: Mirroring dialog value z destination interface z tag: Setting the vlan tag function means all mirroring packets carry vlan tags; preserve means that if the Ingress mirroring packet, carrying a vlan tag, while Ingress, then Egress mirroring packet will carry vlan tag as well. Otherwise will be not.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 8 8.1 MAC Table Configuration Introduction to MAC Table MAC table identifies the mapping relationship between destination MAC addresses and switch ports. MAC addresses can be categorized as static MAC addresses and dynamic MAC addresses.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch period. When the switch receives a data frame to be forwarded, it stores the source MAC address of the data frame and creates a mapping to the destination port. Then, the MAC table is queried for the destination MAC address, if hit, the data frame is forwarded to the associated port, otherwise, the switch forwards the data frame to its broadcast domain.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch added to the switch MAC table. 2. At the same time, the switch learns the message is destined to 00-01-33-33-33-33, as the MAC table contains only a mapping entry of MAC address 00-01-11-11-11-11 and port 1/5, and no port mapping for 00-01-33-33-33-33 present, the switch broadcasts this message to all the ports in the switch (assuming all ports belong to the default VLAN). 3. PC3 and PC4 on port 1/12 receive the message sent by PC1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch are configured in the switch, the MAC table will be adapted accordingly to add VLAN information. In this case, the switch will not forward the received broadcast frames to all ports, but forward the frames to all ports in the same VLAN. 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch no mac-address-table [{static | dynamic} [address ] [vlan ] [interface ] ] Function: Adds or modifies static address entries, the “no mac-address-table” command deletes static address entries and dynamic address entries.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1/ 5 1/ 7 1/ 9 1/ 11 PC1 PC2 PC3 PC4 MAC 00-01-11-11-11-11 MAC 00-01-22-22-22-22 MAC 00-01-33-33-33-33 MAC 00-01-44-44-44-44 Fig 8-2 MAC Table typical configuration example Scenario: Four PCs as shown in the above figure are connected to ports 1/5, 1/7, 1/9, 1/11 of ES4710BD, all the four PCs belong to the default VLAN1. As required by the network environment, dynamic learning is enabled.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.4.1.2 show mac-address-table static Command: show mac-address-table [static] [address ] [vlan ] [interface ] Function: Displays the content of the current MAC table in the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch support for a solution. 8.5 MAC Address Function Extension 8.5.1 MAC Address Binding 8.5.1.1 Introduction to MAC Address Binding Most switches support MAC address learning, allowing each port to dynamically learn several MAC addresses so that forwarding data streams between known MAC addresses within the ports can be achieved. If a MAC address has aged, the packet destined for that entry will be broadcasted.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2. Lock the MAC addresses for a port Command Explanation Interface Mode Locks the port. When a port is locked, the MAC address learning function for the port switchport port-security lock will be disabled: the “no switchport no switchport port-security lock port-security lock” command restores the MAC address learning function for the port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.5.1.2.2 MAC Address Binding Configuration Commands 8.5.1.2.2.1 switchport port-security Command: switchport port-security no switchport port-security Function: Enables the MAC address binding function for the port: the “no switchport port-security” command disables the MAC address binding function for the port. Command mode: Interface Mode Default: MAC address binding is not enabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Locks the port. When a port is locked, the MAC address learning function for the port will be disabled: the “no switchport port-security lock” command restores the MAC address learning function for the port. Command mode: Interface Mode Default: Ports are not locked by default. Usage Guide: The port locking command can only be executed after MAC address binding function has been enabled.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch address can be added. Example: Adding MAC 00-03-0F-FE-2E-D3 to port1. Switch(Config)#interface Ethernet 1/1 Switch(Config-Ethernet1/1)#switchport port-security mac-address 00-03-0F-FE-2E-D3 8.5.1.2.2.6 clear port-security dynamic Command: clear port-security dynamic [address | interface ] Function: Clears the Dynamic MAC addresses of the specified port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.5.1.2.2.8 switchport port-security violation Command: switchport port-security violation {protect | shutdown} no switchport port-security violation Function: Sets the violation mode for the port; the “no switchport port-security violation” command restores the violation mode to protect. Command mode: Interface Mode Parameters: “protect” for protect mode; “shutdown” to disable the violation mode. Default: The default violation mode for the port “protect”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Displayed information Explanation Security Port Name of port that is configured as a secure port. MaxSecurityAddr The maximum number of secure MAC addresses set for the secure port. CurrentAddr Current number of secure MAC addresses for the secure port. Security Action Violation mode set for the port. Max Addresses limit per port Maximum number of secure MAC addresses set for each secure port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Port Security Is port enabled as a secure port? Port status Port secure status Violation mode Violation mode set for the port. Maximum MAC Addresses The maximum number of secure MAC addresses set for the port Total MAC Addresses Current number of secure MAC addresses for the port. Configured MAC Addresses Current number of secure static MAC addresses for the port. Lock Timer Tells if locking timer (timer timeout) is enabled or disable for the port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.5.1.3.2 MAC Address Binding Troubleshooting Help Enabling MAC address binding for ports may fail on some occasions. Here are some possible causes and solutions: & If MAC address binding cannot be enabled for a port, make sure the port is not executing Spanning tree, port aggregation and is not configured as a Trunk port. MAC address binding is exclusive to such configurations.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.1.2 Delete unicast address Click “MAC address table configuration”, “MAC address table configuration”, to delete a unicast address and MAC address. Equals to CLI command 8.2.2: z Delete by VID: Deletes static MAC by the specified VID. Select Delete button to confirm the action z Delete by MAC: Deletes specify MAC address. Select Delete button to confirm the action.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Select VID 1 and select query by VID. Click Search starting query. The new page will show the query results 8.6.1.4 Show MAC address table Click “MAC address table configuration”, “MAC address table configuration”, “show mac-address-table” to show current MAC address information of the switch. Equals to CLI command 8.4.1.1. An example of displayed information is as follows: 8.6.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.2.1 Enable port MAC-Binding Click “MAC address table configuration”, “MAC address binding configuration”, “Enable port Mac-binding”, to enable port MAC-binding list to set up port security function. 8.6.2.1.1 Enable port MAC-Binding Click “MAC address table configuration”, “MAC address binding configuration”, “Enable port Mac-binding”, “Enable port Mac-binding” to enable and disable the port MAC-binding function. Equals to CLI command 8.5.1.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.2.2.3 Enable port security timeout Click “MAC address table configuration”, “MAC address binding configuration”, “Lock port”, “Enable port security timeout” to lock port security. Equals to CLI command 8.5.1.2.2.4: z Port: specifies the configuration port z Timeout Value (0-300 seconds): Lock the time out value Example: Select Ethernet port 1/1 and set up Timeout value as 30 seconds, then click the Apply button.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.2.3 MAC binding attribution configuration Click “MAC address table configuration”, “MAC address binding configuration”, “MAC binding attribution configuration” to enable port security configuration management lists to set up port security types. 8.6.2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 8.6.2.4 MAC binding debug Click “MAC address table configuration”, “MAC address binding configuration”, “MAC binding debug” to open port security debug window to check port security debugging information. 8.6.2.4.1 Show MAC binding security address Click “MAC address table configuration”, “MAC address binding configuration”, “MAC binding debug”, “Show mac binding security address” to check port security related information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 9 9.1 VLAN Configuration Introduction to VLAN VLAN (Virtual Local Area Network) is a technology that divides the logical addresses of devices within the network to separate network segments based on functions, applications or management requirements. This way, virtual workgroups can be formed regardless of the physical location of the devices. IEEE 802.1Q protocol was announced to direct the standardized VLAN implementation.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch conveniences: z Improved network performance z Savings on network resources z Simplified Network Management z Lowered network cost z Enhanced network security VLAN and GVRP (GARP VLAN Registration Protocol) are defined by IEEE 802.1Q and implemented by ES4710BD. This chapter will describe the use and configuration of VLANs and GVRP in detail. 9.2 VLAN Configuration 9.2.1 VLAN Configuration Task Sequence 1. Creating or deleting VLAN 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation VLAN Mode switchport interface Assigns Switch ports to a VLAN no switchport interface 4. Set The Switch Port Type Command Explanation Interface Mode switchport mode {trunk|access} Sets the current port as a Trunk or Access port. 5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch configure a VLAN name and the switch ports assigned to the VLAN. The “no vlan ” command deletes specified VLANs. Parameters: is the VLAN ID to be created/deleted, valid range is 1 to 4094. Command mode: Global Mode Default: VLAN1 is set by default. Usage Guide: VLAN1 is the default VLAN and cannot be configured or deleted by the user. The allowed VLAN number is 4094.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-ethernet1/8)#switchport mode access Switch(Config-ethernet1/8)#switchport access vlan 100 Switch(Config-ethernet1/8)#exit 9.2.2.4 switchport interface Command: switchport interface no switchport interface Function: Assigns Ethernet ports to VLAN; the “no switchport interface ” command deletes one or one set of ports from the specified VLAN.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: switchport trunk allowed vlan {|all} no switchport trunk allowed vlan Function: Sets trunk port to allow VLAN traffic; the “no switchport trunk allowed vlan” command restores the default setting. Parameters: is the list of VLANs allowed to pass through in the specified Trunk port; keyword “all” allows all VLAN traffic on the Trunk port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Interface Mode Default: VLAN ingress rules are enabled by default. Usage Guide: When VLAN ingress rules are enabled on the port and the system receives data, it will check the source port first, then forwards the data to the destination port if it is a VLAN member port. Example: Disabling the VLAN ingress rules on the port Switch(Config-Ethernet1/1)# vlan ingress disable 9.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch VLAN200 Site A and site B switch port 8 – 10. Trunk port Site A and site B switch port 11 . Connect the Trunk ports of both switches for a Trunk link to convey the cross-switch VLAN traffic. Connect all network devices to the other ports of the corresponding VLANs. In this example, port 1 and port 12 are not assigned and so can be used as management ports or for other purposes.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 9.3 GVRP Configuration GARP (Generic Attribute Registration Protocol) can be used to dynamically distribute, populate and register property information between switch members within a switch network, the property can be VLAN information, Multicast MAC address of the other information. As a matter of fact, GARP protocol can convey multiple property features the switch needs to populate.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Interface Mode gvrp Enables the GVRP function on current port. no gvrp Global Mode gvrp Enables the GVRP function for the switch. no gvrp 9.3.2 GVRP Commands 9.3.2.1 garp timer join Command: garp timer join no garp timer join Function: Sets the join timer for GARP; the “ no garp timer join” command restores the default timer setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/10)#garp timer leave 3000 9.3.2.3 garp timer hold Command: garp timer hold no garp timer hold Function: Sets the hold timer for GARP; the “no garp timer hold” command restores the default timer setting. Parameters: < timer-value> is the value for GARP hold timer, the valid range is 100 to 327650 ms. Command mode: Interface Mode Default: The default value for hold timer is 100 ms.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Interface Mode and Global Mode. Default: GVRP is disabled by default. Usage Guide: Port GVRP can only be enabled after global GVRP is enabled. When global GVRP is disabled, port GVRP configurations are also void. Note GVRP can only be enabled on Trunk ports. Example: Enabling the GVRP function globally and for Trunk port 1/10. Switch(Config)#gvrp Switch(Config)#interface ethernet 1/10 Switch(Config-Ethernet1/10)#gvrp Switch(Config)#exit 9.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Configuration Configuration description Item VLAN100 Port 2 – 6 of Switch A and C Trunk port Port 11 of Switch A and C, Port 10, 11 of Switch B Global GVRP Switch A, B, C: Port GVRP Port 11 of Switch A and C, Port 10, 11 of Switch B Connect the two workstation to the VLAN100 ports in switch A and B, connect port 11 of Switch A to port 10 of Switch B, and port 11 of Switch B to port 11 of Switch C. All ports are on slots 1 of Switch A, B and C.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/11)#switchport mode trunk Switch(Config-Ethernet1/11)#gvrp Switch(Config-Ethernet1/11)#exit 9.4 VLAN Troubleshooting Help 9.4.1 9.4.1.1 Monitor and Debug Information show vlan Command: show vlan [brief| summary] [id ] [name ] Function: Displays detailed information for all VLANs or a specified VLAN.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Total Existing Vlans is:2 Displayed information Explanation VLAN VLAN number Name VLAN name Type VLAN property, of statically configured or dynamically learned. Media VLAN interface type: Ethernet Ports Access port within a VLAN Universal Vlan Universal VLAN. Dynamic Vlan Dynamic VLAN (not shown in this example) 9.4.1.2 show garp Command: show garp [] Function: Displays the global and port information for GARP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch debugging function. Command mode: Admin Mode Default: GVRP debugging information is disabled by default. Usage Guide: Use this command to enable GVRP debugging, GVRP packet processing information can be displayed. Example: Enabling GVRP debug. Switch#debug gvrp 9.4.2 & VLAN Troubleshooting Help The GARP counter setting in for Trunk ports in both ends of Trunk link must be the same, otherwise GVRP will not work properly.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch VLAN ID information window will display current VLANs of the switch: 9.5.1.1.2 VID attribution configuration Click “Vlan configuration”, “Vlan configuration”, “Create/Remove VLAN”, “VID attribution configuration” to setup VID type: z VLAN ID: specified VLAN ID z VLAN Name: allocate VLAN name. Equals to CLI command 9.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Information display shows the VLAN allocation result: 9.5.1.3 Port type configuration Click “Vlan configuration”, “Vlan configuration”, ”Port type configuration” to open port type configuration list. 9.5.1.3.1 Set port mode(trunk/access) Click “Vlan configuration”, “Vlan configuration”, “Port type configuration”, “Set port mode” (Trunk/Access) to set up port mode of the switch: z Port: specified port z Type: port mode including access mode and trunk mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 9.5.1.4 Trunk port configuration Click “Vlan configuration”, “Vlan configuration”, “Trunk port configuration” to open Trunk port VLAN configuration list. 9.5.1.4.1 Vlan setting for trunk port Click “Vlan configuration”, “Vlan configuration”, “Trunk port configuration”, “Vlan setting for trunk port” to set up trunk port VLAN type: Set trunk native vlan. Equals to CLI command 9.