User`s manual

ManualsBrandsAsante ManualsComputer equipmentIntraCore IC35516-G

IntraCore

35516 Series

Layer 2/3/4 Gigabit Switches

User’s Manual

Summary of content (111 pages)

PAGE 1
IntraCore® 35516 Series Layer 2/3/4 Gigabit Switches User’s Manual
PAGE 2
-2- IntraCore 35516 Series Layer 2/3/4 Gigabit Switches User’s Manual Asanté Technologies, Inc. 2223 Old Oakland Road San Jose, CA 95131 USA SALES 800-662-9686 Home/Office Solutions 800-303-9121 Enterprise Solutions 408-435-8388 TECHNICAL SUPPORT 801-566-8991: Worldwide 801-566-3787: Fax www.asante.com/support support@asante.com Copyright © 2004 Asanté Technologies, Inc. All rights reserved.
PAGE 3
-3- Table of Contents Table of Contents...........................................................................................................................................................3 Chapter 1: Introduction.................................................................................................................................................10 1.1 Features .................................................................................................................................
PAGE 4
-4- 2.6.1 10/100/1000BaseT Ports Cabling Procedures .............................................................................................19 2.6.2 Gigabit Ethernet Ports Cabling Procedures .................................................................................................20 2.7 Setup ..................................................................................................................................................................20 2.7.1 Connecting to a Console...........
PAGE 5
-5- 3.8.5 Scrolling Down a Line or a Screen ...............................................................................................................36 3.8.6 Redisplaying the Current Command Line ....................................................................................................36 3.8.7 Transposing Mistyped Characters ...............................................................................................................36 3.8.8 Controlling Capitalization .....................
PAGE 6
-6- 5.4.3 Specify a RIP Version ..................................................................................................................................56 5.4.4 Redistribute Routing Information..................................................................................................................57 5.4.5 Set Metrics for Redistributed Routes............................................................................................................58 5.4.6 Set Administrative Distance ....
PAGE 7
-7- 5.10.1 Enabling PIM Sparse Mode .......................................................................................................................80 5.10.2 Setting Up BSR Candidacy ........................................................................................................................80 5.10.3 Setting Up RP Candidacy ..........................................................................................................................81 5.
PAGE 8
-8- 7.3.1 Assigning the Queue List to an Interface (Optional).....................................................................................96 7.3.1 Monitoring Custom Queue Lists ...................................................................................................................96 7.3.1 Custom Queuing Example ...........................................................................................................................96 7.4 Generic Traffic Shaping..........................
PAGE 9
-9- Appendix D: Console Port Pin Outs ........................................................................................................................... 110 Appendix E. Online Warranty Registration.................................................................................................................
PAGE 10
- 10 - Chapter 1: Introduction Thank you for purchasing the Asanté IntraCore 35516 Series Gigabit switch. The IC35516 is from a family of multimedia and multi-protocol switches capable of supporting Layer 2 switching and Layer 3 and Layer 4 protocols. They are designed to offer industry-leading performance at a very competitive cost of ownership. Important! This manual describes the hardware setup and configuration commands that are used by the IC35516.
PAGE 11
- 11 - • 128 KB internal packet buffer • Full duplex 1000 Mbps, full and half duplex 10/100 Mbps • Support for Jumbo Frames (up to 32 KB in length) 1.2 Package Contents The following items are included in the switch’s package: • Switch • AC power cord • Rackmount brackets with screws • Rubber feet • Setup Guide • IntraCore 35516 CD-ROM Contact your dealer immediately if any of these items is missing. 1.
PAGE 12
- 12 - Duplex/Activity Green A full-duplex link has been established on the port. Blinking Green Activity has been detected in full-duplex mode. Yellow A half-duplex link has been established on the port. Blinking Yellow Activity has been detected in half-duplex mode. Off No link has been established on the port. 1.3.2 IC35516-G The IntraCore 35516-G has one power LED, one (optional) emergency power LED, two LED indicators for 10/100/1000BaseT status, and one LED for GBIC status.
PAGE 13
- 13 - 1.4.2 IC35516-G The front panel of the IC35516-G contains the following: power and port LEDs, 12 GBIC ports, 4 dual-function Gigabit ports that support either 1000BaseT or GBIC-style Gigabit Ethernet ports, and a console port. The back panel, shown below, contains a 12 VDC jack for emergency power (optional), the primary power bay cover plate, the on/off switch, and the primary power outlet. 1.
PAGE 14
- 14 - Chapter 2: Hardware Installation and Setup The following guidelines will help you easily install the switch, ensuring that it has the proper power supply and environment. 2.1 Installation Overview Follow these steps to install the IntraCore switch: 1. Open the box and check the contents. See Chapter 1.2 Package Contents for a complete list of the items included with the IntraCore switch. 2. Install the switch in an equipment or wall rack, or prepare it for desktop placement. 3.
