IntraCore 8000 Ethernet Switch User’s Manual August 2000 Part Number 06-00566-00
Copyright Notice All rights reserved. No part of this manual, or any associated artwork, software, product, design or design concept, may be copied, reproduced or stored, in whole or in part, in any form or by any means mechanical, electronic, optical, photocopying, recording or any other wise, including translation to another language or format, without the express written consent of Asanté Technologies, Inc. Trademarks Asanté Technologies and IntraCore are trademarks of Asanté Technologies, Inc.
Table of Contents Introduction .................................................................................. 1-1 IntraCore Architecture Overview .................................................1-1 The Core Switching Engine ..................................................... 1-1 Infrastructure Connectivity .......................................................1-2 Network Management, Security, Performance, and Control ...1-2 The IntraCore Product Family ..............................................
Management Options ............................................................... 2-13 Out-of-Band Management .................................................... 2-13 In-Band Management ........................................................... 2-14 Configuration ............................................................................... 3-1 Local Management Interface ...................................................... 3-2 Logging In ................................................................
Unicast Forwarding Database Configuration ............................ 3-33 Current Settings ..................................................................... 3-34 Displaying the Forwarding Database ..................................... 3-34 Searching for a MAC Address ...............................................3-36 Setting the MAC Address Age-Out Time ............................... 3-37 Image File Downloading Configuration ..................................... 3-38 Image Downloading Through TFTP .
Configuring Port Lock and Intruder Lock .............................. 4-15 Setting the Intruder Trap ....................................................... 4-17 Inserting/Modifying a Port Trusted MAC Address ................. 4-17 Resetting Security to Defaults ............................................... 4-17 VLAN Management .................................................................. 4-18 VLAN Specifications for the IntraCore 8000 .........................
VLAN Button ............................................................................. 5-14 Port Configuration ..................................................................5-14 VLAN Configuration .............................................................. 5-15 Duplicate IP Button ................................................................... 5-19 Technical Support ....................................................................... A-1 Contacting Technical Support .......................
Page vi
1 Introduction This chapter introduces the IntraCore architecture, then gives a description of the chassis and the various modules that can be installed in the IntraCore 8000. There are also tables of the key features, default settings, and specifications of the IntraCore 8000, and explanations of the different LED indicators used by the various modules.
Introduction Infrastructure Connectivity The second key element of the architecture is Infrastructure Connectivity. IntraCore specifies standards based, high performance, cost effective technologies for connectivity among devices in the network. In the LAN – At the network edge, Layer 2 switched 10/100/1000 Ethernet meets the requirements for high-speed connectivity of desktop computers and scalable, cost effective data transmission for trunks to the network core.
The IntraCore Product Family Management Feature Security Performance Control Web Browser Management Supported SNMP, RMON Supported Supported Supported Standard MIsS Supported Supported Supported Supported Supported Supported Supported Supported Supported IGMP V1, V2 Snooping Supported Supported RSVP Snooping Supported Supported GARP Multicast Registration Supported Supported 802.1P Priority 802.1Q VLAN Tagging Supported 802.1D – Spanning Tree Supported Duplicate IP addr.
Introduction operation and management allowing customers to seamlessly deploy any model in their network. Edge Switches Edge Switches provide the first point of connectivity to the network. Connecting to an Enterprise Switch in the network core, Edge Switches provide aggregation of traffic from desktop computers over high capacity trunks. The initial product introduced in the Edge Switch category is the IntraCore 8000.
The IntraCore 8000 The IntraCore 8000 The IntraCore 8000 is a stackable, high performance solution for enterprise edge applications. Each stack supports up to 192 10/100Mbps switched Ethernet connections for cost-effective high-density connectivity in wiring closets. The system can operate as a stand-alone network or be used in combination with an IntraCore 8000 in the backbone.
Introduction Gigabit Ethernet Switch Module This module provides a slot for a switched Gigabit Ethernet port. Each module occupies a single slot and has a GBIC port that accepts Asanté or third party GBIC interfaces. The following subsections describe the possible GBIC interfaces. Figure 1-3 Gigabit Ethernet Switch Module 1000Base SX GBIC This module provides a GBIC interface with SC-type fiber connectors. The interface supports 62.5 and 50 micron multimode fiber media. The 62.
Features Features The following table lists the major features of the IntraCore 8000 switch. Feature Description Media Flexibility Expansion module options include 8-port 10/100 Base-TX switched Ethernet modules and single-port Gigabit Ethernet modules with GBIC slots. High Density Supports up to 192 10/100 switched Ethernet ports or up to 3 switched Gigabit Ethernet ports and 24 10/100 switched Ethernet ports in a single stacking unit. This saves space in crowded equipment rooms.
Introduction Feature (Cont.) Description (Cont.) Security Node summary tracks MAC and IP addresses per device, for multiple devices on each port. The Port Security feature provides per-port security, allowing the network manager to specify which MAC is authorized on each port. Only the device with that MAC address is allowed to connect to that specific port. Web Based Management Built-in Web-based interface is provided for chassis management, module management, port-level control, and monitoring.
Defaults and Specifications Defaults and Specifications The IntraCore 8000 is shipped with the following factory default settings and specifications: Configuration Default Setting Backplane Speed 16Gbps/stack unit, up to 80Gbps in a 4 unit stack.
Introduction LEDs The following indicator lights are used on the various modules of the IntraCore 8000.
2 Installation and Setup This chapter explains how to install, connect, and configure the IntraCore 8000 chassis and modules to work with your network. It also explains how to set up your IntraCore 8000 for management, either from a console, via telnet, via SNMP, or by using a Web browser. Installation Guidelines The following guidelines will help you prepare to install your IntraCore 8000 in such a way that it has the proper power supply and environment.
Installation and Setup Installation Overview The table below describes the steps needed to install the IntraCore 8000. The steps that are optional are labeled “optional” and the steps that are required are labeled “required.” The sections that follow explain each step in detail. Step Action to Be Taken 1 (Required) Open the box and check the contents. See the Package Contents sheet for a complete list of the items included with your IntraCore 8000.
Chassis Installation/Placement Chassis Installation/Placement The IntraCore 8000 can be installed in a standard 19-inch equipment rack. It can also be placed on a stable horizontal surface. I Important: The equipment rack or desk on which you install your IntraCore 8000 must be secure and stable. Equipment racks must be fastened to the floor; desks must be resting on a flat, stable surface. Installation in an Equipment Rack To install the unit in an equipment rack, use the following procedure.
Installation and Setup Equipment Rack Installation Procedure To mount the IntraCore 8000 in an equipment rack: 1 2 Place the IntraCore 8000 on a flat, stable surface. 3 Insert six screws (supplied) into the holes and tighten with a Phillips screwdriver. Do not use fewer than six screws for this mounting. 4 For the other side of the unit, repeat the two previous steps. 5 6 Place the unit in the equipment rack.
Stacking Switches Stacking Switches Up to four IntraCore 8000 switches may be connected within a stack. In each of the different configurations, bandwidth increases to meet the growth of traffic. Two Stack Configuration If you wish to add a single switch to create a stack of two, take the following steps. 1 Mount the second switch in the rack above the first switch, or place it on top of the first switch.