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 9.5.1.5 Set allow Vlan Click “Vlan configuration”, “Vlan configuration”, “Access port configuration” to open Access port VLAN configuration list to allocate Access port VLAN. 9.5.1.5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “Vlan configuration”, “Vlan configuration”, “Enable/Disable Vlan filter rule” to open VLAN ingress configuration list to setup VLAN filter function. 9.5.1.6.1 Disable Vlan ingress rule Click “Vlan configuration”, “Vlan configuration”, to Enable/Disable Vlan ingress rule. Example: Select Ethernet port 1/1 and click the Apply button and the VLAN ingress rule of port 1/1 will be disabled. Select Default button to enable the VLAN ingress rule. 9.5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “Vlan configuration”, “GVRP configuration”, “GVRP configuration” to configure GVRP parameters of the switch: z Port: specified port z Join timer (100~327650ms): configures the value of GARP join timer. Equals to CLI command 9.3.2.1 z Leave timer (100~327650ms): configures the value of GARP leave timer. Equals to CLI command 9.3.2.2 z Hold timer (100~327650ms): configures the value of GARP hold timer. Equals to CLI command 9.2.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 9.5.3.2 Show GARP Click “Vlan configuration”, “Vlan debug” and “maintenance”, “show garp” The information window in the right will display all related GARP information. Equals to CLI command 9.4.1.2 9.5.3.3 Show GVRP Click “Vlan configuration”, ”Vlan debug” and “maintenance”, “show gvrp”. The display window on the right will show all related GVRP information. Equals to CLI command 9.4.1.3 Chapter 10 MSTP Configuration 10.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch spanning tree instances (MSTI). It applies the fast converging properties, enabling multiple VLAN of the same topology to map to one spanning tree instance, while that spanning tree topology is independent of the other spanning tree instances. This mechanism provides an independent transmitting path for VLAN dataflow mapping to multiple spanning tree instances.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch CIST Regional Root. The root port in the Field CIST Regional Root is Master Port to all the MSTI in the field. When MSTP initializes, it will send a BPDU announcing itself as the CIST Regional Root and setting the route code to the CIST Root and CIST Regional Root to 0. The bridge will initialize all MSTIs at the same time it can claiming itself root of all MSTIs. If that bridge receives better CIST/MSTI root information (i.e.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.2 MSTP Configuration 10.2.1 MSTP configuration task sequence 1. Enable MSTP and set the running mode 2. Configure instance parameters 3. Configure MSTP field parameter 4. Configure MSTP time parameter 5. Configure the fast migrate feature for MSTP 1. Enable MSTP and set the running mode Command Explanation Global Mode and Port Mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Global Mode Enters MSTP field configuration mode; spanning-tree mst configuration the no spanning-tree no spanning-tree mst configuration configuration command resets mst the MSTP field parameter to switch default. MSTP field mode instance vlan Creates no instance [vlan ] mapping between a VLAN and Instance. name a Instance and configures Sets the name for MSTP field.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Port Mode spanning-tree link-type p2p Sets the port link type {auto|force-true|force-false} no spanning-tree link-type spanning-tree portfast Sets/Cancels setting for the port to be an no spanning-tree portfast edge port 10.2.2 Introduction to MSTP configuration commands 10.2.2.1 abort Command: abort Function: Discards the configuration in MSTP field and exits from MST mode to Global Mode. Command mode: MSTP Field Mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch to Instance 0. Usage Guide: This command is used to set VLAN-Instance mapping. Switches are considered to be in the same MSTP field only if they have identical mapping and other MSTP field parameters. All VLANs belong to Instance 0 when no Instance has been configured. MSTP support up to 48 MSTI (excluding CIST). CIST can be considered to be MSTI 0, while the rest of the instances be MSTI 1 to 48.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.2.2.6 spanning-tree Command: spanning-tree no spanning-tree Function: Enables MSTP in Global Mode and Port Mode; the "no spanning-tree" command disables MSTP. Command mode: Global Mode and Port Mode Default: MSTP is disabled by default. Usage Guide: If MSTP is enabled in Global mode, MSTP will be enabled on all ports except those already running applications mutually exclusive to MSTP. Example: Enabling MSTP under Global Mode and disabling MSTP for port 1/2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Global Mode Default: The default Hello time is 2 seconds. Usage Guide: The interval for switch to send a BPDU is referred to as Hello time. The Hello time, forward delay time, and max age time are associated. When configuring these time parameters, the following conditions must be met, otherwise the MSTP may not work properly. 2×(Bridge_Forward_Delay – 1.0 seconds) >= Bridge_Max_Age Bridge_Max_Age >= 2 ×(Bridge_Hello_Time + 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Bridge_Max_Age >= 2 ×(Bridge_Hello_Time + 1.0 seconds) Example: Setting the maximum age time to 25 seconds in Global Mode. Switch(Config)#spanning-tree maxage 25 10.2.2.11 spanning-tree max-hop Command: spanning-tree max-hop no spanning-tree max-hop Function: Sets the maximum hops allowed for connecting to the port; the “no spanning-tree max-hop” command restores the default settings.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.2.2.13 spanning-tree mode Command: spanning-tree mode {mstp|stp} no spanning-tree mode Function: Sets the switch to run in Spanning Tree mode; the “no spanning-tree mode” command restores the default setting. Parameters: mstp sets the switch in IEEE 802.1s MSTP mode; stp sets the switch in IEEE 802.1D STP mode. Command mode: Global Mode Default: The switch runs in MSTP by default. Usage Guide: When the switch is running in IEEE 802.1D STP, only standard 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.2.2.15 spanning-tree mst cost Command: spanning-tree mst cost no spanning-tree mst cost Function: Sets the route cost for the current Ethernet port; “no spanning-tree mst cost” command restores the default value. Parameters: is the instance ID of the specified instance, ranging from 0 – 48; is the route cost value, ranging from 1 - 200,000,000.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch priority. Example: Setting the priority for port 1/2 of instance1 to 32. Switch(Config)#interface ethernet 1/2 Switch(Config-Ethernet1/2)#spanning-tree mst 1 port-priority 32 10.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.3 MSTP Example The following is a typical MSTP application scenario: SW1 1 1 SW2 5 4 5x 2 2 2x 3 3x 6x 4 1 7 6 SW3 7x SW4 Figure 00-2 MSTP Typical Application Example As illustrated in the figure above by the lines between SW1-SW4, MSTP is running. All the switches run in MSTP mode by default, their bridge priority, port priority and port route cost are all the default values (equal).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Port 4 200000 200000 Port 5 200000 200000 Port 6 200000 200000 Port 7 200000 200000 By default, MSTP will establish a topology (in blue lines) rooted with SW1, the ports marked with “x” are in the Discarding status, the other ports are in the Forwarding status. Configurations adjustment: Step 1: Configure port-VLAN mapping. z Create VLAN 20, 30, 40, 50 in Switch SW2, SW3, and SW4. z Set the port 1-7 to Trunk mode in Switch SW2, SW3, and SW4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SW2(Config)#spanning-tree Switch SW3: SW3(Config)#vlan 20 SW3(Config-Vlan20)#exit SW3(Config)#vlan 30 SW3(Config-Vlan30)#exit SW3(Config)#vlan 40 SW3(Config-Vlan40)#exit SW3(Config)#vlan 50 SW3(Config-Vlan50)#exit SW3(Config)#spanning-tree mst configuration SW3(Config-Mstp-Region)#name mstp SW3(Config-Mstp-Region)#instance 3 vlan 20;30 SW3(Config-Mstp-Region)#instance 4 vlan 40;50 SW3(Config-Mstp-Region)#exit SW3(Config)#interface e1/1-7 SW3(Config-Port-Range)#swit
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SW4(Config-Port-Range)#exit SW4(Config)#spanning-tree SW4(Config)#spanning-tree mst 4 priority 0 After the above configuration, all instance CIST (Instance0) of the entire network take SW1 as the root bridge, and in the MSTP fields in which SW2, SW3 and SW4 reside, the region root of Instance0 is SW2, and SW3 for Instance3, SW4 for Instance4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SW2 5 4 5x 2 2 3x 3 6 4x 6 7 SW3 7x SW4 Figure 00-4 SW2 5x Instance3 topology in the MSTP field after MSTP change 4 2 2x 3 3x 6 4 5 6 7x SW3 7 SW4 Figure 00-5 Instance4 topology in the MSTP field after MSTP change 10.4 MSTP Troubleshooting Help 10.4.1 Monitor and Debug Command 10.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch MSTP information can be displayed with the “show spanning-tree” command. Example: Displaying MSTP information, the displayed contents are shown below. Switch#sh spanning-tree -- MSTP Bridge Config Info -Standard : IEEE 802.1s Bridge MAC : 00:03:0f:01:0e:30 Bridge Times : Max Age 20, Hello Time 2, Forward Delay 15 Force Version: 3 ########################### Instance 0 ########################### Self Bridge Id Root Id : 32768 - 00:03:0f:01:0e:30 : 16384.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ########################### Instance 4 ########################### Self Bridge Id : 32768.00:03:0f:01:0e:30 Region Root Id : this switch Int.RootPathCost : 0 Root Port ID :0 Current port list in Instance 4: Ethernet1/1 Ethernet1/2 (Total 2) PortName ID IntRPC State Role DsgBridge DsgPort -------------- ------- --------- --- ---- ------------------ ------Ethernet1/1 128.001 0 FWD MSTR 32768.00030f010e30 128.001 Ethernet1/2 128.002 0 BLK ALTR 32768.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.4.1.2 show mst configuration Command: show spanning-tree mst config Function: Displays the effective MSTP field parameter configurations in admin mode. Command mode: Admin Mode Usage Guide: The command displays the current effective parameter of the MSTP field, such as MSTP field name, revision level, VLAN-instance mapping, etc. Example: Displaying the MSTP field configuration for the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Mstp-Region)# 10.4.1.4 debug spanning-tree Command: debug spanning-tree no debug spanning-tree Function: Enables MSTP debug information: the “no debug spanning-tree” command disables MSTP debug information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.5 WEB MANAGEMENT Click “MSTP control” to enter MSTP control configuration mode to manage MSTP features for the switch. 10.5.1 MSTP field operation Click “MSTP control” to enter MSTP field operation. 10.5.1.1 Instance configuration Click “MSTP control” to enter MSTP field operation, then Instance configuration. Create the Instance and configure the VLAN-Instance mapping or add VLAN table entry mapping to specified Instance.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.5.2 MSTP port operation 10.5.2.1 Edge port setting Click “MSTP control” to enter MSTP field operation, then "PortFast Config". Set the port to be an edge port Configure port 1/5 to be edge ports. 10.5.2.2 Port priority setting Click “MSTP control” to enter MSTP port operation, then "Port Priority Config". Set the priority for the current port on specified instance Set the priority for port 1/2 of instance1 to 32. 10.5.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 10.5.2.5 Link type configuration Click “MSTP control” to enter MSTP port operation, then "Link_Type Config". Set the link type of the current port. Set the link of port 1/7 to be forced point-to-point type. 10.5.2.6 MSTP port configuration Click “MSTP control” to enter MSTP port operation, then "MSTP Agreement Port Config". Run the command to enable MSTP under the switch port configuration mode. Enable MSTP under Global Mode and disable MSTP for port 1/2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “MSTP control” to enter MSTP Global control, then "Hello_time Config". Set the Hello time for the switch. Set MSTP Hello time to 5 seconds in Global Mode. 10.5.3.4 Set the max age time for BPDU information in the switch Click “MSTP control”, MSTP Global Control, then enter the switch BPDU message "Max Age Time Config". Set the max age time for BPDU information in the switch Set max age time to 25 seconds in Global Mode. 10.5.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “MSTP control”, “MSTP Global control”, enter the "Priority Config" to set bridge priority for the switch for the specified instance. Set bridge priority of the specified instance for the switch Configure switch instance2 priority to 4096. 10.5.4 10.5.4.1 Show MSTP setting Instance information Click MSTPL control, “show MSTP settings”, enter "Instance Information". Display MSTP and instances information. Display Instance0 MSTP information. 10.5.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter11 IGMP Snooping Configuration 11.1 Introduction to IGMP Snooping IGMP (Internet Group Management Protocol) is a protocol used in IP multicast. IGMP is used by multicast enabled network devices (such as a routers) for host membership query, and by hosts that are joining a multicast group to inform the router to accept packets of a certain multicast address. All those operations are done through IGMP message exchange.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Enables IGMP Snooping for specified VLAN ip igmp snooping vlan no ip igmp snooping vlan ip igmp snooping vlan mrouter Sets the specified interface connecting M-router VLAN the port for no ip igmp snooping vlan mrouter ip igmp snooping vlan VLAN to quickly leave multicast group immediate-leave no ip igmp Enables IGMP Snooping in the specified snooping vlan immediate-le
EES4710BD 10 Slots L2/L3/L4 Chassis Switch command disables the IGMP Snooping function. Command mode: Global Mode Default: IGMP Snooping is disabled by default. Usage Guide: Enabling IGMP Snooping allows the switch to monitor multicast traffic in the network and decide which ports will receive multicast traffic. Example: Enabling IGMP Snooping in Global Mode. Switch(Config)#ip igmp snooping 11.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 11.2.2.4 ip igmp snooping vlan static Command: ip igmp snooping vlan static interface no ip igmp snooping vlan static Function: Enables the IGMP Snooping static multicast group membership: the “no ip igmp snooping vlan static ” command disables the function.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the VALN number specified. Command mode: Global Mode Default: IGMP Query is disabled by default. Usage Guide: Before enabling the IGMP Query function for the specified VLAN, the switch must have a corresponding VLAN configured and IGMP Snooping enabled. It should be noted that this command cannot be used with ip igmp snooping vlan command, i.e., either snooping or query can be enabled for one VLAN, but not both.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the specified VLAN number; is maximum query response time, valid range is 10 to 25. Command mode: Global Mode Default: The maximum response time is 10 seconds. Example: Setting the maximum IGMP Query response time of VLAN 100 to 12 seconds. Switch(Config)#ip igmp snooping vlan 100 query max-response-time 12 11.3 IGMP Snooping Example Scenario 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config)#ip igmp snooping Switch(Config)#ip igmp snooping vlan 100 Switch(Config)#ip igmp snooping vlan 100 mrouter interface ethernet 1/1 Multicast Configuration Suppose two programs are provided in the Multicast Server using multicast address Group1 and Group2, three of four hosts running multicast applications are connected to port 2, 6, 10 plays program1, while the host is connected to port 12 plays program 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The configuration of Switch2 is the same as the switch in scenario 1, Switch1 takes the place of Multicast Router in scenario 1. Let’s assume VLAN 60 is configured in Switch1, including ports 1, 2, 6, 10 and 12. Port 1 connects to the multicast server, and port 2 connects to Switch2. In order to send Query at regular interval, IGMP query must enabled in Global mode and in VLAN60.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch IGMP information for VLAN 1: igmp snooping vlan status :Disabled igmp snooping vlan query :Disabled igmp snooping vlan mrouter port :(null)-------------------------------IGMP information for VLAN 2: igmp snooping vlan status :Enabled igmp snooping vlan query :Disabled igmp snooping vlan mrouter port :(null) -------------------------------IGMP information for VLAN 3: igmp snooping vlan status :Disabled igmp snooping vlan query :Disabled igmp snooping vla
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Displayed information Explanation igmp snooping status Whether “igmp snooping” function is enabled. igmp snooping vlan status “igmp snooping” status of all VLANs in the switch (enabled or not) igmp snooping vlan query Query status of all VLANs in the switch (enabled or not).
