User Guide for the Avaya P580 and P882 Multiservice Switches Software Version 6.1 Doc. No.
User Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1 © Copyright Avaya Inc., 2004 ALL RIGHTS RESERVED Produced in USA, May 2004 The products, specifications, and other technical information regarding the products contained in this document are subject to change without notice.
Table of Contents Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii Preface Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii Overview of User Guide Contents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx Avaya Products and Services. . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 2 — Setting Up the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1 Setting Up Your Laptop or PC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Performing Initial Setup of the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 Using Telnet to Manage the Switch . . . . . . . . . . .
Table of Contents Enabling the Simple Network Time Protocol . . . . . . . . . . . . . . . . . . . . . . . . . .3-3 Setting Summer Time Hours . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5 Setting Recurring Summer Time Hours . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5 Setting One-Time Summer Time Hours. . . . . . . . . . . . . . . . . . . . . . . . . .3-10 Setting the System Clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Localized Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 Engine ID. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3 Timeliness Checks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4 Views. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4 Overview . . . . . . . . . . . .
Table of Contents Egress Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-6 Creating and Implementing VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7 VLAN Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7 Creating a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7 Configuring VLAN Parameters . . . . . . . . . . . . . . . . . . . . .
Table of Contents Using the All Module Ports Configuration Web Page . . . . . . . . . . . . . . 8-39 Viewing Switch Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-41 Configuring Port Redundancy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-42 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-42 Creating a Port Redundancy Pair. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Supervisor Module Redundancy Statistics . . . . . . . . . . . . . . . . . . . . . . .10-13 Active and Standby Roles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-13 Synchronization Procedure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-15 Chapter 11 — Configuring DNS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Configuring the DVMRP Global Configuration . . . . . . . . . . . . . . . . . . 12-35 Modifying a DVMRP Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-38 Monitoring Switch Performance Using IP Statistics. . . . . . . . . . . . . . . . . . . 12-40 Displaying Global IP Routing Statistics . . . . . . . . . . . . . . . . . . . . . . . . 12-40 Searching the IP Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Recognizing Performance Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-20 Evaluating System Performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-21 Enabling Routing at the Module. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-23 Designing Safe, Efficient ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-24 Identifying the Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 16 — Configuring IPX Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 IPX Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1 IPX Datagram Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2 Configuring the Avaya Switch as an IPX Router . . . . . .
Table of Contents Deleting an AppleTalk Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19-9 Creating an AppleTalk Static Route . . . . . . . . . . . . . . . . . . . . . . . . . . . .19-10 Editing AppleTalk Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19-12 Deleting an AppleTalk Static Route . . . . . . . . . . . . . . . . . . . . . . . . . . . .19-13 Creating an AppleTalk Name-Binding Protocol (NBP) Filter . . . . . . . .
Table of Contents Enabling CGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-33 Viewing CGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-35 Chapter 21 — Monitoring the Avaya Multiservice Switch . . . . . . . . . . . . . . 21-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-1 Interpreting Front Panel LED Displays. . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 24 — Managing Buffers and Queues on 50-Series Modules . . . . . 24-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24-1 How Queues Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24-1 Managing Buffers and Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24-2 Chapter 25 — 80-Series QoS . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Resetting the QoS Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25-51 Displaying the Buffer Settings for Egress Queues . . . . . . . . . . . . . . . . 25-52 Appendix A — Upgrading the Application Software . . . . . . . . . . . . . . . . . . . A-1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .A-1 Backing Up the Current Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Preface Preface Contents This Preface contains the following information: ■ Overview of User Guide Contents ■ Technical Support ■ Avaya Products and Services ■ P580 and P882 Documentation ■ Document Conventions ■ Terminology ■ Documentation Feedback Overview of User Guide Contents This guide provides information and procedures for configuring the Avaya P580 and P882 Multiservice switches. You can use the Web Agent, command line interface (CLI), or SNMP to configure the switches.
Preface This guide is divided in to the following chapters: xviii ■ Chapter 1, Introduction — Provides an overview of hardware and software used on the P580 and P882. ■ Chapter 2, Setting Up the Switch — Explains how to initially configure the P580 and P882, create user accounts, configure protocols, manage configuration files, and configure the switches for dial-up networking.
Preface Document No. 10-300077, Issue 2 ■ Chapter 15, Configuring the OSPF Routing Protocol — Explains how to configure OSPF routing protocol on your switch. Also provided is information on OSPF statistical displays. ■ Chapter 16, Configuring IPX Routing — Explains how to configure IPX on your switch. ■ Chapter 17, Configuring the IPX RIP Protocol — Explains how to configure IPX RIP protocol on your switch.