Installation and Setup 3 Connect the Stack Matrix module on the first switch to the Stack Connector modules on the other switches. Use the 50-pin stacking cables provided by Asanté, as shown in Figure 2-1. K Note: Do not use any cable but the IntraCore 8000 stacking cable supplied with your unit. If you need additional cables, contact Asanté support (see Appendix A, “Technical Support,” for details).
Installing Port Expansion Modules Installing Port Expansion Modules Up to three optional port expansion modules can be installed in the IntraCore 8000, in addition to a stack matrix module. (A stack matrix module is needed only if more than two units are stacked together. See “Stacking Switches.”) To install any combination of Gigabit Ethernet Switch (GBIC) modules and 8-port 10/100 Switch modules, use the following procedure.
Installation and Setup Installing GBIC Interfaces If you have installed Gigabit Ethernet switch modules, you must install GBIC interfaces. Instructions for installing, removing, and maintaining GBIC interfaces are provided in this section. K Note: GBICs are hot-swappable. Installing a GBIC To install a GBIC interface into a Gigabit Ethernet module: 1 2 Remove the GBIC from its protective packaging. 3 Slide the GBIC into the slot until you hear or feel a click.
Connecting Power GBIC Care and Handling Follow these GBIC maintenance guidelines: G Unnecessary removal and insertion of a GBIC can lead to its premature failure. A GBIC has a lifetime of 100 to 500 removals/ insertions. G GBICs are static-sensitive. To prevent ESD damage, follow your normal board and component handling procedures. G GBICs are dust-sensitive. When the GBIC is stored or when a fiber-optic cable is not plugged in, always keep plugs in the GBIC optical bores.
Installation and Setup Connecting to the Network The IntraCore 8000 unit may be connected to an Ethernet network, with the unit powered either on or off. Use the following procedure to make your network connections. 1 Connect network devices to the IntraCore 8000, following the cable guidelines outlined below. 2 After the unit is connected to the network, it can be configured for management capabilities. See “Configuring for Management” later in this chapter.
Configuring for Management 1000BaseX Ports Cabling Procedures Cabling requirements for the 2-port Gigabit Ethernet modules depend on which type of GBIC interface has been installed. Use the following chart to determine the cabling requirements for your GBIC. Connecting To Cable Required 1000BaseSX GBIC Cables with SC-type fiber connectors: 62.5 micron multimode fiber media up to 275 meters long, or 50 micron multimode fiber media up to 550 meters long.
Installation and Setup 2 When the IntraCore 8000 is connected to the network and is powered on, it automatically transmits a BootP request across the network (up to 10 times) until it receives a valid IP address from the BootP server. 3 After an IP address is received, the IntraCore 8000 can be managed via in-band access. For more information, see Chapter 3, “Configuration.” To verify that a valid IP address was received, try to ‘ping’ the IntraCore 8000.
Management Options Management Options The IntraCore 8000 can be managed using any of the following methods: Method Type Description Console Out-of-band management Local connection to the IntraCore 8000 via the console port Telnet (four sessions maximum) In-band management Remote connection over the network to the IntraCore 8000 via telnet session HTTP Server In-band management Remote connection to the IntraCore 8000 via a Web browser SNMP-Based Network Management Software In-band management R
Installation and Setup In-Band Management In-band network management allows you to configure, manage, and monitor the IntraCore 8000 over the Ethernet network. You can perform these functions by accessing the IntraCore 8000 via any of the following methods: G By connecting with a telnet program and using the Local Management Interface. G By connecting with any World Wide Web browser, and using the Web Management Interface.
Management Options Web Browser For information on managing the IntraCore 8000 with a Web browser, refer to Chapter 5, “Web Browser Management.” K Note: The Web Browser interface to the IntraCore 8000 is disabled by default. SNMP-Based Management For information on managing the IntraCore 8000 with SNMP-based management software, refer to Chapter 4, “Advanced Management,” and your SNMP software manual. The Asanté private MIB for the IntraCore 8000 is available from the Asanté ftp site, ftp.asante.
Installation and Setup Page 2-16
3 Configuration This chapter describes how to manage the IntraCore 8000 using the Local Management Interface via an out-of-band console connection or an in-band telnet connection.
Configuration Local Management Interface The IntraCore 8000 Local Management Interface is a menu-driven application that allows you to configure, manage, and monitor the IntraCore 8000 and each of the ports in its different modules. The Local Management Interface can be accessed via two methods: G Out-of-band connection to the Console port G In-band connection via Telnet (four sessions maximum) For instructions on how to connect to the IntraCore 8000, see “Management Options” on page 2-13.
Local Management Interface Main Menu After logging in, the Main Menu appears, as shown in Figure 3-1. ================================================================= IntraCore 8000 Local Management System Version 1.02D Compiled Date: Jun 23 2000 19:53:29 Asante Technologies, Inc. Copyright (c) 1999 Asante Technologies, Inc.
Configuration Viewing General Information The General Information Screen displays the current operating information of the IntraCore 8000, such as its name, IP address, and boot information. To view General Information, type g from the Main Menu. A screen similar to Figure 3-2 appears. IntraCore 8000 General Information System up for: 000days, 21hrs, 45mins, 45secs Software Version Bank 1 Image Version/Date: 1.10/Dec 7 1999 12:14:38 (Running) Bank 2 Image Version/Date: 1.
Viewing General Information Table 3-1 describes each parameter in the General Information screen. Setting Description System Up Time The amount of time the system has been running since last reset or power on. Bank 1 Image Version/ Date The version and compilation date of the runtime code that is stored in Bank 1. (Running) indicates code is currently active. Bank 2 Image Version/ Date The version and compilation date of the runtime code that is stored in Bank 2.
Configuration Configuration Menu The Configuration Menu allows you to manage and configure the IntraCore 8000 and each of its ports. To access the Configuration Menu, type c from the Main Menu. The Configuration Menu appears, as shown in Figure 3-3.
Configuration Menu Menu Item (Cont.) Description (Cont.) Bootstrap Configuration Allows you to change boot bank and method for loading switch software, or change downloading parameters. See page 3-11. SNMP Configuration Displays and allows you to change the SNMP (Simple Network Management Protocol) parameters of the IntraCore 8000; such as read/write community strings. See page 3-16.
Configuration System Administration Configuration The System Administration Configuration Menu displays and allows you to change the IntraCore 8000’s name, location, and contact information. To access the System Administration Configuration Menu, type a in the Configuration Menu. A screen similar to Figure 3-4 appears. IntraCore 8000 System Admin.
System IP Configuration 1 Open the System Administration Configuration Menu by typing a in the Configuration Menu. 2 Type the command letter of the item to be changed in the System Administration Configuration Menu. 3 At the prompt, type the information you want to change. See Table 3-3 for a description of each parameter. K Note: Each parameter is limited to 64 characters, including spaces. To cancel a selected option, press ctrl-c at the command prompt. 4 Press Return.
Configuration Current Settings Table 3-4 describes each setting on the System IP Configuration Menu. Setting Description System IP Address The IP (Internet Protocol) address of the IntraCore 8000. System Subnet Mask The filter that determines how the IntraCore 8000 IP address is split into network and host portions. System Default Router The IP address of the default router for the IntraCore 8000.