EES4710BD 10 Slots L2/L3/L4 Chassis Switch -------------------------------------------------------------------------Ethernet1/4 MEMBERS_PRESENT Snoop_Group_Addr 239.255.48.189 0 0 -------------------------------------------------------------------------Ethernet1/5 MEMBERS_PRESENT Snoop_Group_Addr 239.255.40.179 MEMBERS_PRESENT Snoop_Group_Addr 239.255.48.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch command disables this debug function. Command mode: Admin Mode Default: IGMP Snooping debug is disabled by default. Usage Guide: Use this command to enable IGMP Snooping debug, IGMP packet processing information can be displayed. Example: Enabling IGMP Snooping debug. Switch#debug ip igmp snooping 11.4.2 & IGMP Snooping Troubleshooting Help IGMP Snooping function cannot be used with IGMP Query, Snooping is not available when Query is enabled.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 11.5.2 IGMP snooping configuration Click “IGMP Snooping configuration” node to enter the IGMP Snooping configuration page. This page is divided into 3 sections: query configuration, snooping configuration and configuration display. 11.5.2.1 Query configuration The description for each parameter is as follows: z VLAN ID-configures the vlan ID for query z Query State-query status: enables or displays. Equivalent to the CLI command 11.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 11.5.3 IGMP snooping static multicast configuration Click “IGMP Snooping static multicast configuration” to enter the configuration screen. The page is divided into configuration section and display section. 11.5.3.1 IGMP snooping static multicast configuration The description for each parameter is as follows: z z z z VLAN ID-configures the Vlan ID Multicast group member port Multicast address-configures the multicast address.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 265
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 12 12.1 ACL Configuration Introduction to ACL ACL (Access Control List) is an IP packet filtering mechanism employed in switches, providing network traffic control by granting or denying access through the switches, effectively safeguarding the security of networks. The user can lay down a set of rules according to some information specific to packets, each rule describes the action for a packet with certain information matched: “permit” or “deny”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The following rules apply: z An access list can consist of several rules. Filtering of packets compares packet conditions to the rules, from the first rule to the first matched rule; the rest of the rules will not be processed. z Global default action applies only to IP packets in the incoming direction on the ports. For nonincoming IP packets and all outgoing packets, the default forward action is “permit”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch access list {deny | permit} {{ } | any-source | {host-source }} no access list Creates a numbered standard IP access list, if the access list already exists, then a rule will add to the current access list; the “no access list ” command deletes a numbered standard IP access list.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch a. Create a name-based standard IP access list Command Explanation Global Mode ip access standard no ip access standard Creates a standard IP access list based on nomenclature; the “no ip access standard ” command delete the name-based standard IP access list b.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch [no] {deny | permit} tcp {{ } | any-source | {host-source }} [s-port ] {{ } | any-destination | {host-destination }} [d-port ] [ack | fin | psh | rst | syn | urg] [precedence ] [tos ] Creates an extended name-based TCP IP access rule; the “no” form command deletes this name-based extended IP access rule [no] {deny | permit} udp {{ } | any-source | {host-source }}
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Applies an access list to the specified direction on ip access-group {in|out } the port; the “no ip access-group no ip access-group {in|out} {in|out}” command deletes the access list bound to the port. 12.2.2 12.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: No IP address is configured by default. Usage Guide: When the user first specifies a specific , the ACL of this number will be created, and entries can be added to that ACL. Example: Creating an extensive IP access list numbered as 110. Denying ICMP packets and allowing UDP packets destined for 192.168.0.1, port 32.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: firewall default {permit | deny} Function: sets firewall default action. Parameters: “permit” allows packets to pass through; “deny” blocks packets. Command mode: Global Mode Default: The default action is “permit”. Usage Guide: This command affects incoming IP packets on the port only, other packets are allowed to pass through the switch. Example: setting firewall default action to block packets. Switch(Config)#firewall default deny 12.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: ip access-group [| { in|out } no ip access-group { in|out } Function: Applies an access list to the incoming direction on the port; the “no ip access-group {in|out}” command deletes the access list bound to the port. Parameter: is the name for access list; the character string length is 1 – 8. Command mode: Physical Interface Mode Default: No ACL is bound by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config)#ip access list extended udpFlow Switch(Config-Ext-Nacl-udpFlow)#deny igmp any-source any-destination Switch(Config-Ext-Nacl-udpFlow)#permit udp any-source host-destination 192.168.0.1 d-port 32 12.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/10)#ip access-group 110 in Switch(Config-Ethernet1/10)#exit Switch(Config)#exit Configuration result.: Switch#show firewall Firewall Status: Enable. Firewall Default Rule: Permit. Switch#show access lists access list 110(used 1 time(s)) access list 110 deny tcp 10.0.0.0 0.0.0.255 any-destination d-port 21 Switch#show access-group interface ethernet 1/10 interface name:Ethernet1/10 the ingress acl use in firewall is 110. 12.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Displayed information Explanation access list 10(used 0 time(s)) Numbered ACL10, reference time: 1 access list 10 deny any-source Denies all IP packets passage access list 100(used 1 time(s)) Numbered ACL100, reference time: 1. access list 100 deny ip any-source Denies IP packets of any source addresses and any-destination destination addresses.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: Example: Switch#show firewall Firewall Status: Enable. Firewall Default Rule: Permit. Displayed information Explanation Firewall Status: Enable. Enables packet filtering function Firewall Default Rule: Permit. The default action for packet filtering is “permit” 12.4.2 ACL Troubleshooting Help & Checking for entries in the ACL is done in a top-down order and ends whenever an entry is matched.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 12.5.1 Numeric standard ACL configuration Click “Numeric ACL Configuration”, and then “Add Standard Numeric ACL” section to enter the configuration page. Equals to its CLI command of 12.2.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch There are several sub-sections in this category: z ACL number (100-199) z Rule - permit or deny z Source address type - Specified IP address or any randomly allocated IP address z Source IP address z Reverse network mask z Target address type - Specified IP address or any randomly allocated IP address z Destination IP address z Reverse network mask z IP precedence z TOS Regarding “ICMP numeric extended ACL”, there are two sub-categories: z ICMP
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 12.5.4 Configure standard ACL name configuration and delete the standard ACL name configuration Click “ACL name configuration” to open up the sub-sections, next click “ACL name configuration” to enter the configuration page. The way to configure the “ACL name configuration” is the same with “Numeric ACL Configuration”. The only difference users should change the ACL number to the ACL name. This should be entered in ACL name not ACL number. CLI command: 12.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 12.5.5 Configure extended ACL name configuration Click “ACL name configuration”, the configuration sections will then be shown.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 12.5.7 ACL port binding Click “Filter configuration”, and then select “ACL port binding” to enter the configuration page. Equal to CLI command: 12.2.2.7 There are five items in this section. z Port – the target port to bind to ACL z ACL name – the target ACL name to bind z Ingress/Egress – the target direction to bind z Operation type – “Add” or “Remove” To enable this function, you need to select the action in each item and then click “Apply”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 13 13.1 Port Channel Configuration Introduction to Port Channel To understand Port Channel, Port Group should be introduced first. Port Group is a group of physical ports in the configuration level, only physical ports in the Port Group can take part in link aggregation and become a member port of a Port Channel. Logically, Port Group is not a port but a port sequence.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ) All ports are in full-duplex mode. ) Ports are of the same speed. ) All ports are Access ports and belong to the same VLAN or are all Trunk ports. ) If the ports are Trunk ports, then their “Allowed VLAN” and “Native VLAN” property should also be the same. If Port Channel is configured manually or dynamically on ES4710BD, the system will automatically set the port with the smallest number to be Master Port of the Port Channel.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Interface Mode port-group mode {active|passive|on} Adds ports to the no port-group port group and sets their mode. 3. Enter port-channel configuration mode. Command Explanation Global Mode interface port-channel Enters port-channel configuration mode. 13.2.2 Port Channel Configuration Commands 13.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: port-group mode {active|passive|on} no port-group Function: Adds a physical port to port channel, the “no port-group ” removes specified port from the port channel.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 13.3 Port Channel Example Scenario 1: Configuring Port Channel in LACP. Fig 14-2 Configuring Port Channel in LACP Example: The switches in the description below are all ES4710BD switches and as shown in the figure, ports 1, 2, 3 of Switch 1 are access ports that belong to vlan1. Add those three port to group1 in active mode; ports 6, 8, 9 of Switch2 are trunk port that allow all, add these three ports to group2 in passive mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch2 (Config-If-Port-Channel2)# Configuration result: Shell prompts ports aggregated successfully after a while, now ports 1, 2, 3 of Switch 1 form an aggregated port named “Port-Channel1”, ports 6, 8, 9 of Switch 2 forms an aggregated port named “Port-Channel2”; configurations can be made in their respective aggregated port configuration mode. Scenario 2: Configuring Port Channel in ON mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch2 (Config)#interface eth 1/6 Switch2 (Config-Ethernet1/6)#port-group 2 mode on Switch2 (Config-Ethernet1/6)#exit Switch2 (Config)# interface eth 1/8-9 Switch2 (Config-Port-Range)#port-group 2 mode on Switch2 (Config-Port-Range)#exit Configuration result: Add ports 1, 2, 3 of Switch 1 to port-group 1 in order, and we can see joining a group in “on” mode is completely forced action, switch in other ends won’t exchange LACP PDU to complete aggregation.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Number of ports in group Port number in the port group Maxports Maximum number of ports allowed in a group Number of port-channels Whether aggregated to port channel or not Max port-channels Maximum port channel number can be formed by port group. 2. Display detailed information for port-group 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch the machine state and port state of the port are as follows: mux_state: DETCH rcvm_state: P_DIS actor_oper_port_state : prm_state: NO_PER L_A___F_ partner_oper_port_state: _TA___F_ Displayed information Explanation portnumber Port number actor_port_agg_id The channel number to add the port to. If the port cannot be added to the channel due to inconsistent parameters between the port and the channel, 3 will be displayed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch port state LACP activety . LACP timeout Aggregation 1 . . 1 1 Synchronization . . Collecting . . Distributing . . Defaulted 1 1 Expired . . Partner part Administrative system system priority key 000000-000000 0x8000 Operational 000000-000000 0x8000 0x0001 0x0001 port number 1 1 port priority 0x8000 0x8000 port state LACP activety . LACP timeout . 1 Aggregation 1 1 1 Synchronization . . Collecting . . Distributing . .
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Collecting Whether status of port bound status machine is “collecting” or not. Distributing Whether status of port bound status machine is “distributing” or not. Defaulted Whether the local port is using default partner end parameter. Expired Whether status of port receiving status machine is “expire” or not. Selected Whether the port is selected or not.. 5. Display port-channel information for port-group1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch#debug lacp 13.4.2 Port Channel Troubleshooting Help If problems occur when configuring port aggregation, please first check the following for causes. & Ensure all ports in a port group have the same properties, i.e., whether they are in full-duplex mode, forced to the same speed, and have the same VLAN properties, etc. If inconsistency occurs, make corrections.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Apply to add the group. After finishing the group configuration, the configured port information will be shown under the configuration table. 13.5.2 LACP port configuration Click LACP port configuration to enter configuration page Equivalent to CLI command 13.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 14 14.1 DHCP Configuration Introduction to DHCP DHCP [RFC2131] is the acronym for Dynamic Host Configuration Protocol. It is a protocol that assigns dynamically IP addresses to request host from the address pool as well as other network configuration parameters such as default gateway, DNS server, default route and host image file position within the network. DHCP is the enhanced version of BootP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch obtained dynamically can be different every time; manually bound IP address will be the same all the time. 2) The lease period of IP address obtained dynamically is the same as the lease period of the address pool and is limited; the lease of manually bound IP address is theoretically endless. 3) Dynamically allocated addresses cannot be bound manually.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch dns-server Configures DNS server for DHCP clients [address1[address2[…address8]]] no dns-server Configures Domain name for DHCP clients; domain-name the “no domain-name” command deletes the no domain-name domain name.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch client-identifier Specifies the unique ID of the user when no client-identifier binding an address manually client-name Configures a client name when binding an no client-name address manually 3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch IP address defined in “host” command to the client. Example: Specifying the IP address 10.1.128.160 to be bound to user with the unique id of 00-10-5a-60-af-12 in manual address binding. Switch(dhcp-1-config)#client-identifier 00-10-5a-60-af-12 Switch(dhcp-1-config)#host 10.1.128.160 24 Related command: host 14.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Mode: DHCP Address Pool Mode Usage Guide: Up to 8 DNS server addresses can be configured. The DNS server address assigned first has the highest priority, Therefore address 1 has the highest priority, and address 2 has the second, and so on. Example: Set 10.1.128.3 as the DNS server address for DHCP clients. Switch(dhcp-1-config)#dns-server 10.1.128.3 14.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Specifies the IP address to be assigned to the user when binding addresses manually; the “no host” command deletes the IP address. Parameters:
is the IP address in decimal format; is the subnet mask in decimal format; means mask is indicated by prefix. For example, mask 255.255.255.0 in prefix is “24”, and mask 255.255.255.252 in prefix is “30”.EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Specifies addresses excluding from dynamic assignment; the “no ip dhcp excluded-address []” command cancels the setting. Parameters: is the starting IP address, [] is the ending IP address. Default: Only individual address is excluded by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: lease { [] [][] | infinite } no lease Function: Sets the lease time for addresses in the address pool; the “no lease” command restores the default setting. Parameters: is number of days from 0 to 365; is number of minutes from 0 to 59; infinite means perpetual use. Default: The default lease duration is 1 day.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch h-node that broadcasts after point-to-point communication. Example: Setting the node type for client of pool 1 to broadcasting node. Switch(dhcp-1-config)#netbios-node-type b-node 14.2.2.16 network-address Command: network-address [ | ] no network-address Function: Sets the scope for assignment for addresses in the pool; the “no network-address” command cancels the setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Sets the network parameter specified by the option code; the “no option ” command cancels the setting for option. Parameters: is the code for network parameters; is the ASCII string up to 255 characters; is a value in Hex that is no greater than 510 and must be of even length; is the IP address in decimal format, up to 63 IP addresses can be configured.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 14-2 DHCP relay As shown in the above figure, the DHCP client and the DHCP server are in different networks, the DHCP client performs the four DHCP steps as usual yet DHCP relay is added to the process. 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 4. Disable DHCP relay from forwarding DHCP broadcast packet. Command Explanation Global Mode ip dhcp relay information policy drop no ip dhcp relay information policy drop 14.3.2 14.3.2.1 When layer 3 switches are used as DHCP relays, this command sets the relay forwarding policy to drop DHCP packets; the “no ip dhcp relay information policy drop” command allows DHCP packets forwarding.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.3.2.3 ip dhcp relay information policy drop Command: ip dhcp relay information policy drop no ip dhcp relay information policy drop Function: When layer 3 switches are used as DHCP relays, this command sets the relay forwarding policy to drop DHCP packets; the “no ip dhcp relay information policy drop” command allows DHCP packets forwarding. Default: DHCP relay forwards DHCP broadcast packet by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(dhcp-A-config)#default-route 10.16.1.200 10.16.1.201 Switch(dhcp-A-config)#dns-server 10.16.1.202 Switch(dhcp-A-config)#netbios-name-server 10.16.1.209 Switch(dhcp-A-config)#netbios-node-type H-node Switch(dhcp-A-config)#exit Switch(Config)#ip dhcp excluded-address 10.16.1.200 10.16.1.210 Switch(Config)#ip dhcp pool B Switch(dhcp-B-config)#network 10.16.2.0 24 Switch(dhcp-B-config)#lease 1 Switch(dhcp-B-config)#default-route 10.16.2.200 10.16.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Scenario 2: Fig 14-3 DHCP Relay Configuration As shown in the above figure, ES4710BD is configured as a DHCP relay. The DHCP server address is 10.1.1.10, TFTP server address is 10.1.1.20, the configuration steps are as follows: Switch(Config)# service dhcp Switch(Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip address 192.168.1.1 255.255.255.0 Switch(Config-If-Vlan1)#exit Switch(Config)#interface vlan 2 Switch(Config-If-Vlan2)#ip address 10.1.1.1 255.255.255.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch client will be requesting the IP address in the same segment of the VLAN interface after VLAN interface forwarding, and the VLAN interface IP address is 10.16.1.2/24, therefore the IP address assigned to the client will belong to 10.16.1.0/24. If the DHCP/BootP client wants to have an address in 10.16.2.0/24, the gateway forwarding broadcast packets of the client must belong to 10.16.2.0/24.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch conflicting for use. The “Clear ip dhcp conflict” command can be used to delete the conflict record for an address. If "all” is specified, then all conflict records in the log will be removed. When records are removed from the log, the addresses are available for allocation by the DHCP server. Example: The network administrator finds 10.1.128.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Type Type of assignment: manual binding or dynamic assignment. 14.5.1.5 show ip dhcp conflict Command: show ip dhcp conflict Function: Displays log information for addresses that have a conflict record. Command mode: Admin Mode Example: Switch# show ip dhcp conflict IP Address Detection method 10.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch BOOTREPLY 1911 DHCPOFFER 6 DHCPACK 6 DHCPNAK 0 DHCPRELAY 1907 DHCPFORWARD 0 Switch# Displayed information Explanation Address pools Number of DHCP address pools configured. Database agents Number of database agents.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.5.2 DHCP Troubleshooting Help If the DHCP clients cannot obtain IP addresses and other network parameters, the following procedures can be followed after DHCP client hardware and cables have been verified to be ok. & Verify the DHCP server is running, start the related DHCP server if not running. & If the DHCP clients and servers are not in the same physical network, verify that the router responsible for DHCP packet forwarding has DHCP relay function.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.2.1 Address pool configuration Click “DHCP configuration”, “DHCP server configuration”, “Address pool configuration” to configure the DHCP address pool function: z z z z z DHCP pool name (1-32 characters) – defines a DHCP address pool in global mode. Same as CLI command 14.2.2.11 DHCP pool domain name (1-255 characters) – to configure DHCP client domain name. Same as CLI command 14.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.2.2 Client’s default gateway configuration Click “DHCP configuration”, “DHCP server configuration”, “Client's default gateway configuration” to configure the default gateway for DHCP client. Same as CLI command 14.2.2.4: z DHCP pool name – selects one DHCP address pool z Gateway – default gateway, default gateway’s IP address and DHCP client’s IP address in the same segment. The switch maximum supports 8 gateway addresses.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.2.4 Client wins server configuration Click DHCP configuration, DHCP server configuration, Client WINS server configuration. Configure Wins server address. Same as CLI command 14.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch configuration” to configure the DHCP client boot file name and client server address which is for save the boot file: z DHCP pool name - Choose one DHCP address pool z DHCP client bootfile name (1-128 characters) - boot file name. Same as CLI command 14.2.2.1 z File server - server address where the client boot file is saved. Same as CLI command 14.2.2.17 Example: Choose DHCP pool name as 1, configure the DHCP client bootfile name as c:\temp\nos.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.2.7 Manual address pool configuration Click “DHCP configuration”, “DHCP server configuration”, “Manual address pool configuration” to configure DHCP to manually allocate address: z z z z z DHCP pool name – Choose one DHCP address pool Hardware address – assigns user hardware address. Same as CLI command 14.2.2.7 Client IP – allocated IP address for a specific client Client network mask – allocated IP address mask for a specific client.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.2.9 DHCP packet statistics Click “DHCP configuration”, “DHCP server configuration”, “DHCP packet statistics” to display DHCP server statistics information of all kinds of DHCP data packets. Same as CLI command 14.5.1.3: 14.6.3 DHCP relay configuration Click “DHCP configuration”, “DHCP server configuration”, “DHCP packet statistics” to display DHCP server statistics information for all kinds of DHCP data packets. Same as CLI command 14.5.1.3: 14.6.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “DHCP configuration”, “DHCP relay configuration”, “DHCP relay configuration” to configure the switch’s DHCP relay function: DHCP forward UDP configuration configures DHCP relay to forward broadcast messages to a UDP port. Same as CLI command 14.3.2.1: z Port - UDP port Example: Configure Port as 69, and then click Add button to apply this configuration to switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 14.6.4.2 Delete conflict log Click “DHCP configuration”, “DHCP debugging” to delete conflicting logs. Example: Choose Delete all conflict address as Yes. Click Apply button and all conflicting addresses in address conflict log will be removed. 14.6.4.3 Delete DHCP server statistics log Click “DHCP configuration”, “DHCP debugging”, “Delete DHCP server statistics log”. Deletes the DHCP server statistics log to make DHCP server tally clear.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 15 SNTP Configuration The Network Time Protocol (NTP) is widely used for clock synchronization for global computers connected to the Internet. NTP can assess packet sending/receiving delay in the network, and estimate the computer’s clock deviation independently, so as to achieve high accuracy in network computer clocking.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 15.1 15.1.1 SNTP Configuration Commands sntp server Command: sntp server [version ] no sntp server Function: Sets the SNTP/NTP server address and server version; the “no sntp server is the IP unicast address of SNTP/NTP server, in decimal format; is the client SNTP version number, valid values are 1 – 4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: The default time difference setting is “add 8”. Command mode: Global Mode Example: Setting the time zone to Beijing. Switch#config Switch(Config)#sntp timezone beijing add 8 15.2 Typical SNTP Configuration Examples SNTP/NTP Server Switch1 SNTP/NTP Server Switch2 Switch3 Fig 15-2 Typical SNTP Configuration All ES4710BD switches in the autonomous zone are required to perform time synchronization, which is done through two redundant SNTP/NTP servers.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 15.3 SNTP Troubleshooting Help 15.3.1 Monitor and Debug Commands 15.3.1.1 show sntp Command: show sntp Function: Displays current SNTP client configuration and server status. Parameters: N/A. Command mode: Admin Mode Example: Displaying current SNTP configuration. Switch#show sntp SNTP server 2.1.0.2 Version Last Receive 1 15.3.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 15.4.2 Request interval configuration Click “SNTP configuration”, “Request interval configuration” to configure the sending request time interval from SNTP client to NTP/SNTP server. Same as CLI command 15.1.2. Example: Configure Interval as 128 minutes, Click Apply to set the configuration in the switch. 15.4.3 Time difference Click “SNTP configuration”, “Time difference” to configure the SNTP client time zone and UTC time difference. Same as CLI command 15.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 16 16.1 QoS Configuration Introduction to QoS QoS (Quality of Service) is a set of capabilities that allow you to create differentiated services for network traffic, thereby providing better service for selected network traffic. QoS is a guarantee for service quality of consistent and predictable data transfer service to fulfill program requirements.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Robin). In Profile: Traffic within the QoS policy range (bandwidth or burst value) is called “In Profile". Out of Profile: Traffic out the QoS policy range (bandwidth or burst value) is called “Out of Profile". 16.1.2 QoS Implementation To implement Layer 3 switch software QoS, a general, mature reference model should be given. QoS can not create new bandwidth, but can maximize the adjustment and configuration for current bandwidth resources.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Ingress actions classification Generate DSCP value Sorts the packet traffic according to the classification info and ACLs and converts classification info to DSCP values egress actions policing Remark Decides whether the traffic is in profile or out of profile according to the packet DSCP value and plicing policy Forwards in profile packets, degrades/discards outprofile packets Queuing and scheduling Places packets into priority queues according to CoS va
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Star Reads ingress classification configuration info Trust CoS value (IP & non-IP packets) Trust DSCP value (IP packets) Trust IP priority (IP packets) IP & non-IP packets Generates interior DSCP value consistent with the DSCP value carried in packet header (optional) Defines DSCP-to-DSCP mutation map Interior DSCP value generated according to IP Precedence value and IP-Precedence-to-DSCP mapping of the packet Finish CoS value carried with packet? QoS ACLs
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Start Read packet DSCP value Matching policing policy for this DSCP value? Check policing policy, is traffic in profile? Check process for out-of-profile traffic Remark packet DSCP according to policed-DSCP mapping Packet pass through Discard the packet Finish Fig 16-5 Policing and Remarking process Queuing and scheduling: Packets at the egress will re-map the internal DSCP value to CoS value, the queuing operation assigns packets to appropriate queues of
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Start Read packet DSCP and convert it to CoS according to DSCP-to-CoS mapping Read packet CoS and Cos-to-queue mapping Read the buffer value for egress queue Queue buffer available Discard packets until queue buffer available Place packet into specified queue, and forward according to the weight priority of the queues Finish Fig 16-6 Queuing and Scheduling process 16.2 16.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Set up a classification rule according to ACL, VLAN ID, IP Precedence or DSCP to classify the data stream. Different classes of data streams will be processed with different policies. 3. Configure a policy map. After data steam classification, a policy map can be created to associate with the class map created earlier and enter class mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch policy-map no policy-map Creates a policy map and enters policy map mode; the “no policy-map ” command deletes the specified policy map. class no class After a policy map is created, it can be associated to a class. Different policy or new DSCP value can be applied to different data streams in class mode; the “no class ” command deletes the specified class.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch priority ] no mls qos trust disables the current trust status of the port. mls qos cos { } no mls qos cos Configures the default CoS value of the port; the “no mls qos cos” command restores the default setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch to |ip-prec-dscp | policed-dscp to } no mls qos map {cos-dscp | dscp-cos | dscp-mutation | ip-prec-dscp | policed-dscp} 16.2.2 mapping, IP precedence to DSCP and policed DSCP mapping; the “no mls qos map {cos-dscp | dscp-cos | dscp-mutation | ip-prec-dscp | policed-dscp}” command restores the default mapping.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Configures the matching criterion in the class map; the “no match {access-group | ip dscp | ip precedence | vlan}” command deletes the specified matching criterion.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: < class-map-name> is the class map name used by the class. Default: No policy class is configured by default. Command mode: Policy map configuration Mode Usage Guide: Before setting up a policy class, a policy map should be created and the policy map mode entered. In the policy map mode, classification and policy configuration can be performed on packet traffic classified by class map. Example: Entering a policy class mode.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch according to policed-dscp mapping when specified speed is exceeded. Default: There is no policy by default. Command mode: Policy class map configuration Mode Usage Guide: The ranges of and are quite large, if the setting exceeds the actual speed of the port, the policy map applying this policy will not bind to switch ports.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.2.2.9 police aggregate Command: police aggregate no police aggregate Function: Applies a policy set to classified traffic; the “no police aggregate ” command deletes the specified policy set. Parameters: is the policy set name. Default: No policy set is configured by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Configuring Ethernet port 1/1 to trust CoS value, i.e., classifying the packets according to CoS value, DSCP value should not be changed. Switch(Config)#interface ethernet 1/1 Switch(Config-Ethernet1/1)#mls qos trust cos pass-through-dscp 16.2.2.11 mls qos cos Command: mls qos cos { } no mls qos cos Function: Configures the default CoS value of the port; the “no mls qos cos” command restores the default setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.2.2.13 mls qos dscp-mutation Command: mls qos dscp-mutation no mls qos dscp-mutation Function: Applies DSCP mutation mapping to the port; the “no mls qos dscp-mutation ” command restores the DSCP mutation mapping default. Parameters: is the DSCP mutation mapping name. Default: There is no policy by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Configures the queue out mode. The “no priority-queue out” command restores the default value and default queue out weights. Parameters: Default: non-priority-queue mode. Command mode: Interface Mode Usage Guide: When priority-queue out mode is used, packets are no longer sent with WRR algorithm, but sent by packets queue after queue. Example: Setting the queue out mode to priority-queue. Switch(Config-Ethernet1/1)#priority-queue out 16.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch
EES4710BD 10 Slots L2/L3/L4 Chassis Switch the port in trust CoS mode without changing DSCP value, and set the default CoS value of the port to 5.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch An ACL name 1 is set to matching segment 192.168.1.0. QoS was enabled globally, a class map named c1 was created, matching ACL1 in class map; another policy map named p1 was created and refers to c1 in p1, appropriate policies were set to limit bandwidth and burst value. This policy map was applied on Ethernet port 1/2. After the above settings were done, bandwidth for packets from segment 192.168.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-ClassMap)# exit Switch(Config)#policy-map p1 Switch(Config-PolicyMap)#class c1 Switch(Config--Policy-Class)#set ip precedence 5 Switch(Config--Policy-Class)#exit Switch(Config-PolicyMap)#exit Switch(Config)#interface ethernet 1/1 Switch(Config-Ethernet1/1)#service-policy input p1 QoS configuration in Switch2: SWITCH#CONFIG Switch(Config)#mls qos Switch(Config)#interface ethernet 1/1 Switch(Config-Ethernet1/1)#mls qos trust ip-precedence pass-through-