Preface Technical Support To contact Avaya’s technical support: ■ From the United States: 1-800-237-0016 ■ From North America: 1-800-242-2121 ■ Outside North America: Contact your distributor Avaya Products and Services See the Avaya World Wide Web site at http://www.avaya.com for information about Avaya products and services.
Preface ■ Release Notes for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1 lists new software features, resolved issues, and known issues in v6.1 application software. ■ Functional Restrictions for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1 lists functional restrictions of switches that are running v6.1 application software. Functional restrictions are issues that restrict the functionality of a particular feature.
Preface 3. In the navigation pane, expand the System > Configuration folders, and then click Online Help. The Online Help Configuration Web page is displayed in the content pane. 4. In the HTTP Server Location field, enter the URL of the Web server followed by the TCP port that the Web server uses. You can enter either the host name or IP address for the URL. For example, http:// 10.10.10.10:80. The default setting for the TCP port is 2010. 5.
Preface Convention Represents Examples Using the Web Agent. The Web Agent consists of folders that you must expand to perform specific operations. The folders are located in the navigation pane of the Web Agent. In the navigation pane, expand Modules & Ports folder, and then click Configuration. Web Agent vs. Command Line Interface (CLI) steps. The procedures in this guide provide detailed steps for the Web Agent. A series of CLI commands are also available that accomplish the same actions.
Preface Terminology Throughout this guide, the term layer 2 refers to switching capability. For example, layer 2 module is a module that provides switching capability. The term layer 3 refers to the combined ability to switch and route. For example, layer 3 module is a module that provides both switching and routing capabilities. Documentation Feedback If you have comments about the technical accuracy or general quality of this document, please send an e-mail message to techpubs@avaya.com.
1 Introduction Overview The following information is provided in this chapter: ■ Switch Descriptions ■ Hardware Components ■ Software Features ■ Routing Overview Switch Descriptions The Avaya P580 and P882 Multiservice switches are high performance Gigabit Ethernet switches for LAN backbone applications. These switches are the centerpiece for Avaya data, voice, and multimedia LANs. The P580 switching capacity ranges from 46Gbps in Fabric mode 1 to 55Gbps in Fabric mode 2.
Chapter 1 Hardware Components Overview Chassis The Avaya switch chassis comes in two models: ■ The P580 chassis. ■ The P882 chassis. The P580 and P882 chassis can run in two modes: Fabric Mode 1 ■ Fabric Mode 1 = 55MHz or Fabric_mode 1 ■ Fabric Mode 2 = 66Mhz or Fabric_mode 2 Fabric mode 1 has a switching fabric performance of 1.76 Gigabits per second per fabric port. Fabric mode 1 modules operate at 55MHz only.
Introduction ■ The Power System ■ The M8000R-SUP Supervisor Module ■ Media Modules Avaya P580 Multiservice Switch Chassis The Avaya P580 Multiservice Switch chassis consists of: ■ Seven slots (1 slot for the supervisor module and six payload slots for media modules) ■ Fan Tray ■ Up to three power supplies ■ A 13x13 crossbar switch fabric Slots There are seven slots in the P580 chassis. Slot 1 is dedicated for a supervisor module and the remaining six are payload slots.
Chapter 1 Switch Fabric In Fabric mode 1, the switching fabric provides 45.76 Gbps aggregate bandwidth. In Fabric mode 2 (P580 only), the switching fabric provides 54.91 Gbps aggregate bandwidth. The crossbar switch matrix provides low latency, high throughput packet switching using a crossbar architecture (Figure 1-1). Figure 1-1. Crossbar Architecture Port 1 1.76 Gb/s Port 2 22.88 Gb/s 45.76 Gb/s Port 1 1.
Introduction Avaya P882 Multiservice Switch Chassis The Avaya P882 Multiservice Switch Chassis consists of: Slots ■ Seventeen slots (1 slot for the supervisor module and sixteen payload slots for media modules) ■ Fan Tray ■ Up to three power supplies ■ A 33x33 crossbar switch fabric The P882 chassis provides seventeen slots. Slot 1 is dedicated for a supervisor module and the remaining sixteen are payload slots. In Fabric mode 1, the P882 Chassis supports up to 15 payload slots.