Bootstrap Configuration Bootstrap Configuration The Bootstrap Configuration Menu displays (and allows you to change) the bootstrap parameters used for loading the software for the IntraCore 8000 at startup, and for downloading a new version of software when one is issued. To access the Bootstrap Configuration Menu, type b in the Configuration Menu. If the Load Mode is set to Local, a screen similar to Figure 3-6 appears.
Configuration Loading Software Locally The IntraCore 8000 will always boot locally unless you set it to boot load remotely. It would then download the new image code and reset to load locally. 1 Open the Bootstrap Configuration Menu by typing b in the Configuration Menu. 2 Type a in the Bootstrap Configuration Menu if you need to toggle the Boot Bank setting for the next boot. Typically, you will want to set the boot bank to be the one on which the latest version of the Image resides.
Bootstrap Configuration Loading Software Remotely To set the IntraCore 8000 to download its software over the network from a remote server, use the following procedure. 1 Open the Local Bootstrap Configuration Menu by typing b in Configuration Menu. 2 Open the Remote Bootstrap Configuration Menu by typing r in the Local Bootstrap Configuration Menu. The menu appears, as shown in Figure 3-7.
Configuration Current Settings Table 3-5 explains each setting on the Remote Bootstrap Configuration Menu. Setting Description Running Image Version/ Date The version and compilation date of runtime code that is currently running on the IntraCore 8000. Load Mode The current method for loading software for the IntraCore 8000. Remote — Loads the image file from a server on the network.
Bootstrap Configuration 3 Type b to set the Boot Mode to BootP-TFTP, or type t to set Boot Mode to TFTP only. If you choose BootP-TFTP mode, the options for setting the IP Address of the TFTP server and the Boot File Name become unavailable; in this case, skip Steps 4-7 and go on to Step 8. 4 Type s in the Bootstrap Configuration Menu, to select the option Set Boot Server IP Address. 5 At the prompt, type the IP address of the remote boot server that contains the switch’s software image file.
Configuration SNMP Configuration The SNMP Configuration Menu allows you to configure the unit’s read and write community strings, and to enable or disable authentication traps. This menu also allows you to specify which of your network management stations will receive traps from the IntraCore 8000. The s option in the Configuration Menu displays the SNMP (Simple Network Management Protocol) Configuration Menu, as shown in Figure 38.
SNMP Configuration Current Settings Table 3-6 describes each setting on the SNMP Configuration Menu. Setting Description SNMP Read Community The string that defines access rights for reading SNMP data objects. The default is public. SNMP Write Community The string that defines access rights for writing SNMP data objects. The default is private. Trap Authentication The status of the SNMP agent for authentication trap generation. The default is disabled.
Configuration Enabling Authentication Traps The IntraCore 8000 can be set to generate authentication traps. Authentication traps are messages sent across the network to an SNMP network management station. They alert you when someone attempts to read or change data without the proper community string. To set the IntraCore 8000 to generate traps, use the following procedure. 1 Open the SNMP Configuration Menu by typing n in the Configuration Menu. 2 To toggle trap authentication to Enabled, type a.
Port Configuration Deleting a Trap Receiver Use the following procedure to delete a trap receiver you have previously designated. 1 Open the SNMP Configuration Menu by typing n in the Configuration Menu. 2 Type d to Delete a Trap Receiver. A prompt for the entry of the trap receiver appears. 3 Enter the number of the entry you want to delete (1,2,3, or 4) and press Return. The trap receiver is deleted from the SNMP Trap Receivers list.
Configuration IntraCore 8000 Basic Port Configuration Module: [1] Port: [01] Operating Status: +---+--- -------Auto Negotiation: ******** ******** Speed/Duplex: HHHHFHHH HHHHHHHH Port Status: Enabled Auto-Neg: Enabled[ABCD] h t u l d o r a g q MenuModule Type: [24-100TX/RJ45] -------******** HHHHHHHH -XXXXXXX -XXXXXXX GXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX Link Status: Up (RJ45-TX) Link Speed: 100 Mbps (Half Duplex) Help for legends Toggle Port Status Enable/Disable Toggle Auto-Negoti
Port Configuration Viewing Legends for Configuration Settings To see legends explaining the symbols used for both the Basic and Global Port Configuration Menu settings, type h. A screen appears, as shown in Figure 3-11.
Configuration Current Port Settings The current module and port for which statistics are displayed is shown in the top right corner of the Port Configuration Menu. Table 3-7 describes each setting on the Port Configuration Menu. Setting Description Module Number The number of the module of which the selected port is a member. Module Type Code for the type of module: 24-100TX, or 2-GBIC: See Figure 3-9 for the full names of each module type.
Port Configuration 1 Access the Port Configuration Menu by typing p in the Configuration Menu. 2 3 Choose a module in the System Module Map. 4 To toggle the port’s connection to either enabled or disabled status, type t. To select the port you want to enable or disable, type s, n, or p in the Basic Port Configuration Menu. The port’s status is changed immediately, and it is reflected in the Port Configuration Menu’s Port Status indication and the Operating Status symbol for the port.
Configuration Configuring a Port Manually If you have changed the Auto Negotiation status of a port to Manual, as described in the previous section, you can toggle the link speed from 10Mbps to 100Mbps and back, and toggle the port from half to full duplex and back. Toggling Port Link Speed Use the following procedure to toggle the port’s link speed. 1 Access the Port Configuration Menu by typing p in the Configuration Menu. 2 3 Choose a module in the System Module Map.
Port Configuration The duplex mode is changed immediately, and the change is reflected in the Link Speed/Duplex line near the top of the Port Configuration Menu. Configuring 1000BaseX Ports Because 1000BaseX ports are always in full duplex mode, the only configuration option for 1000BaseX ports is enabling and disabling the port. To access the Port Configuration Menu for 1000BaseX ports, type p in the Configuration Menu. The System Module Map appears, as shown in Figure 3-9.
Configuration Enabling or Disabling a Port Enabling or disabling a port is a manual operation. You can enable or disable a port to isolate network devices that may be causing problems on the network or to prevent unauthorized use of a port or station. To enable or disable a port, use the following procedure. 1 Access the Port Configuration Menu by typing p in the Configuration Menu. 2 3 Choose a module in the System Module Map.
Advanced Port Configuration Advanced Port Configuration The Advanced Port Configuration Menu allows you to control the port broadcast and multicast rate, to enable or disable 802.3x flow control, and to set the default priority of the port. To access the Advanced Port Configuration Menu, from the Configuration Menu, type p to access the System Module Map, then select the module you want to configure. From the Port Configuration Menu, type a.
Configuration Advanced 1000BaseX Port Configuration IntraCore 8000 Basic Port Configuration Menu Module: [1] Port: [1] Port 1 =========== Flow Ctrl: SX-LinkUp (Forwarding) Priority: 1 Max. Broadcast Rate: Max. Multicast Rate: 802.3x Flow Control: Port Default Priority: h r f i q Module Type: (2-GBIC) Port 2 =========== SX-LinkDown 1 N/A N/A Enabled 1 Help for legends Set Max. Broadcast/Multicast Rate Toggle 802.
Advanced Port Configuration Current Settings The settings shown in the top portion of the Advanced Port Configuration Menu are described in Table 3-8. Setting Description Module Number The number of the module of which the selected port is a member. Module Type Code for the type of module: 24-100TX, 2-GBIC, or 8-100FX. See Figure 3-9 for the full names of each module type. Operating Status This field displays status symbols for each of the current module’s ports.