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: Example: Switch #show mls qos aggregate-policer policer1 aggregate-policer policer1 80000 80 exceed-action drop Not used by any policy map Displayed information aggregate-policer policer1 Explanation 80000 80 Configuration for this policy set. exceed-action drop Not used by any policy map Time that the policy set is being referred to 16.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 0x200 0x200 0x200 0x200 0x200 0x200 0x200 0x200 Displayed information Explanation packet number of 8 queue: Available packet number for all 8 0x200 0x200 0x200 0x200 0x200 queues out on the port, this is a fixed 0x200 0x200 0x200 setting that cannot be changed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch out-profile 16.4.1.4 Total out-profile data packets match this class map. show mls qos maps Command: show mls qos maps [cos-dscp | dscp-cos | dscp-mutation | ip-prec-dscp | policed-dscp] Function: Displays mapping configuration information for QoS.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Policed-dscp map: d1 : d2 0 0: 16.4.1.5 1 2 0 3 4 5 1 2 3 4 5 6 7 8 9 6 7 8 1: 10 11 12 13 14 15 16 17 18 19 2: 20 21 22 23 24 25 26 27 28 29 3: 30 31 32 33 34 35 36 37 38 39 4: 40 41 42 43 44 45 46 47 48 49 5: 50 51 52 53 54 55 56 57 58 59 6: 60 61 62 63 9 show class-map Command: show class-map [] Function: Displays class map of QoS. Parameters: < class-map-name> is the class map name. Default: N/A.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Policy Map p1 Class Map name: c1 police 16000000 2000 exceed-action drop Displayed information Explanation Policy Map p1 Name of policy map Class map name:c1 Name of the class map referred to police 16000000 8000 exceed-action drop Policy implemented 16.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z QoS status-Close or Open. To enable QoS, select Open, then click Apply. 16.5.2 Class-map configuration Click “Class-map configuration” to display the extension, including the following two sections: 1. Add/Remove class-map 2. Class-map configuration 16.5.2.1 Add/Remove class-Map Click “Add/Remove class-map” to enter configuration page. Equivalent to CLI command 16.2.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Match value 1, select set to Operation type, and then click Apply. 16.5.3 Policy-map priority configuration Click “Policy-map configuration” to display the extension, which has five sections: z Add/Remove policy-map z Policy-map priority configuration z Policy-map bandwidth configuration z Add/Remove aggregate policer z Apply aggregate policer 16.5.3.1 Add/Remove policy-map Click “Add/Remove policy-map” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.3.2 Policy-map priority configuration Click “Policy-map priority configuration” to entry configure page. Equivalent to CLI command 16.2.2.6. Terms are described as following: z Policy-map name z Class-map name z Priority type. DSCP value or IP precedence value z Priority value z Operation type. Set or Remove.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.3.4 Add/Remove aggregate policy Click Add/Remove aggregate policer to entry configure page. It is equivalent to CLI command 16.2.2.8. Terms are described as following: z Aggregate policer name z Rate-average baud rate for classified bandwidth, K bit/s per unit. z Burst-burst rate for classified bandwidth, K byte per unit.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Apply the aggregate policer agg1 by c1 class-map, input the graphic presentation value, and then click Add. 16.5.4 Apply QoS to port Click “Apply QoS to port” to enter the configuration page, which include four sections: z Port trust mode configuration z Port default CoS configuration z Apply policy-map to port z Apply DSCP mutation mapping 16.5.4.1 Port trust mode configuration Click “Port trust mode configuration” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.4.2 Port default CoS configuration Click “Port default CoS configuration” to entry configure page. Equivalent to CLI command 16.2.2.11. Terms are described as following: z Port z Default CoS value-Startup CoS value z Reset-Will set column as startup defaults. This command will not modify the configuration. z Apply-Will take effort to all setting. This command will modify the configuration. z Default-Will back to startup setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z Port name DSCP mutation name Operation-Set or Remove Example: Set the DSCP mutation in Ethernet port 1/1. Choose Port name as Ethernet1/1, input mu1 for DCSP mutation name, to select Set for Operation, and then click Apply. 16.5.5 Egress-queue configuration Click “Egress-queue configuration” to display the extensions, including three sections: 1. Egress-queue wrr weight configuration 2. Egress-queue work mode configuration 3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.5.2 Egress-queue Work mode configuration Click “Egress-queue work mode configuration” to enter the configuration page. Equivalent to CLI command 16.2.2.15. Terms are described as following: z Port name z Reset-Will set column as startup defaults. This command will not modify the configuration. z Apply-Will take effort to all setting. This command will modify the configuration. z Default-Will back to startup setting. This command will modify the configuration.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.6 QoS mapping configuration Click “QoS mapping configuration” to display extensions, including the following: 1. CoS-to-DSCP mapping 2. DSCP-to-CoS mapping 3. DSCP mutation mapping 4. IP-Precedence-to-DSCP mapping 5. DSCP mark down mapping These configurations are equivalent to CLI command16.2.2.17 16.5.6.1 CoS-to-DSCP mapping Click “CoS-to-DSCP mapping” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.6.2 DSCP-to-CoS mapping Click “DSCP-to-CoS mapping” to entry configure page. Terms are described as following: z DSCP 1-8-DSCP value z CoS Value-DSCP value mapping to CoS value z Operation type-Add or Remove Example: To make DSCP value 20 map to CoS value 2, input the CoS value 2 and DSCP1 value 20, selecting Set for Operation type, then click Apply. 16.5.6.3 DSCP mutation mapping Click “DSCP mutation mapping” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 16.5.6.4 IP-precedence-to-DSCP mapping Click “IP-Precedence-to-DSCP mapping” to enter the configuration page. Terms are described as following: z IP-Precedence-IP precedence value 0~7 z DSCP-IP precedence value mapping to DSCP value z Operation type-Sets or Removes Example: to set the IP precedence value 2 to map to DSCP value 20, input the DSCP value 20 into the IP precedence value 2 column, selecting Set for Operation type, then click Apply. 16.5.6.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 17 L3 Forward Configuration ES4710BD supports Layer 3 forwarding which forwards Layer 3 protocol packets (IP packets) across VLANs. Such forwarding uses IP addresses, when a port receives a IP packet, it will index it in its own route table and decide the operation according to the index result. If the IP packet is destined to another subnet reachable from this switch, then the packet will be forwarded from the appropriate port.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ” command deletes the VLAN interface (Layer 3 interface) created in the switch. 17.1.2.2 Layer 3 Interface Configuration Commands 17.1.2.2.1 interface vlan Command: interface vlan no interface vlan Function: Creates a VLAN interface (a Layer 3 interface); the “no interface vlan ” command deletes the Layer 3 interface specified. Parameters: is the VLAN ID of the established VLAN.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch no ip fib optimize aggregation algorithm; the “no ip fib optimize” disables the optimized IP route aggregation algorithm. 17.2.2.2 IP Route Aggregation Configuration Command 17.2.2.2.1 ip fib optimize Command: ip fib optimize no ip fib optimize Function: Enables the switch to use optimized IP route aggregation algorithm; the “no ip fib optimize” disables the optimized IP route aggregation algorithm.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 0 fragmented, 0 couldn't fragment, 0 fragment sent Sent: 0 generated, 0 forwarded 0 dropped, 0 no route ICMP statistics: Rcvd: 0 total 0 errors 0 time exceeded 0 redirects, 0 unreachable, 0 echo, 0 echo replies 0 mask requests, 0 mask replies, 0 quench 0 parameter, 0 timestamp, 0 timestamp replies Sent: 0 total 0 errors 0 time exceeded 0 redirects, 0 unreachable, 0 echo, 0 echo replies 0 mask requests, 0 mask replies, 0 quench 0 parameter, 0 timestamp, 0 timesta
EES4710BD 10 Slots L2/L3/L4 Chassis Switch and packets without route. ICMP statistics: ICMP packet statistics.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ES4710BD supports the configuration of proxy ARP for some applications. For instance, when an ARP request is received on the port, requesting an IP address in the same IP segment of the port but not the same physical network, if the port has enabled proxy ARP, the port would reply to the ARP with its own MAC address and forward the actual packets received.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 17.3.2.2.2 ip proxy-arp Command: ip proxy-arp no ip proxy-arp Function: Enables proxy ARP for VLAN interface; the “no ip proxy-arp” command disables proxy ARP. Default: Proxy ARP is disabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 50.1.1.9 00-00-00-00-00-09 Vlan50 Ethernet1/1 Static 150.1.1.2 00-00-58-fc-48-9f Vlan150 Ethernet3/4 Dynamic Displayed information Explanation Total arp items Total number of Arp entries.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 17.3.3.2 ARP Troubleshooting Help If ping from the switch to directly connected network devices fails, the following can be used to check the possible cause and create a solution. z Check whether the corresponding ARP has been learned by the switch. z If ARP has not learned, then enabled ARP debugging information and view sending/receiving condition of ARP packets. z Defective cable is a common cause of ARP problems and may disable ARP learning. 17.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch configuration. 17.4.3.1 Configure static ARP Click “ARP configuration” to configure static ARP. Equivalent to CLI command 17.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 18 Routing Protocol Configuration To communicate with a remote host over the Internet, a host must choose a proper route via a set of routers/L3 switches. Both routers and layer 3 switches calculate the route using CPU. The difference is that layer 3 switches add the calculated route in the switch chip and forward using the chip at wire speed.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The route table mainly consists of the following: z Destination address: used to identify the destination address or the destination network of a packet. z Network mask: used together with destination address to identify the destination host or the segment that the layer 3 switch resides.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch priority according to the priority of routing protocols. At same time, static routes can be introduced (redistribute) in dynamic route, and change the priority of the static route introduced. 18.2.2 Introduction to Default Route Default route is a static route, which is used only when no matching route is found. In the route table, default route in is indicated by a destination address of 0.0.0.0 and a network mask of 0.0.0.0, too.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch []” command deletes a static route entry. Parameters: and are the IP address and subnet mask, in decimal format; is the IP address for the next hop in decimal format; is the route priority, ranging from 1 to 255, the smaller preference indicates higher priority. Default: The default priority for static route of ES4710BD is 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Destination Mask C 2.2.2.0 255.255.255.0 C 4.4.4.0 S R Nexthop Interface Pref 0.0.0.0 vlan2 0 255.255.255.0 0.0.0.0 vlan4 0 6.6.6.0 255.255.255.0 9.9.9.9 vlan9 1 7.7.7.0 255.255.255.0 8.8.8.8 vlan8 120 Displayed information Explanation C - connected Direct route, the segment directly connects to the layer 3 switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch PC3£ º10.1.5.2 PC2£ º10.1.4.2 PC1£ º10.1.1.2 vlan3£ 10.1.5.1 º vlan2£ 10.1.2.2 º vlan1£10.1.1.1 º SWITCH-3 vlan2£ 10.1.2.1 º vlan1£ 1º 0.1.3.2 vlan2£10.1.4.1 º vlan1£ 10.1.3.1 º SWITCH-1 SWITCH-2 Fig 18-1 Static Route Configurations Configuration steps: Configuration of layer 3 switch Switch-1 Switch#config Switch(Config)#ip route 10.1.5.0 255.255.255.0 10.1.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Uses the “show ip route” command to display the information about static route in the route table: destination IP address, network mask, next hop IP address, forwarding interface, etc. For example: Switch#show ip route Codes: C - connected, S - static, R - RIP derived, O - OSPF derived A - OSPF ASE, B - BGP derived Destination Mask C 2.2.2.0 255.255.255.0 S 6.6.6.0 255.255.255.0 Nexthop Interface Pref 0.0.0.0 vlan1 0 2.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch switch will be selected with the metrics increasing progressively. This greatly affects the route selection and route aggregation time. To avoid “infinite count”, RIP provides a mechanism such as “split horizon” and “triggered update” to solve route loop. “Split horizon” is done by avoiding sending to a gateway routes leaned from that gateway. There are two split horizon methods: “simple split horizon” and “poison reverse split horizon”.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.3.2 RIP Configuration 18.3.2.1 1. RIP Configuration Task Sequence Enable RIP (required) (1) Enable/disable RIP module. (2) Enable interface to send/receive RIP packets 2. Configure RIP parameters (optional) (1) Configure RIP sending mechanism a. Configure specified RIP packets transmission address b. Configure RIP advertisement (2) Configure RIP routing parameters a. configure route aggregation b.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (1) Configure RIP sending mechanism a. Configure regular RIP packets transmission b. Configure RIP advertisement Command Explanation RIP configuration mode [no] rip broadcast 2) Configure RIP routing parameters. a.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ip rip authentication mode {text| md5 Sets the authentication method; the “no ip rip type {cisco|usual}} authentication mode” command restores the no ip rip authentication mode default plain text authentication method. ip rip authentication key-chain Sets the authentication key; the “no ip rip authentication key-chain” command means no no ip rip authentication key-chain authentication key is used. 3) Configure other RIP parameters a.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ip rip receive version {v1 | v2 | v12} no ip rip receive version [no] ip rip input [no] ip rip output 4. Disable RIP Command Global Mode no router rip Sets the version of RIP packets to receive on all ports; the “no ip rip receive version” command restores the default, i.e.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z show ip rip z debug ip rip packet z debug ip rip recv z debug ip rip send 18.3.2.2.1 auto-summary Command: auto-summary no auto-summary Function: Configures route aggregation; the “no auto-summary” command disables route aggregation. Parameters: N/A. Default: Auto route aggregation is not used by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: ip rip authentication key-chain no ip rip authentication key-chain Function: Specifies the key to use for RIP authentication; the “no ip rip authentication key-chain” command cancels the RIP authentication. Parameters: is a string, up to 16 characters are allowed. Default: RIP authentication is disabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.3.2.2.6 ip rip metricout Command: ip rip metricout no ip rip metricout Function: Sets the additional route weight sending RIP packets on the interface; the “no ip rip metricout” command restores the default setting. Parameters: < value> is the additional route metric, ranging from 0 to 15. Default: The default additional route metric used for RIP to send packets is 0.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: ip rip receive version {v1 | v2 | v12} no ip rip receive version Function: Configure the RIP version to receive on the interface. The default setting is to receive both RIP v1 and v2 packets; the “no ip rip receive version” command restores the default setting. Parameters: v1 and v2 stands for RIP version1 and RIP version 2 respectively, v12 stands for both RIP version 1 and 2. Default: The default setting is v12, i.e.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: Sets split horizon to prevent routing loops, i.e., prevent layer 3 switches from broadcasting the route leaned from the same interface. Example: Disabling split horizon for interface vlan1. Switch(Config)#interface vlan1 Switch(Config-If-Vlan1)#no ip split-horizon 18.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: Zero fields are check in RIP-I packets by default. Command mode: RIP configuration mode Usage Guide: RIP-I packet must have zero field, this command can be used to enable/disable check for RIP-I packet zero field. If non-zero zero field found in RIP-I packet, that RIP-I packet will be discarded. Example: Disabling zero field check for RIP-I packets. Switch(Config-router-rip)#no ip checkzero 18.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Adjusts the time of RIP timers for update, expire, and hold down; the “no timer basic” command restores the default setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: The user can decide whether the routing protocols configured are correct and perform routing troubleshooting according to the output of this command.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch default metric 16 neighbour is preference is 100 Displayed information Explanation rip is turning on RIP routing is enabled default metric 16 The default metric for introduced route is 16 neighbour is The specified destination address preference is 100 RIP routing priority is 100 18.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch received a rip packet from rip packet cmd : 2 159.226.42.1 version:1 18.3.2.2.23 debug ip rip recv Command: debug ip rip recv no debug ip rip recv Function: Enables the RIP packet debug function for receiving: the “no debug ip rip recv” command disables the debug function. Default: Debug is disabled by default. Command mode: Admin Mode Example: Switch#debug ip rip rec start at 230********************* received a rip packet from rip packet cmd : 2 159.226.42.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 00:02:50: start at 170********************* send packets to 11.11.11.2 packet header: cmd: response, version: 1 no. dest dest_mask 1: 159.226.0.0 0.0.0.0 gatedway metric 0.0.0.0 1 dest_mask gatedway metric 00:02:50: start at 170********************* send packets to 159.226.255.255 packet header: no. cmd: response, version: 1 dest 1: 159.222.0.0 0.0.0.0 0.0.0.0 2 2: 11.11.11.2 0.0.0.0 0.0.0.0 2 18.3.3 Typical RIP Scenario vl an1: 10.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (10.1.1.2) only, update information is not exchanged between switchA and switchC vlan2 (20.1.1.2). The configuration for SwitchA, SwitchB and SwitchC is shown below: a) Configuration of layer 3 switch SwitchA !Configuration of the IP address for interface vlan1 SwitchA#config SwitchA(Config)# interface vlan 1 SwitchA(Config-If-Vlan1)# ip address 10.1.1.1 255.255.255.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SwitchC#config SwitchC(Config)# interface vlan 2 SwitchC(Config-If-vlan2)# ip address 20.1.1.2 255.255.255.0 SwitchC (c config-If-vlan2)#exit !Enable RIP SwitchC(Config)#router rip SwitchC(Config-router-rip)#exit !Enable vlan2 to send/receive RIP packets SwitchC(Config)#interface vlan 2 SwitchC (Config-If-vlan2)#ip rip work SwitchC (Config-If-vlan2)exit SwitchC(Config)#exit SwitchC# 18.3.4 RIP Troubleshooting Help 1. Monitor and Debug Commands 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Automatic network summarization is not in Disable RIP auto aggregation effect default metric for redistribute is :16 The default metric for introduced route is 16. neigbour is The specified destination address. preference is :100 RIP routing priority is 100.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch default metric for redistribute is : RIP protocol default metric value. neigbour is: The neighbor layer 3 switch connecting to this RIP switch. Preference RIP routing priority. RIP version information Displays the version information for RIP, including the RIP version of sending (V1 for RIP-I, V2 for RIP-II), RIP sending method (BC for broadcast, MC for multicast), RIP version of receiving (V1 for RIP-I, V2 for RIP-II, V12 for both RIP-I and RIP-II). 18.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch • State of the connecting link Link-state information is flooded throughout the network so that all layer 3 switches can get firsthand information. Link-state layer 3 switches will not broadcast all information contained in their route tables; instead, they only send changed link-state information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch exchange link-state information with the other OSPF layer 3 switches to formal a link-state database describing the whole autonomous system. Each layer 3 switch builds a shortest path tree rooted in itself according to the link-state database, this tree provide the route to all nodes in an autonomous system. If 2 or more layer 3 switches exist (multi-access to the network), "designated layer 3 switch” and “backup designated layer 3 switch” will be selected.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1) Each OSPF-enabled layer 3 switch maintains a database (LS database) describing the link-state of the topology structure of the whole autonomous system. Each layer 3 switch generates a link-state advertisement according to its surrounding network topology structure (router LSA), and sends the LSA to the other layer 3 switches through link-state update (LSU) packets.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (3) Configure other OSPF protocol parameters a. Configure OSPF routing protocol priority b. Configure cost for OSPF STUB area and default route c. Configure OSPF virtual link 3. d. Configure the priority of the interface when electing designated layer 3 switch (DR). Disable OSPF protocol. 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch d. Configure OSPF packet sending timer parameter (timer of broadcast interface sending HELLO packet to poll, timer of neighboring layer 3 switch invalid timeout, timer of LSA transmission delay and timer of LSA retransmission. Command Explanation Interface Mode Sets interval for sending HELLO packets; the “no ip ospf hello-interval