PAGE 15
- 15 - You will need the following tools and equipment (not included) to install the switch into an equipment rack: • Flat head screwdriver • Phillips head screwdriver • Antistatic mat or foam 2.1.3 Power Requirements The electrical outlet should be located near the switch and be easily accessible. It must also be properly grounded. Make sure the power source adheres to the following guidelines: • Power: Auto Switching 90-260 VAC • Frequency range: 50/60 Hz 2.1.
PAGE 16
- 16 - 6. Secure the switch by securing its mounting brackets onto the equipment rack with the appropriate screws (supplied). Important! Make sure the switch is supported until all the mounting screws for each bracket are secured to the equipment rack. Failure to do so could cause the switch to fall, which may result in personal injury or damage to the switch. 2.2.
PAGE 17
- 17 - 2.3.1 Installing a GBIC GBICs are hot-swappable. This means that they can be inserted and removed while the switch is powered on. However, please allow 40–60 seconds for the switch to recognize the module when it has been installed while the switch is on. 1. Wearing an ESD (electro-static discharge) wrist strap, remove the GBIC module from its protective packaging. 2. Verify that the GBIC is the correct type for the network (see the table above). 3.
PAGE 18
- 18 - 2.4 Installing the Optional Emergency Power Supply To ensure increased reliability for mission-critical applications, the IC35516 can be equipped with a 12 VDC emergency backup power supply (the IC35-EPS12, sold separately). When installed, the emergency power supply is in standby mode. Should the primary unit fail, the DC backup automatically switches on and the LED on the front panel lights. In addition, an SNMP fault notice is sent.
PAGE 19
- 19 - 2. After the switch is connected to the network, it can be configured for management capabilities (see the following chapters for information on configuration). 2.6.1 10/100/1000BaseT Ports Cabling Procedures The 10/100/1000 ports on the switch allow for the connection of 10BaseT, 100BaseTX, or 1000BaseT network devices. The ports are compatible with IEEE 802.3 and 802.3u standards. Important: The switch must be located within 100 meters of its attached 10BaseT or 100BaseTX devices.
PAGE 20
- 20 - Table 2-2 Pin Numbers and Wire Colors 2.6.2 Gigabit Ethernet Ports Cabling Procedures Cabling requirements for the optional hardware modules depend on the type of module installed. Use the following guidelines to determine the particular cabling requirements of the module(s): • 1000BaseSX GBIC: Cables with SC-type fiber connectors; 62.
PAGE 21
- 21 - c. Under the Settings tab, choose VT100 for Emulation mode. d. Select Terminal keys for Function, Arrow, and Ctrl keys. Be sure the setting is for Terminal keys, NOT Windows keys. e. Back under the Connect To tab, press the Configuration button. f. Set the data rate to 9600 Baud. g. Set data format to 8 data bits, 1 stop bit and no parity. h. Set flow control to NONE. Now that terminal is set up correctly, power on the switch. The boot sequence will display in the terminal.
PAGE 22
- 22 - 2.8 Setting Passwords The switch ships with a default of no enable password, which allows anyone on the network access to various privilege levels. To prevent unauthorized changes to the switch’s configuration, you should set an enable password for access to switch management. Follow the example below to assign a privileged password.
PAGE 23
- 23 - 7 Specifies a HIDDEN line password will follow 2.9 Login Security Two methods are available on the IntraCore 35516 to configure an authentication query process for better login security: the username command or the password and login commands. 2.9.1 The username Command To establish a username-based authentication system, use the username command in global configuration mode. This method is more effective because authentication is determined on a user basis.
PAGE 24
- 24 - 3. Type enable. The new prompt is Router#. 4. Type configure terminal. The new prompt is Router(config)#. 5. The default IP address is assigned to the veth1 interface. Type interface veth1. The new prompt is Router(config-if-veth1)#. Type ip address and the new address. Your screen will look like this example: Router> enable Router# configure terminal Router(config)# interface veth1 Router(config-if-veth1)# ip address 192.168.123.254 255.255.255.
PAGE 25
- 25 - Chapter 3: Understanding the Command Line Interface (CLI) The switch utilizes Command Line Interface (CLI) to provide access to several different command modes. Each command mode provides a group of related commands. After logging into the system, you are automatically in the user top (user EXEC) mode. From the user top mode you can enter into the privileged top (privileged EXEC) mode.
PAGE 26
- 26 - To list the commands available in user top mode, enter a question mark (?). Use a space and a question mark (?) after entering a command to see all the options for that particular command. Command Purpose ? Lists the user EXEC commands. show ? Lists all the options available for the given command.
PAGE 27
- 27 - prompt, as shown in the following example. Enter a question mark (?) after a command to see all the options for that command.
PAGE 28
- 28 - Ctrl-Z EXEC mode. To list the commands available in global configuration mode, enter a question mark (?) at the prompt, as shown in the following example. Enter a question mark (?) after a command to see all the options for that command.
PAGE 29
- 29 - configuration command, which defines the interface type as ethernet or virtual. The virtual interfaces are bound to VLANs and can be assigned IP addresses. In the following example, Ethernet interface eth1 is about to be configured. The new prompt, Router(config-ifeth1)#, indicates the interface configuration mode. In this example, the user asks for help by requesting a list of commands.