Configuration 4 Use s, n, or p to select the port for which you want to set the broadcast or multicast rate. 5 Type r to set the maximum broadcast or multicast rate for the selected port. 6 Enter the rate for broadcast or multicast and press Return. The new maximum rate is displayed on the Advanced Port Configuration Menu. Enabling or Disabling 802.3x Flow Control Use the following procedure to control traffic and avoid congestion, such as when there is a shortage of buffer resources for the port.
Global Port Configuration Setting Port Default Priority Use the following procedure to set the priority for a port. This priority setting determines the order in which the port forwards packets. Each port is associated with a traffic class: zero (0) is the lowest, and the default priority level. Seven (7) is the highest priority level. 1 Access the Port Configuration Menu by typing p in the Configuration Menu. 2 3 Choose a module in the System Module Map.
Configuration 10/100BaseTX ports or 1000BaseX ports, as shown in Figure 3-15 and Figure 3-16.
Unicast Forwarding Database Configuration Follow the procedures in the “Port Configuration” and “Advanced Port Configuration” sections of this chapter. Unicast Forwarding Database Configuration The Unicast Forwarding Database Configuration Menu allows you to view and search for addresses in the IntraCore 8000’s MAC Forwarding Table. It also provides options for displaying MAC addresses and IP/MAC binding by individual port or by VLAN.
Configuration Current Settings Table 3-9 explains each setting on the Forwarding Database Configuration Menu. Setting Description Age-out Time The number of seconds that addresses are retained in the table. The default is 300 seconds. The range is from 10 to 1,000,000. MAC Address Count The number of entries currently in the MAC Address Table. IP Address Count The number of entries in the MAC Address Table that contain a corresponding IP address.
Unicast Forwarding Database Configuration The Type field refers to the type of MAC address. The Type setting may be: G S —þstatic (set by management, and will not age out) G D — dynamic (learned by the switch; will be aged out) G M — multiple (associated with multiple IP addresses, as in the case of a router) G I — Self (the IntraCore 8000’s MAC address) The Pri field refers to the priority setting for the port. The Age field indicates the amount of time remaining before an entry ages out.
Configuration Module: [1] Port: [6] Entry Type [T]: (D = Dynamic, S = Static, M = Multiple, I = Self) +-+-+-+-----------------+----------------+ |M|P|T| MAC Address | IP | +-+-+-+-----------------+----------------+ 1 6 D 00:00:94:10:80:1D 199.35.192.185 1 6 D 00:E0:52:01:44:46 199.35.192.189 1 6 D 00:00:94:A2:DE:56 199.35.192.181 1 6 D 00:00:94:7A:CF:48 199.35.192.188 1 6 D 00:00:94:92:F1:A8 199.35.192.182 - - I 00:00:94:8E:F2:CC 199.35.192.187 1 6 D 00:00:94:5D:E0:41 199.35.192.
Unicast Forwarding Database Configuration If the address is located, it is displayed, with its associated information, as shown in Figure 3-20. If the address is not located, a message appears, stating this. The MAC Address Search Summary ============================== Module: 1 Port: 6 Type: Dynamic Age: 200 Priority: 0 MAC Address: 00:00:94:11:12:13 IP Address: 192.168.54.111 press any key to continue...
Configuration Image File Downloading Configuration The Image File Downloading Configuration Menu allows you to upgrade your IntraCore 8000 system easily, using either TFTP or X/Y/Z modem protocol. Type f in the Configuration Menu to see the Image File Downloading Configuration Menu, as shown in Figure 3-21.
Image File Downloading Configuration Image Downloading Through TFTP To download a new image file in-band through TFTP, type t in the Image File Downloading Configuration Menu (option g in the Configuration Menu). A screen similar to Figure 3-22 appears. IntraCore 8000 TFTP File Downloading Menu Bank 1 Image Version/Date Bank 2 Image Version/Date File Type: Server IP: File Name: Retry Count: Destination Bank: s f d b r a q 1.00T/May 07 1999 11:34:46 1.00U/Jul 29 1999 15:55:34 (Running) Image 192.
Configuration Table 3-10 describes each setting on the TFTP Image Downloading Menu. Setting Description Bank 1 Image Version/ Date The version number and compilation date of runtime code that is stored in memory bank 1 on the IntraCore 8000. Bank 2 Image Version/ Date The version number and compilation date of runtime code that is stored in memory bank 2 on the IntraCore 8000. The (Running) designation indicates that the runtime code is currently running on this bank.
Image File Downloading Configuration Performing a Software Upgrade at Runtime The software image file must be downloaded from a server on your network that is running a TFTP server application. I Important: Make sure the IntraCore 8000 is configured with an IP address. For details, see “Changing System IP Information” earlier in this chapter. To upgrade the IntraCore 8000 software via TFTP, use the following procedure.
Configuration 10 Type q to return to the Image File Downloading Menu. Serial Downloading Configuration The X/Y/Z Modem Image File Downloading Menu lets you download a new software image file for the IntraCore 8000 without interrupting the current operation. To download a new image through the IntraCore 8000 management module’s serial (console) port, type x in the Image File Downloading Configuration Menu. The X/Y/Z Modem Image File Downloading Menu appears, as shown in Figure 3-23.
Image File Downloading Configuration Current Settings Table 3-11 describes the settings shown in the X/Y/Z Modem Image File Downloading Menu. Setting Description Bank 1 Image Version/ Date The version number and compilation date of runtime code that is stored in memory Bank 1 on the IntraCore 8000. Bank 2 Image Version/ Date The version number and compilation date of runtime code that is stored in memory Bank 2 on the IntraCore 8000.
Configuration Current Baud Rate: 9600 bps Please select one from the following baud rate settings, or press any other key to quit: WARNING: The user must use the same baud rate setting of the terminal after he/she confirms to change the baud rate setting of the console in order to work correctly.
System Reset Configuration 7 Type d to download to the selected destination bank or b to download and reset. 8 Type q to return to the previous menu after performing a successful download. System Reset Configuration The System Reset Configuration Menu allows you to reset the IntraCore 8000 by performing a “warm” reboot. It also allows you to schedule a reset up to 24 hours in advance. To reset the IntraCore 8000, type r in the Configuration Menu. A screen similar to Figure 3-25 appears.
Configuration Current Options Table 3-12 describes the settings shown in the System Reset Configuration Menu. Option Description Schedule Reset Time Number of seconds until the scheduled reset. Cancel Reset Stops the scheduled reset. Reset Switch Performs a warm reboot to reset the IntraCore 8000 immediately. Reset Switch to Factory Default Resets the IntraCore 8000 to the original factory settings.
Viewing the System Log Scheduling a System Reset You can schedule the IntraCore 8000 to automatically perform a reset from one second up to 24 hours (86,400 seconds) in advance. To schedule a reset, use the following procedure. 1 Open the System Reset Menu by typing r in the Configuration Menu. 2 Type s to schedule a reset time (within the specified range). 3 Enter the number of seconds the IntraCore 8000 will wait before it automatically resets.