Chapter 1 Switch Fabric In Fabric mode 1, the switching fabric provides a 16x16 crossbar with 56.32 Gbps aggregate bandwidth. In Fabric mode 2, the switching fabric provides a 33x33 crossbar with 139.392 Gbps aggregate bandwidth. The crossbar switch matrix provides low latency, high throughput packet switching using a crossbar architecture. The Avaya P882 Multiservice switch chassis crossbar supports: ■ 33 fabric ports (two per I/O module slot, plus one for the supervisor module - Fabric mode 2). ■ 1.
Introduction Static Power Allocation The switch uses static power allocation at startup when the switch has insufficient power to turn on all modules in the chassis. When using static power allocation, the switch turns on the module in slot 2 (slot 3 if slot 2 contains a redundant supervisor) and then turns on each consecutive module for which sufficient power is available. When the switch reaches a module for which insufficient power is available, the switch stops attempting to turn on modules.
Chapter 1 3. Modules 11 and 12 remain turned off. 4. Module 13 is turned on. 5. Modules 14 through 17 remain turned off because all available power is now consumed. The M8000R-SUP Supervisor Module Functions The M8000R-SUP supervisor module is responsible for learning addresses and managing the address cache, as well as protocol management and switch management. The supervisor module is part of the path that some packets take through the system.
Introduction Table 1-1. Supported Memory, Boot Code, and Software Configurations Memory (in MB) Boot Code Software Version Switch Boots? Support of Configuration 64 v5.00.01 Earlier than 6.0 Boots Supported 64 v5.00.01 6.0 or later Does not boot Unsupported 64 v6.00.00 Earlier than 6.0 Boots Unsupported 64 v6.00.00 6.0 or later Boots, but displays the following error message: Unsupported WARNING! The current version of application code (v6.01.
Chapter 1 Redundant Supervisor The redundant supervisor module is an auxiliary (standby) supervisor module that acts as a fault-tolerant supervisor in the event that the active supervisor fails. The redundant supervisor provides a seamless solution to switch failure. Once the redundant supervisor is installed, loaded with the same software version as the active supervisor, and synchronized, it is ready to act as a backup to the active supervisor.
Introduction 50-Series Media Modules Table 1-2 lists the 50-series (also called series 1), layer 2 and layer 3, Fast Ethernet modules that the Avaya P580 and P882 Multiservice switches support. * Note: HDX stands for Half Duplex, FDX stands for Full Duplex. Table 1-2.
Chapter 1 Table 1-3.
Introduction Table 1-5. 80-Series Gigabit Modules Model Number Description M8004R1000GB 4-port, Gigabit Interface Card (GBIC) based module. This module can be configured with up to 4 GBIC optical modules. The 4-port GBIC module supports the following GBIC-type connectors: • 1000BASE-SX (850 nM) — 50-micron multimode fiber (MMF) for distances up to 550m — 62.5-micron MMF for distances up to 260m • 1000BASE-LX (1300 nM) — 50-micron MMF for distances up to 550m — 62.
Chapter 1 Table 1-5. 80-Series Gigabit Modules Model Number Description M8004R-1000T 4-Port 1000BASE-T module with RJ-45 connectors (layer 2 and layer 3 support), 100M M8008R-1000T 8-Port 1000BASE-T module with RJ-45 connectors (layer 2 and layer 3 support), 100M 2 of 2 Table 1-6 lists the 80-series Fast Ethernet modules that the Avaya P580 and P882 Multiservice switches support. Table 1-6.
Chapter 1 The major features of the ATM Uplink module are: ■ LANE V2 Client - with LANE 1 compatibility, supports 128 interfaces ■ QoS (Quality of Service) support for UBR, nrt-VBR, rt-VBR, and CBR ■ ATM UNI (User-to-Network Interface) V 3.0, 3.1 and 4.0 signaling ■ RFC 1483 support ■ ILMI (Integrated Local Management Interface) Version 4.
Chapter 1 Security The P580 and P882 support the following security features: ■ Secure Mode—Secure mode restricts management of the switch to the following secure protocols: HTTPS, SSH, and SNMPv3. For information on secure mode, see Chapter 4, “Security.” ■ SSHv2—SSH is a protocol for secure remote login and other secure services. SSH provides a secure service that is similar to Telnet. For information on SSHv2, see Chapter 4, “Security.
Introduction The hardware on all multiservice switches support port-based VLANs with the following characteristics: ■ Frames classified as Layer 1 (port-based) when they enter the switch ■ Explicitly tagged VLAN packets — these are forwarded based on the information in the packet. ■ Up to 1,000 VLANs — VLANs define a set of ports in a flooding domain. Packets that need to be flooded are sent only to ports participating in that VLAN.