PAGE 30
- 30 - default-metric distance distribute-list end exit help neighbor network no offset-list passive-interface quit redistribute show timers version write Set a metric of redistribute routes Administrative distance Filter networks in routing updates End current mode and change to enable mode Exit current mode and down to previous mode Description of the interactive help system Specify a neighbor router Enable routing on an IP network Negate a command or set its defaults Modify RIP metric Suppress routing
PAGE 31
- 31 - Command Purpose help Obtain a brief description of the help system in any command mode. ? List all commands available for a particular command mode. When using context-sensitive help, the space (or lack of a space) before the question mark (?) is significant. To obtain a list of commands that begin with a particular character sequence, type in those characters followed immediately by the question mark (?). Do not include a space.
PAGE 32
- 32 - terminal Configure from the terminal Note that in the example below, if you enter the configure command followed by the Carriage Return (Enter or Return key), you will be prompted that the command is incomplete. Router# configure % Command incomplete. Router# Generally, uppercase letters represent variables. For example, after entering a command, such as hostname, and using a space and a question mark, you will be prompted for the new name, represented by WORD.
PAGE 33
- 33 - Router(config)# router ? bgp BGP information ospf Open Shortest Path First rip Routing Information Protocol (RIP) Router(config)# router Router(config)#router rip Router(config-rip-router)# 3.6 Using CLI Command History The CLI user interface provides a history or record of commands that you have entered. This feature is particularly useful for recalling long or complex commands or entries, including access lists.
PAGE 34
- 34 - • Transposing Mistyped Characters • Controlling Capitalization 3.8.1 Moving Around on the Command Line Use the following keystrokes to move the cursor around on the command line in order to make corrections or changes: Keystrokes Purpose Press Ctrl-B or the left arrow. Move the cursor back one character. Press Ctrl-F or the right arrow. Move the cursor forward one character. Press Ctrl-A. Move the cursor to the beginning of the command line. Press Ctrl-E.
PAGE 35
- 35 - 3.8.3 Editing Command Lines That Wrap The enhanced editing feature provides a wraparound for commands that extend beyond a single line on the screen. When the cursor reaches the right margin, the command line shifts 8 spaces to the left. You cannot see the first eight characters of the line, but you can scroll back and check the syntax at the beginning of the command.
PAGE 36
- 36 - 3.8.5 Scrolling Down a Line or a Screen When using a command that list more information than will fill on the screen, the prompt --More-- is displayed at the bottom of the screen. Whenever the More prompt is displayed, use the following keystrokes to view the next line or screen: Keystrokes Purpose Press Return. Scroll down one line. Press Spacebar. Scroll down one screen. 3.8.
PAGE 37
- 37 - 3.9.1 Enable Password To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. Use the no form of this command to remove the password requirement. Router(config)# enable password ? 0 Specifies an UNENCRYPTED password will follow 7 Specifies a HIDDEN password will follow LINE The UNENCRYPTED (cleartext) 'enable' password Router(config)# enable password 0 Router(config)# exit Router# write [memory file] 3.9.
PAGE 38
- 38 - Chapter 4: Managing the System and Configuration Files This chapter explains how to manage the system information, as well as how to manage the configuration files for the IC35516. 4.
PAGE 39
- 39 - hostname name New host name for the network. 4.1.3 Changing the Password The switch ships with a default of no password, which allows immediate access to ANYONE on the network. In order to guard against unauthorized access, only the administrator should be allowed to change the password. A new password is prompted for twice to avoid any typing mistakes. The new password must have more than five characters, and less than eight characters. The password is case sensitive.
PAGE 40
- 40 - To log messages, use the following command in global configuration mode. Command Purpose logging address IP address of the host to be used as a syslog server. logging facility Facility parameters for syslog messages. logging trap Set syslog server logging level. 4.1.7 Displaying the Operating Configuration The configuration file may be displayed from the EXEC (enable) mode.
PAGE 41
- 41 - You can add comments to a configuration file describing the commands you have entered. Precede a comment with an exclamation point (!). Use the following commands to configure the software from the terminal. Command Purpose configure terminal Enters global configuration mode and select the terminal option. Router(config)# The global configuration prompt. Enter the necessary configuration commands. copy running-config startup-config Saves the configuration file to your startup configuration.
PAGE 42
- 42 - OR Router# copy running-config ? startup-config Copy to startup configuration tftp:[//A.B.C.D/filename] Copy to tftp: file system Router# copy running-config tftp Enter TFTP Server IP Address [A.B.C.D]? Enter file name 'my-config' to copy? Reply to any prompts for additional information or confirmation. The prompts will depend on how much information has been provided in the copy command and the current setting of the file prompt command.