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (3) Configure other OSPF protocol parameters a. Configure OSPF routing protocol priority b. Configure cost for OSPF STUB area and default route c. Configure OSPF virtual link Command Explanation OSPF protocol configuration mode Configures the priority of OSPF among all the routing protocols, and the priority preference [ ase ] for AS exterior routes introduced; the “no no preference [ ase ] preference [ ase ]” command restores the default setting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z z z z z z z z z z z z ip opsf dead-interval ip ospf enable area ip ospf hello-interval ip ospf passive-interface ip ospf priority ip ospf retransmit-interval ip ospf transmit-delay network preference redistribute ospfase router id router ospf stub cost virtuallink neighborid z show ip ospf z show ip ospfase z show ip ospf cumulative z show ip ospf database z show ip ospf interface z show ip ospf neighbor z show ip ospf routing z show ip ospf
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.4.2.2.2 default redistribute interval Command: default redistribute interval
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Router-Ospf)#default redistribute tag 20000 18.4.2.2.5 default redistribute type Command: default redistribute type { 1 | 2 } no default redistribute type Function: Sets the default route type(s) for exterior routes introduction; the “no default redistribute type” command restores the default setting. Parameters: 1 and 2 stand for type1 and type2 exterior routes, respectively.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Setting the OSPF route cost of interface vlan1 to 3. Switch(Config-If-Vlan1)#ip ospf cost 3 18.4.2.2.8 ip ospf dead-interval Command: ip ospf dead-interval
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: The default HELLO-packet-sending interval is 10 seconds. Command mode: Interface Mode Usage Guide: The HELLO packet is a most common packet sent to neighboring layer 3 switches regularly for discovering and maintaining the neighborhood and the election of DR and BDR. The hello-interval value set will be written to the HELLO packet and send with it.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-If-Vlan1)#ip ospf priority 0 18.4.2.2.13 ip ospf retransmit-interval Command: ip ospf retransmit-interval
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: and are the network IP address and mask in decimal format; is the area number from 0 to 4294967295; advertise | notadvertise specifies whether or not broadcast the summary route information within the network. Default: The system has no default area configured; if configured, it assumes to broadcast summary information by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch respectively; tag specifies the tag of the routes, is the tag value for the routes, ranging from 0 to 4,294,967,295; metric specifies the weight of the route; for weight value, ranging from 1 to 16,777,215. Default: Exterior routes are not introduced in OSPF by default. Command Mode: OSPF protocol configuration mode Usage Guide: Routing information can be shared among all dynamic routing protocols in layer 3 switches.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.4.2.2.20 stub cost Command: stub cost area no stub area Function: Sets an area to STUB area; the “no stub area ” command cancels the setting. Parameters: is the default route cost for the STUB area, ranging from 1 to 65535; is the area number of the STUM area, ranging from 1 to 4,294,967,295. Default: No STUB area is configured by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: show ip ospf Function: Displays major OSPF information. Default: Nothing displayed by default Command mode: Admin Mode Example: Switch#show ip ospf my router ID is 11.11.4.1 preference=10 ase perference=150 export metric=1 export tag=-2147483648 area ID 0 interface count:1 80times spf has been run for this area net range: LSRefreshTime is1800 area ID 1 interface count:1 41times spf has been run for this area net range: netid11.11.3.255 netaddress11.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Destination AdvRouter NextHop Age SeqNumber 10.1.1.125 11.11.1.2 11.1.1.2 300 3 Type Cost 2 20 Displayed information Explanation Destination Target network segment or address AdvRouter Route election NextHop Next hop address Age Aging time SeqNumber Sequence number Type Exterior routes type for introduction Cost Cost for introducing exterior routes 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch DB entry count 6 LS_RTR 3 LS_NET 3 LS_SUM_NET 1 AS internal route 4 LS_SUM_ASB 0 LS_ASE 3 AS external route 0 Displayed information Explanation IO cumulative Statistics for OSPF packets in/out. type Packet type: including HELLO packet, DD packet, LS request, update and acknowledging packet, etc. In Packet in statistics. Out Packet out statistics. Areaid OSPF statistics from a specific OSPF area. 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (Net's IP) 11.11.1.0 11.11.4.1 0 2147483656 1 6777215 11.11.2.255 11.11.4.1 0 2147483649 1 6777215 11.11.3.255 11.11.4.1 0 2147483680 1 6777215 ASBR Summary LSAs LS ID ADV rtr Age Sequence Cost Checksum (ASBR's Rtr ID) Area 2>>>>>>>> Area ID: 1 Router LSAs LS ID ADV rtr Age Sequence Cost Checksum 11.11.2.1 11.11.2.1 1 2147483698 1 6777215 14.14.14.1 14.14.14.1 1 2147483662 1 14831 11.11.4.1 11.11.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch OSPF router ID The ID of the layer 3 switch. Area 1>>>>>>>> Area ID: 0 Represent the LSA database information from area 1 to area 0. Router LSAs Route LSA Network LSAs Network LSA Summary Network LSAs Summary network LSA ASBR Summary LSAs Autonomous system exterior LSA 18.4.2.2.26 show ip ospf interface Command: show ip ospf interface Function: Displays OSPF interface information. Parameters: stands for the interface name.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Authentication key OSPF packet authentication key Timer OSPF protocol timer: including time set for HELLO packet, Hell, Poll, Dea, Retrans Poll interval packet, route invalid, route retransmission, etc. Number of Neigbors The number of neighboring layer 3 switches Nubmer of Adjacencies The number of neighboring route interfaces Adjacencies Neighboring interface IP address 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch router ip addr IP address of the interface in the neighboring layer 3 switch state Link-state status priority Priority DR ID of the designated layer 3 switch BDR ID of the backup designated layer 3 switch last hello The last HELLO packet last exch The last packet exchanged 18.4.2.2.28 show ip ospf routing Command: show ip ospf routing Function: Displays OSPF route table information.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Displays OSPF virtual link information. Default: Nothing displayed by default Command mode: Admin Mode Example: Switch#show ip ospf virtual-links no virtual-link 18.4.2.2.30 show ip protocols Command: show ip protocols Function: Displays the information of the routing protocols running in the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch protocol 18.4.2.2.31 debug ip ospf event Command: debug ip ospf event no debug ip ospf event Function: Enables the OSPF debugging function for all events: the “no debug ip ospf event” command disables the debug function. Default: Debugging is disabled by default. Command mode: Admin Mode 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 02:40:58: receive a HELLO packet from 11.11.4.2 via Broadcast interface 11.11.4.1 02:40:58: 18.4.2.2.34 debug ip ospf spf Command: debug ip ospf spf no debug ip ospf spf Function: Enables the OSPF debug function for shortest path algorithm; the “no debug ip ospf spf” command disables this debug function. Default: Debugging is disabled by default. Command mode: Admin Mode 18.4.3 Typical OSPF Scenario Scenario 1: OSPF autonomous system.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ! Configuration of the IP address for interface vlan2 Switch1(Config)# interface vlan 2 Switch1(Config-if-vlan2)# ip address 100.1.1.1 255.255.255.0 Switch1 (Config-if-vlan2)#exit !Enable OSPF protocol, configure the area number for interface vlan1 and vlan2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch3#config Switch3(Config)# interface vlan 3 Switch3(Config-if-vlan1)# ip address 20.1.1.2 255.255.255.0 Switch3(Config-if-vlan3)#no shut-down Switch3(Config-if-vlan3)#exit !Enable OSPF protocol, configure the OSPF area interfaces vlan3 resides in.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch5(Config-if-vlan3)#exit !Enable OSPF protocol, configure the number of the area in which interface vlan2 and vlan3 reside in.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch11 are edge layer 3 switches of the area, Switch5 and Switch7 are edge layer 3 switches of the autonomous system.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch1(Config-If-Vlan2)#exit !Enable OSPF protocol, configure the area number for interface vlan2. Switch1(Config)#router ospf Switch1(Config-router-ospf)#exit Switch1(Config)#interface vlan 2 Switch1(Config-If-Vlan2)#ip ospf enable area 1 !Configure simple key authentication.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch3(Config-If-Vlan2)#exit !Enable OSPF protocol, configure the area number for interface vlan2. Switch3(Config)#router ospf Switch3(Config-router-ospf)#exit Switch3(Config)#interface vlan 2 Switch3(Config-If-Vlan2)#ip ospf enable area 1 !Configure simple key authentication.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch4(Config-If-Vlan1)# ip address 10.1.6.1 255.255.255.0 Switch4(Config-If-Vlan1)#ip ospf enable area 0 !Configure MD5 key authentication. Switch4(Config-If-Vlan1)#ip ospf authentication md5 DCS Switch4(Config-If-Vlan1)exit Switch4(Config)#exit Switch4# 18.4.4 OSPF Troubleshooting Help 1. Monitor and Debugging Commands 2. OSPF Troubleshooting Help 18.4.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (1)show ip ospf Example: Switch#show ip ospf my router ID is 11.11.4.1 preference=10 ase perference=150 export metric=1 export tag=-2147483648 area ID 0 interface count:1 80times spf has been run for this area net range: LSRefreshTime is1800 area ID 1 interface count:1 41times spf has been run for this area net range: netid11.11.3.255 netaddress11.11.0.0 netmask255.255.252.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch A 5.1.2.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.3.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.4.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.5.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.6.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.7.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.8.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.9.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.10.0 255.255.255.0 12.1.1.2 Vlan12 150 A 5.1.11.0 255.255.255.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch type in out HELLO 1048 253 DD 338 337 LS Req 62 219 LS Update 753 295 LS Ack 495 308 ASE count 0 checksum 0 original LSA 340 LS_RTR 179 LS_NET 1 LS_SUM_NET 160 LS_SUM_ASB 0 LS_ASE 0 received LSA 325 Areaid 0 nbr count 1 spf times interface count 1 120 DB entry count 6 LS_RTR 2 LS_NET 2 LS_SUM_NET 3 LS_SUM_ASB 0 LS_ASE 3 LS_SUM_ASB 0 LS_ASE 3 Areaid 1 nbr count 2 spf times interface count 1 52 DB entry count 6 LS_RTR 3 LS_NET 3 LS_S
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 11.11.4.2 11.11.4.2 18 2147483863 1 6777215 Router LSA 11.11.4.1 11.11.4.1 0 2147483808 0 42401 11.11.4.2 11.11.4.2 18 2147483863 1 6777215 Network LSAs LS ID ADV rtr Age Sequence Cost 11.11.4.2 1 2147483662 1 Checksum (DR's IP) 11.11.4.2 35126 Summary Network LSAs LS ID ADV rtr Age Sequence Cost Checksum 11.11.1.0 11.11.4.1 0 2147483656 1 6777215 11.11.2.255 11.11.4.1 0 2147483649 1 6777215 11.11.3.255 11.11.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 11.11.1.3 14.14.14.1 15 2147483705 1 53384 Summary Network LSAs LS ID ADV rtr Age Sequence Cost 11.11.4.1 0 2147483677 1 Checksum (Net's IP) 11.11.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch cost State Cost value Status Type Layer 3 switch type, such as designated Priority Configure the priority in electing designated layer 3 switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch area id The id of the area for the interface router id The ID of the neighbor layer 3 switch router ip addr IP address of the neighboring layer 3 switch state Link-state status priority Priority DR ID of the designated layer 3 switch BDR ID of the backup designated layer 3 switch last hello The last HELLO packet last exch The last packet exchanged (8)show ip ospf routing The “show ip ospf routing” command can be used to display information about t
EES4710BD 10 Slots L2/L3/L4 Chassis Switch my router ID is 100.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5 WEB MANAGEMENT Click “Route configuration” to open “routing protocol configuration” to configure the items as follows: z Static route configuration z RIP configuration z OSPF configuration z Show ip route 18.5.1 Static route Click “Static route configuration” to configure static route 18.5.1.1 Static route configuration Click “Static route configuration” to enter the configuration page. Equivalent to CLI command 18.2.3.2.1 including.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click RIP configuration to open RIP configuration including: z Enable RIP: enable RIP including 9 Enable RIP: enable 9 Enable port to receive/transmit RIP packet z RIP parameter configuration (optional) including: 9 Enable imported route 9 Metricin/out configuration 9 RIP port imported route 9 RIP mode configuration 9 RIP timer configuration 18.5.2.1 18.5.2.1.1 RIP configuration Enable RIP Click “Enable RIP” to enter configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z Redistribute imported route cost Operation type: Add or Remove Example: For protocol select OSPF, cost as 5, then select Add. Click Apply button to redistribute imported route cost 5 with OSPF routing protocol to RIP. 18.5.2.2.2 Metricin/out configuration Click “Metricin/out configuration” to enter the configuration page z In: the value of metric in. Equivalent to CLI command 18.3.2.2.5 z Out: the vale of metric out. Equivalent to CLI command 18.3.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z 18.3.2.2.3 RIP authentication type: sets up RIP authentication type. Text means text authentication; md5 means normal MD5 authentication; Cisco MD5 means Cisco MD5 authentication; cancel means back to default. Equivalent to CLI command 18.3.2.2.4. Example: 18.5.2.2.4 Global RIP configuration Click “RIP mode configuration” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5.2.2.5 Set RIP timer Click “RIP timer configuration” to enter the configuration page. Equivalent to CLI command 18.3.2.2.18 z Update time: sending update packet time interval z Invalid timer: RIP route invalid time z Holddown timer: specified invalid routes existing interval in the routing table Example: 18.5.3 OSPF Click “OSPF configuration” to open OSPF configuration.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “OSPF enable” to enter the configuration page. Equivalent to CLI command 18.4.2.2.19. z OSPF enable: select from OSPF enable or OSPF disable z Reset: clears selection Example: Select OSPF enable and click Apply button to enable OSPF protocol 18.5.3.1.2 Router-ID configuration Click “Router-ID configuration” to enter the configuration page. Equivalent to CLI command 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5.3.1.4 Configure OSPF area for port Click “OSPF area configuration” to enter the configuration page for port. Equivalent to CLI command 18.4.2.2.9 z Vlan port: port list z Area ID: area number z Reset: resets each column value to default in this page and this action will not change settings z Apply: valid each column value. This action will change settings. z Default: resets to default setting. This action will change settings.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5.3.2.2 Passive interface configuration Click “Passive interface configuration” to enter the configuration page. Equivalent to CLI command 18.4.2.2.11. z Port: port list z Passive interface configuration: sets up to receive OSPF packets only z Cancel: cancels the setting. z Reset: resets to default parameters Example: Select port vlan1, select Passive interface configuration and click Apply button to configure port vlan 1 as receiving OSPF packet only. 18.5.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5.3.3 OSPF imported route parameter configuration Click “OSPF Imported route parameter configuration” to open the configuration table, includes: z Imported route parameter configuration: configure imported route default parameter z Import external routing information: configure other imported protocol in OSPF 18.5.3.3.1 Imported route parameter configuration Click “Imported route parameter configuration” to enter the configuration page.