Configuration IntraCore 8000 System Log Menu l c q Display System Log Clear System Log Return to previous menu Command> Figure 3-26 System Log Menu 2 Type d to display the current system log, as shown in Figure 3-27. IntraCore 8000 System Log Summary ==================================================================== No. D: H: M: S Event 1. 000:00:00:00 Reset NVDB sections to factory default 2. 000:00:00:07 Spanning Tree Task Disabled 3. 000:00:32:53 Spanning Tree Task Enabled 4.
User Interface Configuration 2 Type c to clear the current System Log. New entries will begin to accrue as events occur. User Interface Configuration The User Interface Configuration Menu lets you set the idle time-out periods for both the console and telnet user interfaces, change the password used for logging in to the Local Management Interface, and enable or disable the Web server. To display the User Interface Configuration Menu, as shown in Figure 3-28, type u in the Configuration Menu.
Configuration Setting Description HTTP Server Status Enabled or Disabled. Telnet Session Status Inactive or Active, depending on whether session is in progress. Telnet Session Source IP The IP address of the device being used for telnet management.
User Interface Configuration Setting Console Idle Time-out Period Use the following procedure to set the console idle time-out. 1 Type c in the User Interface Configuration Menu. A prompt for the number of minutes is displayed. 2 Enter the desired idle time-out in minutes. K Note: The default time-out is 5 minutes. Range for time-out is 0-60 minutes (0 indicates no time-out). To exit without making any changes, press ctrl-c. 3 Press Return.
Configuration To change the current Local Management Interface or Web-based Interface password, use the following procedure. 1 2 3 Type p in the User Interface Configuration Menu. Type the password you have been using at the prompt. Type a new password at the “Enter Current Password” prompt. I Important: The password is case-sensitive. The password can be up to a maximum of 20 characters in length. The password characters can be any ASCII code. 4 5 Press Return.
Viewing Statistics 1 Type s in the Local Management Interface Main Menu. The System Module Map is displayed, as shown in Figure 3-29.
Configuration IntraCore 8000 Port Statistics Counters Elapsed Time Since Up: Total RX Pkts Dropped Pkts Good Multicast Oversize Pkts Fragments Collisions 64-Byte Pkts 128-255 Pkts 512-1023 Pkts 1474 185 6 0 0 0 283 12 0 r t q since reset stop refresh quit Module: 2 Port: 1 000:00:00:55 26 3 0 0 0 0 5 0 0 x v g
Viewing Statistics IntraCore 8000 Port Statistics Counters Elapsed Time Since Reset: Total RX Pkts Dropped Pkts Good Multicast Oversize Pkts Fragments Collisions 64-Byte Pkts 128-255 Pkts 512-1023 Pkts u t q Module: 2 Port: 1 000:00:00:55
Configuration Page 3-56
4 Advanced Management This chapter describes advanced topics for management of the IntraCore 8000: G Spanning Tree Protocol G SNMP and RMON Management G Security Management G VLAN Management G Multicast Management Spanning Tree Protocol The Spanning Tree Protocol (STP) is a part of the IEEE 802.1D standard that provides for redundancy in a bridged LAN by allowing multiple links between points in the LAN.
Advanced Management How It Works All bridges on the network communicate with each other using special packets called Bridge Protocol Data Units (BPDUs). The information exchanged in the BPDUs enables bridges on the network to: G Elect a single bridge to be the root bridge. G Calculate the shortest path from each bridge to the root. G Select a designated bridge on each segment, which lies closest to the root and forwards traffic to the root.
Spanning Tree Protocol Configuring Spanning Tree Parameters To view the Spanning Tree Configuration Menu, as shown in Figure 4-1, type s in the Configuration Menu. IntraCore 8000 Spanning Tree Configuration Menu STP Status: Bridge ID: Enabled 8000 0000948EF37B Designated Root: Root Port: Root Path Cost: 0001 00503EA8B000 Module: 3 Port: 8 110 Hello Time: Maximum Age: Forward Delay: 2 Sec. 20 Sec 15 Sec. t i h a d p q Bridge Hello Time: Bridge Maximum Age: Bridge Forward Delay: 2 Sec. 20 Sec.
Advanced Management Maximum Age Each bridge should receive regular configuration BPDUs from the direction of the root bridge. If the maximum age timer expires before the bridge receives another BPDU, it assumes that a change in the topology has occurred, and it begins recalculating the spanning tree. Forward Delay After a recalculation of the spanning tree, the Forward Delay parameter regulates the delay before each port begins transmitting traffic.
Spanning Tree Protocol Current STP Settings The following settings are displayed in the Spanning Tree Configuration Menu, as shown in Figure 4-1. Setting Description STP Status Whether spanning tree protocol is currently enabled or disabled. Bridge ID The Bridge Identifier of this bridge. The first part of the Bridge ID is the Bridge Priority. (If the Bridge ID is shown as 8000 000094EE5080, the 8000 is the Bridge Priority. The remainder is the MAC address of this bridge, which cannot be changed.).
Advanced Management Spanning Tree Port Configuration To set the Port Priority and Port Path Cost values for STP, access the Spanning Tree Port Configuration Menu shown in Figure 4-2 by typing p in the Spanning Tree Configuration Menu. IntraCore 8000 Spanning Tree Port Config.
SNMP and RMON Management Use the following procedure to set the STP Port Priority and Path Cost values. 1 Access the Spanning Tree Port Configuration Menu by typing p in the Spanning Tree Configuration Menu. 2 Use the m, x, and v commands to select the module with the port you want to configure. 3 Use the s, n, and p commands to select the port you want to configure. 4 Type i to set the Port Priority. Type c to set the Port Path Cost. 5 6 Enter a value for the setting you are making.
Advanced Management RMON Management Remote Network Monitoring (RMON) allows the network manager to gather data on the network’s traffic for future retrieval. RMON is an Internet Standard defined in RFC1757. Using RMON, a network monitor (also called a probe) listens to traffic on the network and gathers statistics that may be retrieved later by a network management station using SNMP, as described in the previous section.
Security Management event. For information on configuring trap receivers, see “SNMP Configuration” in Chapter 3. Security Management The IntraCore 8000’s security management options are summarized in Table 4-2. Security Option Duplicated IP Detection (Monitoring) Description Action Detects the use of a single IP address by two stations. Detects and logs MAC addresses of both stations and the ports they accessed.
Advanced Management To access the Security Management Menu, type t in the Configuration Menu. A screen similar to Figure 4-3 appears.
Security Management Duplicated IP Detection and Trap The duplicated IP detection and duplicated IP trap security measures allow you to monitor the use of a single IP address by two stations. If you enable duplicated IP detection, the switch starts monitoring the broadcast Address Resolution Protocol (ARP) traffic from all of its ports, to detect duplicated IP address conditions. When duplicate IPs are used on the system, the MAC addresses of both stations and the ports they accessed are logged.
Advanced Management similar to Figure 4-4. Duplicated-IP List +---------------+------------------+-+-+-------------------+-+-+ | IP Address | Owner MAC |M|P| Spoofer MAC |M|P| +---------------+------------------+-+-+-------------------+-+-+ 192.203.54.222 00:00:94:00:00:01 1 1 00:00:94:00:00:02 1 2 192.203.54.223 00:00:94:00:00:04 1 3 00:00:94:00:00:02 1 2 192.203.54.224 00:00:94:00:00:05 1 4 00:00:94:00:00:02 1 2 Press to Quit, or, press any key to continue...