PAGE 43
- 43 - Reply to any router prompts for additional information or confirmation. Additional prompts will depend on how much information is provided in the copy command and the current setting of the file prompt command. In the following example, the software is configured from the file my-config at IP address 192.168.123.59: Router# copy tftp://192.168.123.59/my-confg running-config Download file ‘my-config’ from 192.168.123.59 to running-config? [y/n] y Accessing tftp://192.168.123.59/my-config...
PAGE 44
- 44 - Important! Be sure to change the SNMP default community strings in order to prevent unauthorized access to management information. To set up the community access string to permit access to the SNMP, use the following command from the global command mode. Command Purpose snmp-server community string [view view-name] {ro | rw} [access-list-number] Define the community access string. The access-list-number parameter is numbered from 1–99 and 1300–1999.
PAGE 45
- 45 - of the SNMP agent. 4.3.2 Other SNMP Configuration Command Purpose snmp-server Enable the SNMP agent. The first snmp-server global configuration command enables SNMP. snmp-server engineID {local engineidstring|remote host-ip-address [udp-port port-number] engineid-string} Set Engine ID for local or remote devices. The remote engine ID is used to create users that can send SNMPv3 traps. snmp-server view view-name subtree [subtree-mask] [included | excluded] Define the SNMP server view.
PAGE 46
- 46 - 4.3.3 Configuring Spanning Tree Protocol (STP) The Spanning Tree Protocol (STP) is part of the IEEE 802.1D standard. It provides for a redundant network without the redundant traffic through closed paths. For example, in a network without spanning tree protocol, the same message will be broadcast through multiple paths, which may start an unending packet-passing cycle. This in turn causes a great amount of extra network traffic, leading to network downtime.
PAGE 47
- 47 - Priority Setting the bridge priority to a low value will increase the likelihood that the current bridge will become the root bridge. If the current bridge is located physically near the center of the network, decrease the Bridge Priority from its default value of 32768 to make it become the root bridge. If the current bridge is near the edge of the network, it is best to leave the value of the Bridge Priority at its default setting.
PAGE 48
- 48 - • Root port—provides the best path (lowest cost) when the bridge forwards packets to the root switch. • Designated port—connects to the designated switch, which has the lowest path cost when forwarding packets from that LAN to the root bridge. The port through which the designated switch is attached to the LAN is called the designated port. • Alternate port—offers an alternate path toward the root switch to that provided by the current root port.
PAGE 49
- 49 - Valid priority values are 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440. All other values are rejected. To return the switch to its default setting, use the no spanning-tree priority configuration command. Restarting the Protocol Migration Process A switch when running RSTP supports a built-in protocol migration mechanism that enables it to interoperate with legacy 802.1D switches. If this switch receives a legacy 802.
PAGE 50
- 50 - Configuring port priority Use the following interface mode command to configure port priority: Router(config)# interface eth1 Router(config-if-eth1)#spanning-tree port-priority For , the range is 0–240 in increments of 16; the default is 128. The lower the number, the higher the priority. To return the switch to its default setting, use the no spanning-tree port-priority interface configuration command. 4.
PAGE 51
- 51 - Chapter 5: Configuring IP The Internet Protocol (IP) is a packet-based protocol used to exchange data over computer networks. It is the foundation on which all other IP protocols are built. IP is a network-layer protocol that contains addressing and control information that allows data packets to be routed. This section describes how to configure the Internet Protocol (IP). A number of tasks are associated with configuring IP.
PAGE 52
- 52 - The following table describes the Class C equivalent of CIDR prefixes.
PAGE 53
- 53 - Note: If any router on a network segment uses a secondary address, all other routers on that same segment must also use a secondary address from the same network or subnet. To assign multiple IP addresses to network interfaces, use the following command in interface configuration mode: Command Purpose ip address address I mask secondary Assign multiple IP addresses to network interfaces. 5.
PAGE 54
- 54 - Configuring IP Routing IP routing protocols are divided into two classes: Interior Gateway Protocols (IGPs) and Exterior Gateway Protocols (EGPs). Note: The word gateway is often a part of a routing protocol’s name, since many routing protocol specifications refer to routers as gateways.
PAGE 55
- 55 - Connected interface 0 Static route 1 External BGP 20 OSPF 110 RIP 120 Internal BGP 200 Unknown 255 Table 5-3: Dynamic Routing Protocol Default Administrative Distances 5.4 Configuring RIP The Routing Information Protocol (RIP) is a commonly used interior gateway protocol (IGP) created for use in small, homogeneous networks. It is a distance-vector routing protocol, documented in RFC 1058. RIP uses broadcast User Datagram Protocol (UDP) data packets to exchange routing information.
PAGE 56
- 56 - network {IP prefix} Associate a network with a RIP routing process. 5.4.2 Allow Unicast Updates for RIP Because RIP is normally a broadcast protocol, in order for RIP routing updates to reach non-broadcast networks, it is necessary to establish a direct link between routers. Use the following command in router configuration mode. Command Purpose neighbor ip-address Define a neighboring router with which to exchange routing information.