Chapter 1 ■ Dual-Layer Spanning Tree ■ Global Disable For more information about Spanning Tree, see Chapter 7, “Configuring Rapid Spanning Tree.” Extensive Fault Tolerance All multiservice switches are designed to function as backbone switches. You can install each switch in your network’s core without creating a single point of failure. Extensive fault tolerance features include: ■ Port redundancy. If the primary port fails, the secondary port becomes the active port.
Introduction Routing Protocols The P580 and P882 support the following routing protocols: ■ IRDP. For information on IRDP, see Chapter 12, “Configuring IP Routing.” ■ RIP. For information on RIP, see Chapter 14, “Configuring RIP Routing.” ■ OSPF. For information on OSPF, see Chapter 15, “Configuring the OSPF Routing Protocol.” ■ IPX. For information on IPX, see Chapter 16, “Configuring IPX Routing.” ■ IPX RIP. For information on IPX RIP, see Chapter 17, “Configuring the IPX RIP Protocol.
Chapter 1 50-Series Buffers and Queues Buffer and queue management relieves congestion in a network. Adding gigabit speeds to existing networks means that there can be a huge disparity between link speeds. For example, anything more than a 1-percent load on a gigabit link could easily overwhelm a 10 Mb/s Ethernet link.
Introduction System Management The P580 and P882 support the following system management features: ■ LDAP. For information on LDAP, see Chapter 12, “Configuring IP Routing.” ■ RMON. For information on RMON, see Chapter 23, “Using RMON and Ethernet Statistics to Analyze Network Performance.” ■ SNMP. For information on SNMP, see Chapter 5, “Configuring SNMP.” ■ Port mirroring. For information on port mirroring, see Chapter 23, “Using RMON and Ethernet Statistics to Analyze Network Performance.
Chapter 1 * Note: Layer 2 traffic that does not require routing is bridged independently of the layer 3 traffic based on the MAC address or VLAN information. Routing with Layer 2 and Layer 3 Modules When a switch contains a combination of layer 2 and layer 3 modules, IP and IPX routing is performed by the layer 3 media modules or the supervisor module using special ASICs present on those modules. These ASICs contain an address cache (forwarding table) that can contain a maximum of 20,000 cache entries.
Introduction ■ Since layer 2 modules have no routing capability, packets that are received by a layer 2 module and require routing are forwarded by sending the packet to the 50-series layer 3 or 80-series supervisor module. The routing engine on the supervisor module then performs the routing operation for the layer 2 modules and sends the packet back through the switching fabric to the destination port.
Chapter 1 1-24 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
2 Setting Up the Switch Overview The following information and procedures that are provided in this chapter are common to both layer 2 and layer 3 module: ■ Setting Up Your Laptop or PC ■ Performing Initial Setup of the Switch ■ Using Telnet to Manage the Switch ■ Using the Web Agent to Configure the Switch ■ Configuring Custom Access Types ■ Configuring User Accounts ■ Changing the Console Serial Port Settings ■ Configuring Dial-Up Networking ■ Changing the TCP Ports for HTTP and Telnet
Chapter 2 Setting Up Your Laptop or PC You need a laptop or PC to make a serial line connection to the switch to complete initial switch setup. Table 2-1 lists the settings required for the laptop or PC to communicate with the switch. Table 2-1.
Setting Up the Switch Figure 2-1. Avaya P580 Multiservice Switch Front View Attach serial port cable here (console port) Attach Ethernet cable here (10Base-T or 10/ 100Base-T) Supervisor Module front panel 2. Run a terminal emulation program (HyperTerminal, for example) on the attached laptop or PC. Verify that the laptop or PC monitor settings match those listed in Table 2-1. 3. Turn on the switch. The switch displays a series of startup messages in the terminal emulation program: 4.
Chapter 2 * Note: Avaya strongly recommends that you change the default password. d. Enter the IP address for the switch manager’s Ethernet console. e. Enter the subnet mask. f. Enter the default gateway for the switch. The following is a sample output of the Setup command to change or modify the Supervisor’s Ethernet Console’s IP address, subnet mask, default gateway or changing the super user password. Welcome to Switch Setup.
Setting Up the Switch You can now connect to the switch using the front-panel out-of-band 10Base-T connection. This allows you to log in using either the embedded Web Agent or the EMS. See the Installation and Operation guides for instruction on establishing additional IP network connections. Connecting to the Supervisors 10/ 100Base-T port Connect one end of a crossover patch cable to the 10/100Base-T on the Supervisor module front panel (Figure 2-1). Connect the other end to an out of band device.