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z Reset: resets each column value to default in this page and this action will not change settings Apply: valid each column value. This action will change settings. Default: resets to default settings. This action will change settings. 18.5.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 18.5.3.4.3 OSPF virtual link configuration Click “OSPF virtual link configuration” to enter the configuration page. Equivalent to CLI command 8.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z z z z z show ip ospf cumulative: displays OSPF statistic information. Equivalent to CLI command 18.4.2.2.24 show ip ospf database: displays OSPF link status data information. Equivalent to CLI command 18.4.2.2.25 show ip ospf interface: displays OSPF interface information. Equivalent to CLI command 18.4.2.2.26 show ip ospf neighbor: displays OSPF neighbor node information. Equivalent to CLI command 18.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter 19 19.1 Multicast protocol Configuration Multicast Protocol Overview 19.1.1 Introduction to Multicast When sending information (including data, voice and video) to a small number of users in the network, there are several ways of transmission.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch group at any time. A multicast group can be either a perpetual one or temporary one. Part of multicast addresses are assigned officially and referred to as the perpetual multicast group. The IP address of a perpetual multicast group remains the same, but the membership can be changed. A perpetual multicast group can have any number of members, even zero. IP multicast addresses not reserved for perpetual multicast group can be used by temporary multicast groups.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch multicast group address in the destination address field of the IP packet. The multicast model differs from the unicast model in that a multicast packet must be forwarded to several external interfaces to send the packet to all receiving stations, i.e., multicast forwarding is more complex than unicast forwarding.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Function: Displays the IP multicast packet forwarding entries. Parameters: [group_address] specifies the group address for the forwarding entry to be displayed; [source_address] specifies the source address for the forwarding entry to be displayed Default: No display by default. Command mode: Admin Mode Usage Guide: This command is used to display IP multicast forwarding entries, or the forwarding entries in the system FIB table for forwarding multicast packets.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.3 19.3.1 PIM-DM Introduction to PIM-DM PIM-DM (Protocol Independent Multicast,Dense Mode) is a dense mode multicast protocol. It is good for use in small networks as the multicast group members are relatively concentrated in such network environments. The work process of PIM-DM can be summarized as the following phases: neighbor discovery, flooding & prune, grafting. 1. Neighbor discovery PIM-DM routers need discover neighbors with HELLO packets on start up.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch If a pruned downstream node needs to restore to the forwarding state, the node will send a graft packet to ask the upstream to restore multicast data forwarding. 19.3.2 PIM-DM Configuration 19.3.2.1 PIM-DM Configuration Task Sequence 1. Enable PIM-DM Basic configuration of PIM-DM routing protocol on ES4710BD series switches is quite simple: just enable PIM-DM in the appropriate interfaces.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: ip pim dense-mode no ip pim dense-mode Function: Enables PIM-DM protocol on the interface; the “no ip pim dense-mode” command disables PIM-DM protocol on the interface. Parameters: N/A. Default: PIM-DM protocol is disabled by default. Command mode: Interface Mode Usage Guide: Example: Enabling PIM-DM protocol on interface vlan1. Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip pim dense-mode 19.3.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch SWITCHB SWITCHA Et her net 1/ 1 vl an2 Et her net 1/ 2 vl an1 Et her net 1/ 1 vl an1 Et her net 1/ 2 vl an2 Fig 19-1 Typical PIM-DM environment The followings are the configurations of SwitchA and SwitchB.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Enables the debugging function for displaying debug ip pim detailed PIM information; the “no” format of this command disables this debug function. 19.3.4.2 show ip pim mroute dm Command: show ip pim mroute dm Function: Displays the PIM-DM packet forwarding entry Parameters: N/A. Default: No display by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Outgoing interface list Outgoing interface list. Prune interface list Downstream prune interface list. 19.3.4.3 show ip pim neighbor Command: show ip pim neighbor [] Function: Displays information for neighbors of the PIM interface. Parameters: is the interface name, i.e., displays PIM neighbor information of the specified interface. Default: PIM neighbor information is displayed by default on all interfaces.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch information to Edge-Core technical service center. 19.4 19.4.1 PIM-SM Introduction to PIM-SM PIM-SM (Protocol Independent Multicast,Sparse Mode) is a sparse mode multicast protocol, the mode is protocol independent. It is mainly used in large scale networks with group members relatively scattered in large ranges.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch On receiving BSR advertised C-RP messages, multicast routers will calculate the RP corresponding to a certain multicast group with the same algorithm. It should be noted that one RP can service multiple multicast groups or all multicast groups. Each multicast group in any time can have only one corresponding RP, multiple associations is forbidden.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 1) Configure a switch as the candidate BSR. Command Explanation Interface Mode This command is a global candidate BSR ip pim bsr-candidate [hashlength] [Priority] configuration command. It is used to configure information for PIM-SM candidate BSR and to contend for the BSR router with the other no ip pim bsr-candidate candidate BSRs; the “no ip pim bsr-candidate” command cancels the BSR configuration. 2) Configure a switch as the candidate RP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command: ip pim sparse-mode no ip pim sparse-mode Function: Enables PIM-SM protocol on the interface; the “no ip pim sparse-mode” command disables PIM-SM protocol on the interface. Parameters: N/A. Default: PIM-SM protocol is disabled by default. Command mode: Interface Mode Usage Guide: Example: Enabling PIM-SM protocol on interface vlan1. Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip pim sparse-mode 19.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch specified period, that neighbor is considered to be lost. This time setting must be no greater than the neighbor timeout time. Example: Configuring PIM-SM HELLO interval on interface vlan1. Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip pim query-interval 20 19.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch this command is configured. Example: Setting the interface vlan1 as the candidate RP announcing message sending interface. Switch (Config)# ip pim rp-candidate vlan1 group-list 5 Switch (Config)# access-list 5 permit 239.255.2.0 0.0.0.255 19.4.3 Typical PIM-SM Scenario As shown in the figure below, the Ethernet interfaces of SWITCHA, SWITCHB, SWITCHC and SWITCHD are added to the appropriate vlan, and PIM-SM protocol is enabled on each vlan interface.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch (Config)#interface vlan 2 Switch(Config-If-Vlan2)# ip pim sparse-mode Switch(Config-If-Vlan2)# exit Switch (Config)# ip pim rp-candidate vlan2 group-list 5 Switch (Config)# access-list 5 permit 239.255.2.0 0.0.0.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch PIMv2 Bootstrap information BSR address: 192.4.1.3 Priority: 192, Hash mask length: 30 Expires : 00:02:13. Switch # Displayed information Explanation BSR address Bsr-router address Priority Bsr-router priority Hash mask length Bsr-router hash mask length Expires The remaining time before considering the Bsr-router to be invalid. 19.4.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Expires The remaining time before considering the neighbor to be invalid. 19.4.4.1.3 show ip pim mroute sm Command: show ip pim mroute sm Function: Displays the PIM-SM packet forwarding entry Parameters: N/A. Default: No display by default. Command mode: Admin Mode Usage Guide: This command is used to display PIM-SM multicast forwarding entries, or the forwarding entries in the system FIB table for forwarding multicast packets.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 192.2.1.1 Vlan2 31 00:11:39 00:01:16 / 192.4.1.4 Vlan4 33 00:11:39 00:01:44 DR 192.4.1.3 Vlan4 33 00:11:39 00:01:17 / Switch # Displayed information Explanation Neighbor-Address Neighbor address Interface The neighbor interface discovered ifIndex Interface index number Uptime The up time of the neighbor since discovery Expires The remaining time before considering the neighbor to be invalid DR-state Whether the neighbor is a DR 19.4.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 00:17:52: PIM: Received v2 Join/Prune on Vlan2 from 192.3.1.3 to 192.3.1.2 00:17:52: PIM: Receive Join-list: (192.1.1.1/32, 225.0.0.1/32), S-bit set 00:17:54: PIM: Received v2 Hello on Vlan4 from 192.4.1.4, holdtime 105 00:17:57: PIM: Received v2 Hello on vlan3 from 192.2.1.1, holdtime 105 00:17:57: PIM: Received v2 Hello on Vlan2 from 192.3.1.3, holdtime 105 00:17:58: PIM: Received v2 Hello on Vlan4 from 192.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch correctness must be ensured. PIM-SM protocol requires the support of RP and BSR. So “show ip pim bsr-router” command should be run first for BRS information, if no BSR exists, then the unicast route to BSR should be checked. Use the “show ip pim rp” command to verify RP information is correct. If no RP information is displayed, the unicast route should be checked, too.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch information, they know the route metric for each other to get to the source network, and the switch has the smallest metric to the source network becomes the designated forwarder of that subnet; if the metrics are same, the one with lower IP address rules. When DVMRP is enabled on an interface of the switch, probe messages are multicasted to the other DVMRP switches to discover the neighbors and their capabilities.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Interface Mode Enable DVMRP; the “no ip dvmrp enable” [no] ip dvmrp enable command disables DVMRP (required) 2. Configure connectivity with CISCO routers/switches CISCO does not really implemented DVMRP, but provides connectivity with DVMRP. As CISCO routers/switches send report packet but not probe packets, neighbor timeout issue should be addressed in establish connectivity with CISCO routers/switches.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ip dvmrp report-interval no ip dvmrp report-interval Sets the interval for sending DVMRP report messages; the “no ip dvmrp report interval” command restores the default setting. d. Configuring DVMRP route timeout time Command Explanation Global Mode ip dvmrp route-timeout no ip dvmrp route-timeout Sets timeout interval for DVMRP routes; the “no ip dvmrp route-timeout” command restores the default setting. 4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.5.2.2.1 ip dvmrp cisco-compatible Command: ip dvmrp cisco-compatible no ip dvmrp cisco-compatible Function: Enables connectivity with CISCO neighbor A, B, C, D; the “no ip dvmrp cisco-compatible” command disables connectivity with CISCO neighbors. Parameters: are the Neighboring IP addresses Default: The connectivity with CISCO neighbors is disabled by default.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: If a new receiver joins that interface when an interface is in the pruned state, the interface will send a graft message to the upstream; if no graft ACK message from the upstream is received, it will keep sending graft message to the upstream at regular interval until an appropriate graft ACK is received. Example: Setting the interval for sending DVMRP graft messages to 10 seconds. Switch (Config)#ip dvmrp graft-interval 10 19.5.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.5.2.2.6 ip dvmrp probe-interval Command: ip dvmrp probe-interval no ip dvmrp probe-interval Function: Sets the interval for sending DVMRP probe messages; the “no ip dvmrp probe interval” command restores the default setting. Parameters: is the interval for sending DVMRP probe packets, ranging from 5 to 30 seconds.. Default: The default interval for sending DVMRP probe messages is 10 seconds.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: < time_val> is the time to timeout a route, the valid range is 20 to 1400 seconds.. Default: The default timeout setting for DVMRP routes is 140 seconds. Command mode: Global Mode Usage Guide: If no updating report message for a route from the neighbor of the route is received in the specified interval, then the route is considered to be invalid. This timeout interval must be greater than that for sending report messages.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Fig 19-3 DVMRP network topology The followings are the configurations of SwitchA and SwitchB. (1) Configuration of SWITCHA: Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip dvmrp enable (2) Configuration of SWITCHB: Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip dvmrp enable Switch(Config-If-Vlan1)#exit Switch (Config)#interface vlan 2 Switch(Config-If-Vlan2)# ip dvmrp enable 19.5.4 DVMRP Troubleshooting Help 1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Outgoing interface list: (Vlan2), protos: 0x2 Upstream prune interface list: Downstream prune interface list: Displayed information Explanation (192.168.1.0, 224.1.1.1) Forwarding entry Incoming interface Incoming interface, or RPF interface Outgoing interface list Outgoing interface list Upstream prune interface list Upstream prune interface list Downstream prune interface list Downstream prune interface list 19.5.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command mode: Admin Mode Usage Guide: This command is used to display DVMRP route table entries; DVMRP maintains separated unicast route tables for RPF check. Example: Displaying DVMRP routing information. Switch #show ip dvmrp route Switch # Destination/Mask 192.168.1.0/24 Nexthop 192.168.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.5.4.1.5 debug ip dvmrp detail Command: debug ip dvmrp detail Function: Enables the debug function for displaying detailed DVMRP information; the “no” format of this command disables this debug function. Parameters: N/A. Default: Disabled. Command mode: Admin Mode Usage Guide: If detailed information about DVMRP packets (except prune and graft) is required, this debug command can be used.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch DVMRP pruning debug is on 02:22:20:26: DVMRP: Received prune on vlan2 from 105.1.1.2, len 20 02:22:20:26: DVMRP: Prune Vers: majorv 3, minorv 255 02:22:20:26: DVMRP: Prune source 192.168.1.105, group 224.1.1.1 02:22:20:40: DVMRP: Received graft on vlan1 from 105.1.1.2, len 16 02:22:20:40: DVMRP: Graft Vers: majorv 3, minorv 255 02:22:20:40: DVMRP: Graft source 192.168.1.105, group 224.1.1.1 02:22:20:40: DVMRP: Send graft-ACK on vlan1 to 105.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch network segments connecting to its interfaces. As to the hosts, they only need to keep the information about the multicast groups joined. IGMP is asymmetric for hosts and switches: The hosts respond IGMP query packets sent by the multicast switches, i.e., respond with membership report packets.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch b. Configure maximum response time for IGMP queries c. Configure timeout setting for IGMP queries (3) Configure IGMP version 3、 Disable IGMP 1. Enable IGMP There is no special command for enabling IGMP in ES4710BD layer 3 switches, the IGMP automatically enables when any multicast protocol is enabled on the respective interface.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch ip igmp static-group Joins the interface to a static IGMP group; the “no no ip igmp static -group ip igmp static -group” command cancels the join. (2) Configure IGMP query parameters. a. Configure transmission interval of query packets in IGMP b. Configure maximum response time for IGMP queries c.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z ip igmp version z show ip igmp groups z show ip igmp interface z debug ip igmp event z debug ip igmp packet 19.6.2.2.1 ip igmp access-group Command: ip igmp access-group {} no ip igmp access-group Function: Sets the filter criteria for IGMP group on the interface; the “no ip igmp access-group” command cancels the filter criteria.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.6.2.2.3 ip igmp query-interval Command: ip igmp query-interval no ip igmp query-interval Function: Sets the interval for sending IGMP query messages; the “no ip IGMP query interval” command restores the default setting. Parameters: is the interval for sending IGMP query packets, ranging from 1 to 65535 seconds. Default: The default interval for sending IGMP query messages is 125 seconds.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch as the querier for that shared network, the other switches act as timers monitoring the status of the querier; if no query packet from the querier is received after the query timeout time, a new switch will be elected to be the new querier. Example: Configuring the interface timeout setting for IGMP queries to 100 seconds. Switch (Config)#interface vlan 1 Switch(Config-If-Vlan1)#ip igmp query-timeout 100 19.6.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch appropriate vlan, and PIM-DM protocol is enabled on each vlan interface. SWITCHB SWITCHA Et her net 1/ 1 vl an1 Et her net 1/ 1 vl an1 Et her net 1/ 2 vl an2 Fig 19-4 IGMP network topology The followings are the configurations of SwitchA and SwitchB.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch#show ip igmp groups IGMP Connect Group Membership (1 group(s) joined) Group Address Interface 239.255.255.250 Vlan123 Uptime 02:57:30 Expires Last Reporter 00:03:36 123.1.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch command disables this debug function. Parameters: N/A. Default: Disabled Command mode: Admin Mode Usage Guide: If detailed information about IGMP events is required, this debugging command can be used. Example: Switch# debug ip igmp event igmp event debug is on Switch# 01:04:30:56: IGMP: Group 224.1.1.1 on interface vlan1 timed out 19.6.