PAGE 57
- 57 - 5.4.4 Redistribute Routing Information The router can redistribute routing information from a source route entry into the RIP tables. For example, you can instruct the router to re-advertise connected, kernel, or static routes as well as routing protocol-derived routes. This capability applies to all the IP-based routing protocols. To redistribute routing information from a source route entry into the RIP table, perform the following task in router configuration mode.
PAGE 58
- 58 - To define conditions for redistributing routes from a source route entry into the RIP tables, perform at least one of the following tasks in route-map configuration mode: Command Purpose match interface interface-name Match the specified interface. match ip address {access-list-name | prefix-list prefix-list-name} Match a standard access list or prefix list. match ip next-hop access-list-name Match a next-hop router address passed by one of the access lists specified.
PAGE 59
- 59 - To set an administrative RIP distance to a specified value, use the distance router configuration command. Command Purpose distance distance-value [prefix] [accesslist-name] Assign an administrative distance. 5.4.7 Generate a Default Route You can force an autonomous system boundary router to generate a default route into an RIP routing domain.
PAGE 60
- 60 - To do this, perform the following task in router configuration mode. Command Purpose distribute-list {access-list-name | prefix prefix-list-name} in | out} [interface-name] Suppress routes from being advertised and processed in routing updates depending upon the action listed in the access list or prefix list. Apply Offsets to Routing Metrics An offset list is the mechanism for increasing incoming and outgoing metrics to routes learned via RIP. You can limit the offset list with an access list.
PAGE 61
- 61 - To enable or disable split horizon, perform the following tasks in interface configuration mode. Command Purpose ip rip poison reverse Enable split horizon with poison reverse. no ip rip poison reverse Disable split horizon with poison reverse. 5.4.11 Manage Authentication Keys If you are sending and receiving RIP Version 2 packets, you can enable RIP authentication on an interface. RIP Version 1 does not support authentication.
PAGE 62
- 62 - debug ip rip packet [recv | send] detail Display detailed information about the RIP packets. The information includes the origin and port number of the packet as well as a packet dump. show debugging rip Show all information currently set for RIP debug. 5.5 Configuring IP Multicast Routing Multicast traffic is a means to transmit a multimedia stream from the Internet (a video conference, for example) without requiring a TCP connection from every remote host that wants to receive the stream.
PAGE 63
- 63 - Multicast routers elect designated router (DR) for the LAN (subnet). The DR is the router with the highest IP address. The DR is responsible for sending IGMP host-query messages to all hosts on the LAN. By default, the DR sends IGMP host-query messages every 60 seconds in order to keep the IGMP overhead on hosts and networks very low.
PAGE 64
- 64 - Configuring the TTL Threshold The time-to-live (TTL) value controls whether packets are forwarded out of an interface. The TTL value is specified in hops. Only multicast packets with a TTL value greater than the interface TTL threshold are forwarded on the interface. The default value is 0, which means that all multicast packets are forwarded on the interface.
PAGE 65
- 65 - Graft-retransmit-interval This value defines the interval of time that a DVMRP router sending a graft message will wait for a graft acknowledgment from an upstream router before re-transmitting that message. Subsequent re-transmissions will be sent at an interval of twice that of the preceding interval. DVMRP must be enabled on the router for this command to be operational.
PAGE 66
- 66 - Command Purpose prune-age <20–8000 seconds> Defines how long a prune state will remain in effect for a source-routed multicast tree. After the prune age period expires, flooding will resume. Default value: 180 seconds Report-interval This value defines how often routers will propagate their complete routing tables to other neighbor DVMRP routers. DVMRP must be enabled on the router for this command to be operational.
PAGE 67
- 67 - When configuring an access list, you can add multiple statements by adding criteria to the same numbered list. The order of the statements is important, as the switch tests addresses against the criteria in an access list one by one (in the order the statements are entered) until it finds a match. The first match determines whether the software accepts or rejects the address. Because the software stops testing conditions after the first match, the order of the conditions is critical.
PAGE 68
- 68 - deny statement would follow the last entry, if no match was found before the end of the list. In this case, however, we are permitting any other IP address other than 192.168.123.254, and a deny statement isn’t necessary. Router(config)# access-list A.B.C.D Source wildcard. Router(config)# access-list Router(config)# access-list Router(config)# exit Router# show access-list 1 deny 192.168.123.254 ? e.g. 0.0.0.255 1 deny 192.168.123.254 1 permit any {0.0.0.0 255.255.255.
PAGE 69
- 69 - icmp Specify ICMP connections tcp Specify TCP connections udp Specify UDP connections Router(config)# access-list 101 deny tcp ? A.B.C.D Source address to match. e.g. 10.0.0.0 host Host address to match. any Any source address to match Router(config)# access-list 101 deny tcp 192.168.123.0 0.0.0.255 ? A.B.C.D Destination address to match. e.g. 10.0.0.0 host Host address to match. any Any destination address to match Router(config)# $ist 101 deny tcp 192.168.123.0 0.0.0.255 192.168.124.