Chapter 2 ■ Viewing Active Telnet Sessions ■ Telnet Session Expiration Timer As a more secure alternative to Telnet, you can use SSHv2. For information on using an SSH connection to manage the switch, see “SSHv2” in Chapter 4, “Security.” Setting up a Management Interface Before you can establish a Telnet session you must configure an IP interface to allow management of the switch.
Setting Up the Switch Although it is possible to establish nested Telnet sessions, Avaya recommends that you establish a separate Telnet session for each switch that you want to manage. A nested Telnet session occurs when you establish a Telnet session from a client to one switch, then through that session, open another Telnet session to a second switch. Having a separate Telnet session for each switch that you want to manage helps to avoid confusion.
Chapter 2 Table 2-3 lists the minimum, maximum, and default values for the Telnet inactivity timer. Table 2-3. Telnet Inactivity Timer CAUTION: Minimum value: 0 seconds Disables inactivity timer Default value: 900 seconds Expiration time is 15 minutes. Maximum value: 65,536 seconds Expiration time is approx. 18 hrs. Avaya recommends that you not disable the inactivity timer. If the inactivity timer is disabled and the maximum number of Telnet sessions is open, none of them will expire.
Setting Up the Switch Opening the Web Agent Although the Web Agent is supported by any frames-capable browser, the system has been specifically qualified only with the following browsers: ■ Microsoft Internet Explorer 5.5 or later. To download Microsoft Internet Explorer, see http://www.microsoft.com. ■ Netscape Navigator 7.0 or later. To download Netscape Navigator, see http://www.netscape.com. To open to the Web Agent: 1. Start your browser. 2.
Chapter 2 Figure 2-2. Enter Network Password Dialog Box 5. In the User Name field, enter a valid user name. The default super user name is root. 6. In the Password field, enter a valid password. The default password is root. 7. Click OK. The General Information Web page is displayed in the content pane. See Figure 2-3. *Note: To optimize security, change the root password for the system as soon as possible. 2-10 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Setting Up the Switch Figure 2-3. General Information Web Page Navigation pane Content pane System Status pane Logging Out of the Web Agent To exit the Web Agent securely, you must log out of the Web Agent and close all open browser windows. If you do not log out and close all open browser windows, it is possible that another user could access the Web Agent and change the switch configuration.
Chapter 2 To log out of the Web Agent: 1. In the navigation pane, expand the System folder. 2. Click Logout. The Logout Web page is displayed in the content pane. See Figure 2-4. Figure 2-4. Logout Web Page 3. Click YES to log out. 4. Close all other open Web browser windows. Configuring Custom Access Types Overview Custom access types make it possible for you to create a user profile that has specific functional privileges.
Setting Up the Switch After creating one or more custom access types (user profiles), you can create a user account and assign a custom access type to that account. The user is then able to manage the switch based on the custom access type that was assigned to his or her user account. The switch supports a maximum of 30 custom access types.
Chapter 2 Figure 2-6. Create Custom Access Type Web Page 3. In the Type Name field, enter a name for the custom access type. You can enter up to 31 characters. Do not use spaces. 4. For each feature in the Accessible Features list, select the permission that you want to assign the custom access type: — Read-Write allows users to view and modify settings for the feature. — Read-Only allows users only to view settings for the feature.
Setting Up the Switch Modifying a Custom Access Type Web Agent Procedure To modify a custom access type: 1. In the navigation pane, expand the System > Administration folders, and then click Custom Access Types. The Custom Access Types Web page is displayed in the content pane. See Figure 2-5. 2. In the Type Name field, select the custom access type that you want to modify. 3. Click Modify. The Modify Custom Access Type Web page is displayed in the content pane. See Figure 2-7. Figure 2-7.
Chapter 2 CLI Command To modify a custom access type, use the following CLI command: (configure)# set custom-access-type [sys-configuration {ro | rw | none}] [module-port-mgmt {ro | rw | none}] [events-mgmt {ro | rw | none}] [l2-switching {ro | rw | none}] [routing {ro | rw | none}] * Note: Unlike the custom-access-type command that you use to create a custom access type, you must specify read-only, read-write, or no permission when you use the set custom-access-type command to modify a custom
Setting Up the Switch CLI Command To delete a custom access type, use the following CLI command: (configure)# no custom-access-type Configuring User Accounts This section contains procedures for the following tasks: ■ Configuring User Account Security ■ Creating a User Account ■ Modifying a User Account ■ Changing Your Password ■ Disabling a User Account ■ Deleting a User Account You must have administrator access to configure user accounts.