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.7 WEB MANAGEMENT Click “root page” left content column “Multicast protocol configuration” to enter into multicast protocol configuration root node and make configuration for multicast protocol.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z z Query-Interval - Configures local interface PIM-DM hello message interval time Vlan Port - assigns layer 3 interface(select from scroll bar menu) Apply - runs according to configured parameter Default - restores local interface PIM-DM hello message interval time to default 19.7.3 19.7.3.1 PIM-SM configuration Enable PIM-SM In PIM-SM protocol configuration mode, click “Enable PIM-SM” to enable or disable PIM-SM protocol in the layer 3 interface.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 19.7.3.4 Set router as BSR candidate Click Set router as BSR candidate for configure PIM-SM candidate BSR information ,for compete with other candidate BSR for BSR router. This is the same as CLI command 19.4.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z Vlan Port - assigns layer 3 interface(select from scroll bar menu) Apply - runs according to configured parameter Default - disables DVMRP protocol 19.7.4.2 Cisco-compatible configuration Click “Cisco-compatible configuration” to startup the connection with CISCO neighbor. This is the sameas CLI command 19.5.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch same as CLI command 19.5.2.2.3 Interval of sending probe packet - Configures the interval of sending probe packet. This is the same as CLI command 19.5.2.2.6 z Interval of sending report packet - Configures the interval of sending report packet. This is the same as CLI command 19.5.2.2.7 z DVMRP route timeout -configures DVMRP route timeout. This is the same as CLI command 19.5.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z z z IGMP query timeout - Configures IGMP query timeout. This is the same as CLI command 19.6.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Click “Show ip pim neighbor” to display PIM interface neighbor information. This is the same as CLI command 19.3.4.3 19.7.6.4 Show ip pim bsr-router Click “Show ip pim bsr-router” to display the running PIM-SM protocol BSR information. This is the same as CLI command 19.4.4.1.1 19.7.6.5 Show ip pim mroute sm Click “Show ip pim mroute sm” to display PIM-SM message forwarding item. This is the same as CLI command 19.4.4.1.3 19.7.6.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter20 20.1 802.1x Configuration Introduction to 802.1x IEEE 802.1x is a port-based network access management method, which authenticates and manages the accessing devices on the physical access level of the LAN device. The physical access level here are the ports of the switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch In the IEEE 802.1x application environment, ES4710BD is used as the access management unit, and the user connection device is the device with 802.1x client software. An authenticating server usually reside in the Carrier’s AAA center and usually is a Radius server. The authentication function of port-based IEEE 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Command Explanation Global Mode aaa enable no aaa enable aaa-accounting enable no aaa-accounting enable Enables the AAA authentication function in the switch; the “no aaa enable” command disables the AAA authentication function. Enables the accounting function in the switch; the “no aaa-accounting enable” command disables the accounting function dot1x enable Enables the 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 3) Configure expanded 802.1x function: for the switch. Command Explanation Global Mode dot1x macfilter enable no dot1x macfilter enable Enables the 802.1x address filter function in the switch; the "no dot1x macfilter enable" command disables the 802.1x address filter function. dot1x accept-mac [interface ] no dot1x accept-mac [interface ] Adds 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Global Mode radius-server key no radius-server key 2) Configuring RADIUS Server Command Specifies the key for RADIUS server; the “no radius-server key” command deletes the key for RADIUS server.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: The AAA authentication for the switch must be enabled first to enable IEEE 802.1x authentication for the switch. Example: Enabling AAA function for the switch. Switch(Config)#aaa enable 20.2.2.2 aaa-accounting enable Command: aaa-accounting enable no aaa-accounting enable Function: Enables the AAA accounting function in the switch: the "no aaa-accounting enable" command disables the AAA accounting function.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.2.2.4 dot1x eapor enable Command: dot1x eapor enable no dot1x eapor enable Function: Enables the EAP relay authentication function in the switch; the “no dot1x eapor enable” command sets EAP local end authentication. Command mode: Global Mode Default: EAP relay authentication is used by default. Usage Guide: The switch and RADIUS may be connected via Ethernet or PPP.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch authentication packets support must be enabled in the switch, otherwise many application would not be available. For detailed information, please refer to the introduction of Edge-Core Overall Solution, Standard 802.1x client would not be authenticated if Edge-Core proprietary 802.1x authentication packet format is enforced for client software by the switch. Example: Enabling the switch to force client software to use Edge-Core proprietary 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: The default maximum user allowed is 1. Usage Guide: This command is available for ports using MAC-based access management, if MAC address authenticated exceeds the number of allowed user, additional users will not be able to access the network. Example: Setting port 1/3 to allow 5 users. Switch(Config-Ethernet1/3)#dot1x max-user 5 20.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch specified port. Parameters: stands for port number, omitting the parameter for all ports. Command mode: Admin Mode Usage Guide: This command is an Admin Mode command. It makes the switch to re-authenticate the client at once without waiting for re-authentication timer timeout. This command is no longer valid after authentication. Example: Enabling real-time re-authentication on port 1/8. Switch#dot1x re-authenticate interface ethernet 1/8 20.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: is the interval for re-authentication, in seconds, the valid range is 1 to 65535. Command mode: Global Mode Default: The default value is 3600 seconds. Usage Guide: dot1x re-authentication must be enabled first before supplicant re-authentication interval can be modified. If authentication is not enabled for the switch, the supplicant re-authentication interval set will not take effect.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch servers, and all the accounting servers can be backup servers for each other. If primary is specified, then the specified RADIUS server will be the primary server. Example: Sets the RADIUS accounting server of IP address to 100.100.100.60 as the primary server, with the accounting port number as 3000. Switch(Config)#radius-server accounting host 100.100.100.60 port 3000 primary 20.2.2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.2.2.20 radius-server key Command: radius-server key no radius-server key Function: Specifies the key for the RADIUS server (authentication and accounting); the “no radius-server key” command deletes the key for RADIUS server. Parameters: is a key string for RADIUS server, up to 16 characters are allowed. Command mode: Global Mode Usage Guide: The key is used in the encrypted communication between the switch and the specified RADIUS server.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch time, the switch resends the request packet or sets the server as invalid according to the current conditions. Example: Setting the RADIUS authentication timeout timer value to 30 seconds. Switch(Config)# radius-server timeout 30 20.3 802.1x Application Example 10. 1. 1. 2 10. 1. 1. 1 Ra d i u s Se r v e r 10. 1. 1. 3 Fig 20-2 IEEE 802.1x Configuration Example Topology The PC is connecting to port 1/2 of the switch; IEEE 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Ethernet1/2)#exit 20.4 802.1x Troubleshooting 2o.4.1 802.1x Debug and Monitor Commands 20.4.1.1 show aaa config Command: show aaa config Function: Displays the configured commands for the switch as a RADIUS client. Command mode: Admin Mode Usage Guide: Displays whether AAA authentication, accounting are enabled and information for key, authentication and accounting server specified.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch .Udp Port = 1813 .Is Primary = 0 .Is Server Dead = 0 .Socket No = 0 Time Out = 3 Retransmit = 3 Dead Time = 5 Account Time Interval = 0 Displayed information Description Is AAA Enabled Indicates whether AAA authentication is enabled or not. 1 for enable and 0 for disable. Is Account Enabled Indicates whether AAA accounting is enabled or not. 1 for enable and 0 for disable. MD5 Server Key Displays the key for RADIUS server.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Usage Guide: Usually the administrator is concerned only with the online user information, the other information displayed is used for troubleshooting by technical support.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch The total user num is: 1 2. Display the statistics for RADIUS authenticated users and others. Switch #sho radius authencating-user count --------------------- Radius user statistic--------------------The authencating user num is: 0 The stopping user num is: 0 The stopped user num is: 0 The total user num is: 20.4.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Supplicant 00-03-0F-FE-2E-D3 Authenticator State Machine State Authenticated Backend State Machine State Idle Reauthentication State Machine State Stop Displayed information Explanation Global 802.1x Parameters Global 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch process and is helpful in troubleshooting. Example: Enabling AAA debugging information. Switch#debug aaa 20.4.1.7 debug dot1x Command: debug dot1x no debug dot1x Function: Enables dot1x debugging information; the “ no debug dot1x” command disables the dot1x debugging information. Command mode: Admin Mode Parameters: N/A. Usage Guide: Enabling dot1x debug information allows the check of dot1x protocol negotiation process and is helpful in troubleshooting.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.5 WEB MANAGEMENT Click “Authentication configuration”, to open authentication configuration management list.Users may configure switch 802.1x authentication function. 20.5.1 RADIUS client configuration Click “Authentication configuration”, “RADIUS client configuration”, to open Radius client configuration management list Users may the configure switch Radius client. 20.5.1.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.5.1.2 RADIUS authentication configuration Click “Authentication configuration”, “RADIUS client configuration”, “RADIUS authentication configuration” to configure the RADIUS authentication server IP address and monitor port ID. Equivalent to CLI command 20.2.2.17. z Authentication server IP – Server IP address.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 20.5.1.3 RADIUS accounting configuration Click “Authentication configuration”, “RADIUS client configuration”, “RADIUS accounting configuration” to configure the RADIUS accounting server’s IP address and monitor port ID. Equivalent to CLI command 20.2.2.16. z Accounting server IP - server IP address. z Accounting server port(optional) – is the accounting server port ID, with range: 0~65535, where “0” means that it’s not work as authentication server.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch suppliant. Equivalent to CLI command 20.2.2.12. z Holddown time for authentication failure(1-65535 second) - Configures suppliant quiet-period status time after authentication failure. Same as CLI command 20.2.2.13. z Re-authenticate client interval(1-65535 second) - Configures time interval of switch re-authentication client. Equivalent to CLI command 20.2.2.14.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch z z Authentication mode – Configures the access control method for a specific port. Mac-based is access control method which is based on MAC address; port-based access control method which is based on port. Same as CLI command 20.2.2.10. Port maximum user(1-254) - Configures the permission maximum user for specific port. Same as CLI command 20.2.2.8. Example: Choose Ethernet port1/1, choose 802.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch port 802.1x configuration information, and make re-authentication for the specific port. Same as CLI command 1.2.2.11. z Port – assign port z 802.1x status – port 802.1x status z Authentication type – Authentication type z Authentication status – Authentication status z Authentication mode – Authentication mode Example: Choose Ethernet port 1/1, then Click Reauthenticate button, the user in Ethernet port 1/1 will be force to make re-authentication.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Chapter21 21.1 VRRP Configuration Introduction to VRRP VRRP (Virtual Router Redundancy Protocol) is a fault tolerant protocol designed to enhance connection reliability between routes (or L3 Ethernet switches) and external devices. It is developed by the IETF for local area networks (LAN) with multicast/broadcast capability (Ethernet is a typical example) and has wide applications.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 2) Configure VRRP priority 3) Configure VRRP Timer intervals 4) Configure VRRP interface monitor 1. Create/Remove the Virtual Router Command Explanation Global Mode [no] router vrrp Creates/Removes the Virtual Router 2.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch (1) Configure the preemptive mode for VRRP Command Explanation VRRP protocol configuration mode preempt-mode {true| false} Configures the preemptive mode for VRRP (2) Configure VRRP priority Command Explanation VRRP protocol configuration mode priority < priority > Configures VRRP priority (3) Configure VRRP Timer intervals Command Explanation VRRP protocol configuration mode advertisement-interval
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Commands: virtual-ip {master| backup} no virtual-ip Function: Configures the VRRP dummy IP address Parameters: is the IP address in decimal format. Default: Not configured by default. Command mode: VRRP protocol configuration mode Usage Guide: This command adds a dummy IP address to an existing Standby cluster. The "no virtual-ip" command removes the dummy IP address from the specified Standby cluster.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch must be configured first before starting Virtual Router. Example: Activating the Virtual Router of number 10 Switch(config)# router vrrp 10 Switch(Config-Router-Vrrp)# enable 21.1.2.5 disable Commands: disable Function: Deactivates VRRP Parameters: N/A. Default: Not configured by default. Command mode: VRRP protocol configuration mode Usage Guide: Deactivates a Virtual Router. VRRP configuration can only be modified when VRRP is deactivated.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Parameters: stands for the VRRP authentication string. Default: There is no authentication string by default. Command mode: Interface Mode Usage Guide: This command keeps the VRRP standby cluster from the disturbance of unauthorized members, all switches in the same standby cluster should have the same authentication string if Simple String mode applies.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Switch(Config-Router-Vrrp)# priority 150 21.1.2.10 advertisement-interval Commands: advertisement-interval no advertisement-interval Function: Sets the vrrp timer values; the “no advertisement-interval” command restores the default setting. Parameters: is the interval for sending VRRP packets in seconds, ranging from 1 to 10. Default: The default is 1second.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Backup cannot changes its status due to lower priority than the Master when the Master fails. Example: Configuring vrrp monitor interface to vlan 2 and decreasing amount of priority to 10. Switch(Config-Router-Vrrp)# circuit-failover vlan 2 10 21.2 Typical VRRP Scenario As shown in the figure below, SWITCHA and SWITCHB are Layer 3 Ethernet Switches in the same group and provide redundancy for each other; SWITCHA is configured as the Master switch.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 21.3.1 21.3.1.1 Monitor and Debug Commands show vrrp Commands: show vrrp [] Function: Displays status and configuration information for the VRRP standby cluster. Command mode: All Modes Example: Switch# show vrrp VrId <1> State is Initialize Virtual IP is 10.1.20.10 (Not IP owner) Interface is Vlan2 Priority is 100 Advertisement interval is 1 sec Preempt mode is TRUE VrId <10> State is Initialize Virtual IP is 10.1.10.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Default: Debugging information is disabled by default. Command mode: Admin Mode Example: Switch#debug vrrp VRRP SEND[Hello]: Advertisement sent for vrid=[10], virtual-ip=[10.1.10.1] VRRP SEND[Hello]: Advertisement sent for vrid=[10], virtual-ip=[10.1.10.1] VRRP SEND[Hello]: Advertisement sent for vrid=[10], virtual-ip=[10.1.10.1] VRRP SEND[Hello]: Advertisement sent for vrid=[10], virtual-ip=[10.1.10.1] 21.3.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch 21.4.2 Configure VRRP Dummy IP Click “VRRP control” to configure VRRP and enter "VRRP Dummy IP Config". Example: Enter the created Virtual Router number 1, VRRP Dummy IP address 192.168.2.100 and select the VRRP number type to be Master. Click Apply to add the Dummy IP address to Virtual Router number 1 of Master type. Click Remove to remove the Dummy IP address from Virtual Router number 1. 21.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch to configure the preemptive mode for virtual router number 1 to "True". 21.4.6 Configure VRRP priority Click “VRRP control” to configure VRRP and enter "VRRP Priority". Example: Enter the created Virtual Router number "1" and priority. Click Enable to set the priority of virtual router number 1 to "255". Click Disable to disable the priority of Virtual Router number 1. 21.4.
EES4710BD 10 Slots L2/L3/L4 Chassis Switch Example: Choose created "Vlan1" for Port and "yes" for AuthenMode. Click Apply to finish Port Vlan1 authentication mode configuration. 21.4.10 Configure Authentication String For VRRP Click “VRRP control” to enter "VRRP AuthenString" and configure VRRP authentication string. Example: Choose created "Vlan1" for Port and "yes" for AuthenMode and enter an authentication string. Click Apply to finish Port Vlan1 authentication string configuration.