PAGE 70
- 70 - 5.6.4 Applying an Access List to an Interface After creating your access lists, you must apply them to an interface in order to enable the access list. Enter the interface configuration mode for the desired interface. Each interface may have only one access list applied to it at one time. Access lists are applied to either inbound traffic or to outbound traffic.
PAGE 71
- 71 - 5.7.2 Configure ABR Type The IC35516 OSPF conforms to the specifications in standard RFC2328. Because a variety of implementations support OSPF, the OSPF configuration depends on different types of routers. To configure OSPF on an Area Border Router (ABR), specify what type the router belongs to. Command Purpose abr-type {cisco | ibm | shortcut | standard} Specify a router (ABR) type. 5.7.
PAGE 72
- 72 - ip ospf dead-interval seconds Set the number of seconds that a device's hello packets must not have been seen before its neighbors declare the OSPF router down. This value must be the same for all routers attached to a common network. The default value is 40 seconds. ip ospf authentication-key key Assign a specific password to be used by neighboring OSPF routers on a network segment that is using OSPF's simple password authentication. The key length can be up to 8 characters.
PAGE 73
- 73 - Authentication allows password-based protection against unauthorized access to an area. Stub areas are areas into which information on external routes is not sent. Instead, there is a default external route (generated by the area border router) into the stub area for destinations outside the autonomous system.
PAGE 74
- 74 - If you configure an NSSA totally stub area using no summary command, inter-area routes are not allowed in the NSSA area. When redistribution takes place in the situations where there is no need to inject external routes into the NSSA, you can prevent the router from creating Type 7 LSAs for NSSA using the translate-never command. This situation can occur when an Autonomous System Boundary Router (ASBR) is also an NSSA ABR.
PAGE 75
- 75 - Command Purpose auto-cost reference-bandwidth ref-bw Differentiate high bandwidth links. 5.7.12 Configure Route Calculation Timers You can configure the delay time between when OSPF receives a topology change and when it starts a shortest path first (SPF) calculation. To do this, perform the following task in router configuration mode. Command Purpose timers spf spf-delay Configure route calculation timers. 5.7.
PAGE 76
- 76 - To force the autonomous system boundary router to generate a default route, perform the following task in router configuration mode. Command Purpose redistribute {kernel | connected | static | rip | bgp} [metric metric-value] [metric-type {1|2}][route-map map-tag] Redistribute routes into OSPF routing domain. 5.7.
PAGE 77
- 77 - 5.7.19 Monitor and Maintain OSPF You can display specific statistics such as the contents of IP routing tables and databases. The information provided can be used to determine resource utilization and solve network problems. You can also display information about node availability and discover the routing path that packets are taking through the network. To display various routing statistics, use the following commands in top mode.
PAGE 78
- 78 - show ip ospf neighbor [neighbor-id | interface-name ] Display OSPF-neighbor information. The debugging commands are useful to quickly diagnose problems. Use the following commands to display OSPF information in top mode. Command Purpose debug ospf packet {hello | dd | ls-ack | ls-request | ls-update | all} [send | recv [detail]] Display one set of information for each packet. The information includes the descriptions of packet database, link state requests, and their updates.
PAGE 79
- 79 - ip vrrp VRID priority level Sets the priority level of the router within a VRRP VRID group. The default value is 100. ip vrrp VRID timers [advertise interval] Configures the interval between successive advertisements by the master virtual router in a VRRP VRID group. ip vrrp VRID authentication string Authenticates VRRP packets received from other routers in the VRID group. If you configure authentication, all routers within the VRRP VRID group must use the same authentication string.
PAGE 80
- 80 - 5.9.2 Change IRDP Parameters When IRDP processing is enabled, the default parameters will apply. You may change any of the following default parameters. Use the following commands in interface configuration mode. Command Purpose ip irdp multicast Send IRDP advertisements to the all-systems multicast address (224.0.0.1) on a specified interface. ip irdp holdtime seconds Set the IRDP period for which advertisements are valid.
PAGE 81
- 81 - • Priority—Priority of the bootstrap router in the range 0–255, with the larger priority being preferred. If the priority values are the same, the router with the larger IP address will be the preferred bootstrap router. To delete this router as a candidate for being a bootstrap router, use the no form of this command: 5.10.
PAGE 82
- 82 - ping {host | address} Test network node reach-ability. traceroute {host | destination} Trace packet routes through the network. 5.13 Configuring EtherAggregate An EtherAggregate consists of individual Gigabit Ethernet links bundled into a single logical link. The EtherAggregate feature allows you to manually configure multiple high-speed load-sharing links between two switch/routers or a switch/router and a server.
PAGE 83
- 83 - default is no port member. speed [100 | 1000] Set the operating speed of the port aggregate to 100 or 1000 Mbps. Note that the speed will be applied only when the negotiation is disabled (that is, no auto-negotiation). By default, all added ports are configured to 1000 Mbps. The no form of the commands will reset each parameter to its defaults, or if the default is that the parameter has no value, then it will be deleted.
PAGE 84
- 84 - 5.13.3 EtherAggregate Configuration Example The following example creates four L3 EtherAggregates. ! ! ! EtherAggregate example configuration file ...