Security Management Configuring Port Security To access the Port Security Configuration Menu, type t in the Configuration Menu to access the Security Management Menu, then type p to access the Port Security Configuration Menu. A screen similar to Figure 4-5 appears.
Advanced Management Setting Description Port Security Type Level of port security enabled. There are three levels of security: • New node detection trap (security level 1) • Trusted MAC address forwarding with port lock (security level 2) • Trusted MAC address forwarding with intruder lock (security level 3) Port New Node Detect Trap Status Whether port new node detect trap is currently enabled or disabled.
Security Management 1 From the Configuration Menu, type t to access the Security Management Menu. 2 Type p to access the Port Security Configuration Menu, as shown in Figure 4-5. 3 4 5 Select u to Set/Clear port security. 6 Type 1 for Port Security Level 1. Type s to set security. Type the numbers of the ports for which you want to set the security.
Advanced Management K Note: The three security levels are mutually exclusive; a port can have either security level1, level2, or level 3, but never a combination of security levels. To configure security level 2 or 3, you must specify the port-trusted MAC address. You can either specify the address directly, or direct the system to trust the address of the first station that addresses the port.
Security Management trusted MAC address. If you type 2, you will be prompted to enter the address as follows: xx:xx:xx:xx:xx:xx where the values are hexadecimal, separated by colons. Setting the Intruder Trap If you set security level 2 or 3, you should also ensure the Intruder Trap is set. Enabling this trap directs the system to send an alert to the designated trap receiver when an intruder tries to access the port. 1 From the Configuration Menu, type t to access the Security Management Menu.
Advanced Management VLAN Management A virtual LAN, or VLAN, is a logical grouping that allows stations to communicate as if they were physically connected to a single LAN, independent of the actual physical configuration of a network. The IntraCore 8000 supports port-based VLANs, in compliance with the IEEE 802.1Q standard. The following subsections describe the concepts and details needed to configure and manage VLANs on IntraCore switches.
VLAN Management Other VLAN Features in IntraCore 8000 G VLAN management security G VLAN MAC address insertion and removal G Console UI management of VLANs G Web interface management of VLANs The management operations allowed are: G Creation G Deletion G Name configuration G VID change configuration G Adding and deleting port members G Adding and deleting untagged sets G Sharing and unsharing VLANs G Inserting and removing MAC addresses G Toggling management access Overview of VLAN
Advanced Management A VLAN localizes flooded traffic to parts of LAN segments rather than to a whole LAN. VLANs offer a simple and efficient solution that enhances network performance, bandwidth utilization, and network security by localizing flooded traffic. Port-based VLANs are the simplest of many VLAN approaches that solve the problem of unnecessary flooding. A port-based VLAN allows the administrator to assign individual ports on a switch to a VLAN.
VLAN Management PVID A tagged port’s VLAN ID (range is 1 to 4094) STP Spanning Tree Protocol Tagged Frame Frame with 802.1Q VLAN tag header Untagged Frame Frame either without a tag header, or with this header and with VID = 0 VID VLAN ID (range is 1 to 4095) VLAN Groups A VLAN group is the sum total of ports on a switch that are assigned to a specific VLAN. IntraCore 8000 supports 64 manually-configurable VLANs on the network. Each switch maintains its own list of VLAN indexes between 1 and 64.
Advanced Management Port members can be added to and deleted from a VLAN Group via the VLAN Management Menu (see “Configuring Static VLAN Groups”). When you add it to a VLAN, you configure a port to determine its participation in the VLAN. The VLAN Untagged Set. When you add a port member to a VLAN, it is added to the untagged set by default. This means the frames sent out on this port will be untagged.
VLAN Management By default, independent learning of addresses is enabled. Under independent learning, all addresses learned in a VLAN are stored in an address table for that VLAN only, and all forwarding decisions for that VLAN are made by consulting that table. This can sometimes cause unexpected results if a port is a member of more than one VLAN. For example, assume a port is a member of VID 1 and VID 2, and VID 1 has already learned MAC address X.
Advanced Management Switch 1 Switch 2 1 2 3 4 5 1 6 5 4 3 2 E-1 VID 2 VID 2 E-5 E-2 VID 3 VID 3 E-6 E-3 E-7 VID 4 VID 4 E-4 E-8 E-9 Figure 4-6 An Inter-Switch Link The configuration of the ISL ports and the other ports on each switch will determine how tagged frames are transmitted across the switches.
VLAN Management E-8. And because port 1 only accepts tagged frames, any untagged frames from E-9 will not cross from switch 2 to switch 1. If you want VLAN 2 to pass frames to and from E-9, you need to configure the ISL differently.
Advanced Management Configuring VLAN Management To access the VLAN Management Menu, type v in the Configuration Menu. A screen similar to Figure 4-7 appears. IntraCore 8000 VLAN Management Menu VLAN Version: Max. Supported VLAN ID: Number of VLANs Configured: g s p d m f r q 1 4094 1 VLAN Type: Port Based Max.
VLAN Management Configuring Static VLAN Groups To access the VLAN Group Static Configuration Menu, type v in the Configuration Menu to access the VLAN Management Menu, then type s to access the VLAN Group Static Configuration Menu. A screen similar to Figure 4-8 appears.
Advanced Management Current Settings Table 4-6 describes each setting on the VLAN Group Static Configuration Menu screen. Setting Description VLAN Index The VLAN Index of the VLAN group for which the information on the screen applies. The index is maintained by the system, and is not necessarily the same as the VID. Port List Shows each port’s current membership status for this VLAN group. VID VLAN ID. FID Filtering ID. Created By Creator of this VLAN group; either Mgmt or GVRP.
VLAN Management 4 Enter the modules and ports to assign to the VLAN. You specify module and port separated by a colon. For example, 1:8 assigns port 8 to module 1. You can make more than one assignment, separated by commas; 1:8, 2:8 assigns port 8 to modules 1 and 2. You can also assign ranges and lists of ports to a module; 1:1-3, 8, 2:4-7 assigns ports 1, 2, 3, and 8 to module 1, and ports 4, 5, 6, and 7 to module 2. See Help for more information about specifying modules and ports.
Advanced Management Deleting Port Members To delete ports as members of the VLAN, from the VLAN Group Static Configuration Menu, type d. Follow the instructions on the screen to enter the modules and ports to assign to the VLAN. Deleting a port from a VLAN does not affect the port’s status on any other VLAN. Moving Ports to This VLAN To move ports to this VLAN, from the VLAN Group Static Configuration Menu, type m. Follow the instructions on the screen to enter the modules and ports to assign to the VLAN.
VLAN Management Current Settings Table 4-6 describes each setting on the Advance Group Static Configuration Menu screen. Setting Description VLAN Index The VLAN Index of the VLAN group for which the information on the screen applies. The index is maintained by the system, and is not necessarily the same as the VID. Port List Shows each port’s current membership status for this VLAN group. VID VLAN ID. FID Filtering ID. Created By Creator of this VLAN group; either Mgmt or GVRP.
Advanced Management that VLAN only, and all forwarding decisions for that VLAN are made by consulting that table. When shared learning is enabled, a single forwarding table is used by all VLANs that are members of the shared group. (For more information, see “Independent vs. Shared Learning.”) To enable shared learning for a VLAN, type v in the Advance Group Static Configuration Menu. Then enter the index of the VLAN with which you want to share. You can repeat this procedure to share with multiple VLANs.