PAGE 85
- 85 - 5.14 802.1x Support 802.1x is a standard for passing Extensible Authentication Protocol (EAP) information over a network. This enables you to restrict network access on a per-port basis. This section lists the commands needed to configure the IntraCore 35516 to act as an EAP authentication server. Please refer to the IEEE 802.1X standard (available on the web at standards.ieee.org/getieee802/) for details of the terminology. 5.14.
PAGE 86
- 86 - dot1x radius-server host A.B.C.D [auth-port <1-65535>] [key SHARED_KEY_STRING] Defines a RADIUS server and its parameters. dot1x radius-server key SHARED_KEY_STRING Sets RADIUS server shared key. dot1x radius-server nas-identifier NAS_ID_STRING Sets RADIUS NAS-Identifier attribute. 5.14.2 Interface Configuration Mode Commands Command Purpose dot1x multiple-hosts Enables multiple-host mode so that after the interface is authenticated, it is accessible to all hosts on the port.
PAGE 87
- 87 - Chapter 6: VLAN Configuration Up to 4094 Virtual LANs (VLANs) are supported on the IC35516. The switch is shipped with a default VLAN with VLAN ID (VID) 1. All switchports (eth1–eth16) are included in the default VID 1. The default VID 1 cannot be deleted. 6.1 Creating or Modifying a VLAN Enter the following commands beginning in configuration mode: Command Purpose vlan vid Enter a VLAN ID (2–4094), which will access config-vlan mode.
PAGE 88
- 88 - First, a VLAN is created and named tester. Router# configure terminal Router(config)# vlan 2 Router(config-vlan)# name tester Router(config-vlan)# exit Router(config)# exit Router# show vlan In the output of the show vlan command, the new VLAN will be listed, but will not yet be active. Next, a switchport is chosen to belong to VLAN 2.
PAGE 89
- 89 - 6.2 VLAN Port Membership Modes A switchport can be assigned to a VLAN by designating a membership mode. The membership mode determines the kind of traffic the port carries and the number of VLANs to which it can belong. The membership modes are as follows: • Static Access • Trunk (IEEE 802.1Q) • Dot1q Tunnel 6.2.1 Static Access A static-access port can belong to one VLAN and is manually assigned to that VLAN.
PAGE 90
- 90 - Router(config-if-IFNAME)# end Return to Enable mode. Use the following commands, beginning in config mode, to configure the VLAN Allowed List for the trunk port: Command Purpose interface IFNAME Enter the interface name to access the interface configuration mode. switchport mode trunk This command designates the interface as IEEE 802.1q trunk-access mode. Use the no form of this command to reset to the default of static-access mode.
PAGE 91
- 91 - 6.2.3 Dot1q Tunnel 802.1Q tunnel ports are used to maintain customer VLAN integrity across a service provider network. You can configure a tunnel port on an edge switch in the service provider network and connect it to an 802.1Q trunk port on a customer interface, creating an asymmetric link. A tunnel port belongs to a single VLAN that is dedicated to tunneling. Use the following commands, beginning in config mode, to configure an interface as an IEEE 802.
PAGE 92
- 92 - Chapter 7: Quality of Service (QoS) Configuration Quality of Service (QoS) is a general term referring to various methods of traffic management you can employ on your network to ensure that traffic you identify as high-priority can use a sufficient share of the available bandwidth. The IC35516 supports the following QoS methods: • Weighted Fair Queuing • Priority Queuing • Custom Queuing 7.
PAGE 93
- 93 - 7.1.3 Monitoring Weighted Fair Queuing Lists To display information about the input and output queues, use the following command in EXEC mode: Command Purpose show queuing fair Displays the status of the weighted fair queuing. 7.1.4 Weighted Fair Queuing Example This example shows eth10 has 10% bandwidth for class 3, 20% for class 2, 30% for class 1, and 40% for class 0.
PAGE 94
- 94 - {list | tcp | udp} access-list-number/layer4-port-number priority-list list-number interface interface-type-number {high | medium | normal | low} Establishes queuing priorities for packets entering from a given interface. priority-list list-number default {high | medium | normal | low} Assigns a priority queue for those packets that do not match any other rule in the priority list. This is optional. If not defined, unmatched packets will be placed in normal priority queue. 7.2.
PAGE 95
- 95 - You must follow certain required, basic steps to enable CQ for your network. In addition, you can choose to assign packets to custom queues based on protocol type, interface where the packets enter the router, or other criteria you specify. Like priority queue list, custom queue is used on an output interface. 7.3.
PAGE 96
- 96 - matching protocol or interface type. When a match is found, the packet is assigned to the appropriate queue. The list is searched in the order it is specified, and the first matching rule terminates the search. 7.3.1 Assigning the Queue List to an Interface (Optional) You can assign a custom queue list number to an interface. Only one list can be assigned per interface.