VLAN Management Configuring VLAN Port Attributes To access the VLAN Port Configuration Menu, type v in the Configuration Menu to access the VLAN Management Menu, then type p to access the VLAN Port Configuration Menu. A screen similar to Figure 4-10 appears.
Advanced Management Current Settings Table 4-8 describes each setting on the GVRP Port Configuration Menu screen. Setting Description Module The IntraCore 8000 module for which the information on the screen applies. Port The port for which the information on the screen applies. Port VLAN Membership Info Shows each VLAN index’s current membership status for this port. Port VLAN ID (PVID) This port’s VLAN ID.
VLAN Management For ports that are members of more than one VLAN, received frames are assigned as follows: G A tagged frame is forwarded to the VLAN matching the VID in the tag field of the frame G An untagged frame is forwarded to the VLAN matching the PVID To set the VLAN ID for the port, from the VLAN Port Configuration Menu, type i. Follow the instructions on the screen.
Advanced Management Enabling and Disabling Port GVRP Status To enable or disable GVRP on the port, from the VLAN Port Configuration Menu, type g to toggle the port’s GVRP status. K Note: For GVRP to be active, GVRP must be active for the system. See “Enabling and Disabling System GVRP” for instructions. Configuring Inter-Switch Links An inter-switch link (ISL) is a port that connects VLANs from two different switches; it’s the means to share VLAN information between switches on a network.
VLAN Management 3 Once you select a VLAN, type a. Then enter the module and port to assign to the VLAN. You specify module and port separated by a colon. For example, 1:8 assigns port 8 of module 1. 4 Repeat steps 2 and 3 for each VLAN that is part of the ISL. Configuring Tagging for the ISL Port on Each VLAN You specify tagging for a port in the Advance Group Static Configuration Menu.
Advanced Management Displaying a Summary of VLAN Groups To view a summary of VLAN groups, type v in the Configuration Menu to access the VLAN Management Menu, then type d to access the VLAN Group Summary. A screen similar to Figure 4-11 appears.
VLAN Management To view the summary for other modules, type a command as shown at the bottom of the screen. Displaying a VLAN FID-VID Association Summary To view a summary of the FIDs and their associated VIDs, type v in the Configuration Menu to access the VLAN Management Menu, then type f to access the VLAN FID-VID Association summary. A screen similar to Figure 4-13 appears.
Advanced Management For example, assume a three-switch network that includes three VLANs; VID 1, VID 2, and VID 3. Also assume that the switches (A, B, and C) are configured with the VLAN groups shown in Figure 4-14. In this case, switch A and switch C both include VLAN #2 in their VLAN groups. However, the VLAN traffic must cross switch B. Using GVRP, switches A and C can register their interest in VLAN #2 with switch B.
VLAN Management Current Settings Table 4-9 describes each setting on the GVRP Configuration Menu screen. Setting Description System GVRP Whether GVRP is currently enabled or disabled on the system. VLAN ID The VLAN ID of the VLAN group for which the information on the screen applies. Port List Shows the current membership status of each port to this VLAN group.
Advanced Management Configuring VLAN Forbidden Sets Each switch keeps a list of ports that are not to be added to a VLAN by GVRP. You specify the set of forbidden portsper VLAN. To access the VLAN Forbidden Set Configuration Menu, type f from the GVRP Configuration Menu. A screen similar to Figure 4-16 appears. Use the commands at the bottom of the menu to select a VLAN.
VLAN Management Configuring Registration Fixed Sets To access the VLAN Registration Fixed Set Configuration Menu, type r from the GVRP Configuration Menu. A screen similar to Figure 4-17 appears.
Advanced Management Multicast Traffic Management Multicast traffic is a means to transmit a multimedia stream from the internet (a video conference, for example) without requiring a TCP connection from every remote host that wants to receive the stream. The stream is sent to the multicast address, and from there it’s propegated to all interested parties on the internet.
Multicast Traffic Management routing protocol, such as Protocol-Independent Multicast (PIM), routers maintain forwarding tables that they use to forward multicast datagrams. Packets delivered to members of the multicast group are identified by a single multicast group address. Any host, regardless of whether it is a member of a group, can send to a group. However, only the members of a group receive the message. Membership in a multicast group is dynamic; hosts can join and leave at any time.
Advanced Management set its priority queues to the correct values for the Quality of Service requested. For more information about RSVP, see RFC 2205 -- Resource ReserVation Protocol (RSVP) -- Version 1 Functional Specification Configuring Multicast Traffic Management The Multicast Traffic Management Menu allows you to set up group transmission. To access the Multicast Traffic Management Menu, type c in the Configuration Menu. A screen similar to Figure 4-18 appears.
Multicast Traffic Management Current Settings Table 4-10 describes each setting on the Multicast Traffic Management Menu. Setting Description Multicast Group Address Count The number of multicast group addresses in the forwarding table. GMRP Status Whether GMRP is enabled or disabled. IGMP Snooping Whether IGMP Snooping is enabled or disabled. Multicast Policy [RSVP]-based QOS Whether ‘RSVP]-based QOS is enabled or disabled.
Advanced Management +-------------------+-------+-----+------------------| Group MAC Address | VID | Pri | Action +-------------------+-------+-----+------------------01:00:5E:12:34:56 0001 0 Mgm Action 01:00:5E:78:90:12 0001 0 Mgm Action End of Summary, Quit Figure 4-19 Summary of Group Addresses Multicast Forwarding Database Configuration The Multicast Forwarding Database lists addresses of multicast groups, and assigns them to specific VLANs.
Multicast Traffic Management Adding ports to the Selected Address To add or delete ports belonging to the multicast group: 1 Select the VLAN that contains the ports and the address. Type v and follow the instructions. 2 Select the Multicast Group address. Type s and follow the instructions. 3 Type o and follow the instructions. Inserting a Multicast Group Address Inserting an address adds the address to the list of Multicast Groups for the current VLAN. The addresses begin 01:00:5e.
Advanced Management Page 4-50
5 Web Browser Management This chapter tells how to manage the IntraCore 8000 by means of a Web browser, using Web pages to monitor and configure the switch. Most of the options and functions provided by Web browser management are similar to those of the Local Management Interface. For additional details about managing the IntraCore 8000, refer to Chapter 3, “Configuration,” and Chapter 4, “Advanced Management.” K Note: The Web Browser interface to the IntraCore 8000 is disabled by default.
Web Browser Management Figure 5-1 Web Browser Management Overview page The Web Browser Management Overview page contains a sidebar with nine management option buttons, and a view of the IntraCore front panel that displays real-time IntraCore 8000 operating information.
Management Buttons Management Buttons The buttons on the left provide the following options: G Front Panel G Genl Info (General Information) G Statistics G Port Config (Port Configuration) G Span Tree (Spanning Tree Protocol Configuration) G SNMP (Simple Network Management Protocol) G Addr Table (IP/MAC Address Table) G VLAN (Virtual LAN Configuration) G Duplicate IP (Duplicate IP Trap Log) The following sections describe and explain the pages that are displayed when you click each of the
Web Browser Management Port Selector Feature If you point the cursor to a port connector and click the mouse, a portspecific page is displayed, which shows the selected port’s configuration and traffic statistics.