PAGE 97
- 97 - 7.4.1 Configuring GTS for an Interface To configure GTS for outbound traffic on an interface, use the following command in interface configuration mode: Router(config-if)# traffic-shape rate bit-rate 7.4.2 Configuring GTS for an Access List To configure GTS for outbound traffic on an access list, use the following commands beginning in global configuration mode: Command Purpose access-list access-list-number Assigns traffic to an access list.
PAGE 98
- 98 - 7.5.1 Configuring RED to Use IP Precedence To configure RED to use the IP precedence value when it calculates the drop probability, use the following commands in interface configuration mode: Command Purpose random-detect prec-based Indicates that RED is to use the ip precedence value when it calculates the drop probability for the packet. random-detect precedence precedence value {high | medium | normal | low} Specifies the drop probability.
PAGE 99
- 99 - Chapter 8: Configuring DHCP and DNS 8.1 DHCP Dynamic Host Control Protocol (DHCP) allows users to automatically assign re-usable IP addresses to DHCP clients. The router software supports a full DHCP server implementation that assigns and manages IP addresses from specified address pools within the router to DHCP clients. 8.1.1 Enabling DHCP Server By default, the DHCP server function is disabled on your device. To enable it, issue the service dhcp command.
PAGE 100
- 100 - 8.1.5 Configuring the Domain Name for the Client The domain name of a DHCP client places the client in the general grouping of networks that make up the domain. To configure a domain name string for the client, use the following command in DHCP pool configuration mode: Router(config-dhcp)# domain-name domain Use the no form of this command to remove the configured domain name. 8.1.
PAGE 101
- 101 - Router(config-dhcp)# default-router A.B.C.D Note: You can specify up to eight DNS server IP addresses. Use the no form of this command to remove the configured default router. 8.1.11 Configuring the Address Lease Time By default, each IP address assigned by a DHCP server comes with a one-day lease, which is the amount of time that the address is valid.
PAGE 102
- 102 - MAC address of the client. Refer to the “Address Resolution Protocol Parameters” section of RFC 1700, Assigned Numbers, for a list of media type codes. To configure manual bindings, use the following commands beginning in global configuration mode: Router(config)# ip dhcp pool name Use the no form of this command to remove the configured DHCP address pool. Router(config-dhcp)# host-addr A.B.C.D/M Specifies the IP address and subnet mask (in prefix length) of the client.
PAGE 103
- 103 - To display DHCP server information, use the following commands in privileged EXEC mode, as needed: Command Purpose show ip dhcp Displays the current DHCP information. show ip dhcp binding Displays the DHCP address binding information. show ip dhcp conflict Displays the DHCP address conflict information. show ip dhcp server statistics Displays the DHCP server statistics. 8.
PAGE 104
- 104 - 8.2.2 Design Limitation and Restrictions • A maximum of 3 name servers can be specified. • Each server is tried for 4 times with 5 seconds of timeout, so if you configure the router with 3 name servers and if all three of them are not available, the DNS resolver will wait for 60 seconds before it gives up. User interruption is not allowed during the wait. • Each of the domains mentioned in the domain-list is queried within the wait time. 8.2.
PAGE 105
- 105 - Appendix A: Basic Troubleshooting In the unlikely event that the switch does not operate properly, follow the troubleshooting tips below. If more help is needed, contact Asanté’s technical support at www.asante.com/support. Problem Possible Solutions The Power LED is not lit. LED will turn off during system initialization. Check the power connection. Plug the power cord into another known working AC outlet. The primary power supply has failed.
PAGE 106
- 106 - Appendix B: Specifications The sections below list the features and product specifications for the IntraCore 35516 Series Gigabit Ethernet switches.
PAGE 107
- 107 - B.2 Technical Support and Warranty IntraCare™: Free technical support and advanced warranty support for 3 years. Includes free telephone support, 24-hour support via web and ftp, complete product warranty with second business day (within the United States) advanced replacement, and software maintenance agreement. ™ AsantéCare : Optional extended technical support and product warranty for 1–2 additional years. See Appendix C: FCC Compliance and Warranty Statements for more detailed information.
PAGE 108
- 108 - Appendix C: FCC Compliance and Warranty Statements C.1 FCC Compliance Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
PAGE 109
- 109 - C.3 IntraCare Warranty Statement Products: IntraCore 35516-T IntraCore 35516-G Duration: 3 years Advanced Warranty United States: Second Business Day Replacement: Other Countries: See your local distributor or reseller. 1. Asanté Technologies warrants (to the original end-user purchaser) the covered IntraCore products against defects in materials and workmanship for the period specified above.
PAGE 110
- 110 - Appendix D: Console Port Pin Outs The console port is used to connect with a terminal using a serial modem RS-232C cable (available from Radio Shack’s website, www.radioshack.com, catalog # 26-117). The setting is 9600-N81. The table below lists the pin outs.
PAGE 111
- 111 - Appendix E. Online Warranty Registration Please register the switch online at www.asante.com/support/warranty/index.html. By doing so, you’ll be entitled to special offers, up-to-date information, and important product bulletins. You may also register the switch by using the warranty card found in the printed Setup Guide.