Genl Info (General Information) Button Genl Info (General Information) Button This button opens the IntraCore’s General Information page. The page has six sub-levels, which are listed at the top of Figure 5-3. The General Information fields are described fully in “User Interface Configuration” in Chapter 3. Figure 5-3 General Information page The first two sub-levels, Software Version and Administrative Information, are displayed on the opening page.
Web Browser Management Statistics Button This button opens the Statistics page, which presents a graphical image of the IntraCore statistics, as shown in Figure 5-4. On this page, the user can view system statistics since the last system reset. For a description of the statistics counters, see “Viewing Statistics” on page 3-52. Figure 5-4 Statistics - Bar Chart The following features allow you to modify the statistics bar chart.
Statistics Button ment counters were last reset or cleared. G Reset – Clears the counters for future samplings. G Counters – Displays the statistical counters of the associated view, since up or since reset, as shown in Figure 5-6 and Figure 5-7. K Note: You may also view a summary of the frames per port by placing the cursor on the desired bar.
Web Browser Management In Figure 5-6, a summary of the counters for a port is displayed in table format. Figure 5-6 Summary of counters for a port In Figure 5-7 the counters for a port are displayed in bar graph form.
Statistics Button Figure 5-7 Bar graph of counters for a port Page 5-9
Web Browser Management Port Config (Port Configuration) Button This button opens the Port Configuration page, which provides a comprehensive overview of the status of each port on the IntraCore, as shown in Figure 5-8. The configuration page for any individual port can be accessed by single clicking on the associated blue number in the right or left hand margin.
Span Tree (Spanning Tree) Button Span Tree (Spanning Tree) Button This button opens the Spanning Tree Protocol (STP) Configuration page, which shows the STP Configuration of the IntraCore, as shown in Figure 59. STP configuration is explained in Chapter 4, “Advanced Management.” Click the STP Port Configuration button to display the STP Configuration settings for each port.
Web Browser Management SNMP Button This button displays the SNMP (Simple Network Management Protocol) page, as shown in Figure 5-10. See “SNMP Configuration” in Chapter 3 for an explanation of SNMP settings.
Addr (Address) Table Button Addr (Address) Table Button The Addr Table button opens the MAC and IP Address Table page, which displays two tables, as shown in Figure 5-11. The top table displays the counts of IP and MAC addresses for each port. The lower table displays IP and MAC addresses for either a particular port, or all ports. The display for all ports is shown in Figure 5-11. The activity status (Entry) and VLAN segment (VSEG) are also displayed for each device.
Web Browser Management VLAN Button This button opens the VLAN Groups page, as shown in Figure 5-12. The page shows the modules of the IntraCore 8000, and the ports that are assigned to the currently selected VLAN. There is also a panel that shows the VID of each VLAN on the current switch; to select a VLAN, click the appropriate VID. For information about VLANs, see Chapter 4. Figure 5-12 VLAN Groups page To configure the selected VLAN, click the VLAN button.
VLAN Button Figure 5-13 VLAN Port Selection page VLAN Configuration To congigure a VLAN, first select a VIDin the VLAN Groups page (Figure 5-12), then click the VLAN button. This opens the VLAN Group Configuration options page, as shown in Figure 5-14.
Web Browser Management Figure 5-14 VLAN Group Configuration options Creating or Modifying a VLAN To create or modify the basic attributes of a VLAN group, click the Create or Modify button in the VLAN Group Configuration dialog box. The VLAN Attributes dialog box is displayed, as shown in Figure 5-15. Figure 5-15 VLAN Attributes dialog box Enter or change the basic attributes, then click OK.
VLAN Button the time you clicked VLAN in the VLAN Groups dialog page (Figure 5-12). You will see a dialog box asking you to confirm your decision to remove the VLAN. {{The above is total fiction. Is it right?}} Adding and Deleting Port Members To add ports to or delete ports from the current VLAN, click the Add/Del Members button in the VLAN Group Congiguration dialog box. This displays the Add/Delete Port Member dialog box, as shown in Figure 5-16.
Web Browser Management Figure 5-16 Add/Delete Port Member dialog box To add or delete MAC addresses for devices connected to the IntraCore 8000, click the Add/Del MAC Addr button in the VLAN Group Configuration dialog box. The dialog box shown in Figure 5-17 appears. Figure 5-17 Add/Delete MAC Address dialog box When you have added or deleted the MAC address, the VLAN Group Configuration page is displayed again.
Duplicate IP Button Duplicate IP Button This button lights up if a duplicate IP number has been detected on the system. If you click the button, it opens the Duplicate IP Trap Log page which, if the trap is enabled, displays a record of duplicate IP Addresses detected. The Log shows the MAC address of the device that is the original or rightful owner of the IP address, and the MAC address of the spoofer device that is using a copy of the IP address.
Web Browser Management Page 5-20
A Technical Support Contacting Technical Support To contact Asanté Technical Support: Telephone (800) 622-7464 Fax (801) 566-3787 Fax-Back (800) 741-8607 E-mail support@asante.com World Wide Web Site http://www.asante.com FTP site for RMON information Technical Support Hours 6:00 a.m. to 5:00 p.m. Pacific Standard Time USA, Monday - Friday.
Page A-2
B MIB Statistics MIB Object Definitions for Counters The following MIB objects are those for which counters are displayed in the Statistics Counters screens shown in both the console and Web interface. The definitions and references are quoted from RFC 1516. Readable Frames "This object is the number of frames of valid frame length that have been received on this port.
minFrameSize and less than or equal to maxFrameSize (Ref: 4.4.2.1, IEEE 802.3 Std). The approximate minimum time for rollover of this counter is 80 hours." Reference: IEEE 802.3 Rptr Mgt, 19.2.6.
MIB Object Definitions for Counters Implementors may wish to consider selecting the ShortEventMaxTime towards the lower end of the allowed tolerance range to accommodate bit losses suffered through physical channel devices not budgeted for within this standard. The approximate minimum time for rollover of this counter is 16 hours." Reference: IEEE 802.3 Rptr Mgt, 19.2.6.
Late Events "This counter is incremented by one for each CarrierEvent on this port in which the CollIn(X) variable transitions to the value SQE (Ref: 9.6.6.2, IEEE 802.3 Std) while the ActivityDuration is greater than the LateEventThreshold. Such a CarrierEvent is counted twice, as both a collision and as a lateEvent.
MIB Object Definitions for Counters The LateEventThreshold is greater than 480 bit times and less than 565 bit times. LateEventThreshold has tolerances included to permit an implementation to build a single threshold to serve as both the LateEventThreshold and ValidPacketMinTime threshold. The approximate minimum time for rollover of this counter is 81 hours." Reference: IEEE 802.3 Rptr Mgt, 19.2.6.
Total Errors "The total number of errors which have occurred on this port. This counter is the summation of the values of other error counters (for the same port), namely: rptrMonitorPortFCSErrors, rptrMonitorPortAlignmentErrors, rptrMonitorPortFrameTooLongs, rptrMonitorPortShortEvents, rptrMonitorPortLateEvents, rptrMonitorPortVeryLongEvents, and rptrMonitorPortDataRateMismatches. This counter is redundant in the sense that it is the summation of information already available through other objects.