Chapter 2 Figure 2-9. User Account Management Web Page 3. In the Login Attempts field, enter the number of login attempts that you want to allow users. When a user exceeds the limit for login attempts, his or her user account is disabled and the switch displays an error message. Valid values for this field are 3 to 99 login attempts. 4. In the Timeout Limit (secs) field, enter the number of seconds that you want a user account disabled when the limit for login attempts is exceeded.
Setting Up the Switch CLI Commands To configure user account security, use the following CLI command: (configure)# set login [attempts ] [timeoutlimit ] [min-password-length ] To view the current settings for user account security, use the following CLI command: # show login Creating a User Account You can create up to 27 user accounts.
Chapter 2 Figure 2-10. Add User Account Web Page 4. In the User Name field, enter a unique user name. User names can consist of a maximum of 31 characters. 5. In the Password field, enter a password for the user name. Passwords can consist of a maximum of 31 characters. *Note: Do not use a combination of the following special characters for the password ;, ?, \,(,),#, $,%, ^, &, or *. 6. In the Re-enter Password field, reenter the password that you entered in the Password field. 7.
Setting Up the Switch 8. In the Expiration Warning (weeks) field, enter the number of weeks before user account expiration that you want the user warned. The expiration warning can range from 0 to the expiration period. A setting of 0 indicates that no warning is generated. 9. In the Access Type field, select an access type for the user. The options are: — READ_ONLY — READ_WRITE — ADMINISTRATOR — Custom access types—All custom access types that are configured on the switch are displayed.
Chapter 2 Modifying a User Account To modify a user account: 1. In the navigation pane, expand the System > Administration folders. 2. Click User Accounts. The User Account Management Web page is displayed in the content pane. See Figure 2-9. 3. In the User Name field, select the user account that you want to modify. 4. Click Modify. The Modify User Account Web page is displayed in the content pane. See Figure 2-11. Figure 2-11. Modify User Account Web Page 5. To change the user password: a.
Setting Up the Switch 6. To change the number of weeks for which the user account is valid, change the setting of the Expiration Period (weeks) field. The expiration period can range from 3 to 999 weeks. The default setting is 0, no expiration. 7. To change the number of weeks before user account expiration that the user is warned, change the setting of the Expiration Warning (weeks) field. The expiration warning can range from 0 to the expiration period.
Chapter 2 Changing Your Password All users can change their own passwords. Web Agent Procedure To change your password: 1. In the navigation pane, expand the System folder. 2. Click Change Password. The Change Password Web page is displayed in the content pane. See Figure 2-12. Figure 2-12. Change Password Web Page 3. In the Old Password field, enter your currently active password. 4. In the New Password field, enter a new password. Passwords can consist of a maximum of 31 characters.
Setting Up the Switch Disabling a User Account For security reasons, you may want to disable certain user accounts, such as the manuf and diag accounts. Web Agent Procedure To disable a user account: 1. Expand the System > Administration folders. 2. Click User Accounts. The User Account Management Web page is displayed in the content pane. See Figure 2-9. 3. Select the manuf or diag account that you want to disable. 4. Click Modify. The Modify User Account Web page is displayed in the content pane.
Chapter 2 Figure 2-13. Delete User Account Web Page 5. Click YES to delete the user account. CLI Command To delete a user account, use the following CLI command: (configure)# no username Changing the Console Serial Port Settings You can change the communications settings for the serial port connection located on the front panel of the layer 3 supervisor module from the Web Agent. The switch’s console port is initially configured as a TTY Console to support a TTY connection.
Setting Up the Switch Configuring the Serial Console Port as a TTY Console You can configure the serial port as a TTY console using either the Web Agent or the CLI. Web Agent Procedure To configure the console serial port as a TTY Console using the Web Agent: 1. In the navigation pane, expand the System > Configuration folders, and then click Console Configuration. The Console Configuration Web page is displayed in the content pane. See Figure 2-14. Figure 2-14. Console Configuration Web Page 2.
Chapter 2 Figure 2-15. Console Port Configuration Web Page 3. See Table 2-4 and configure the other Console Port Configuration Web page parameters. 4. Click APPLY to save your changes, or CANCEL to clear your selection. Table 2-4.
Setting Up the Switch Configuring the Serial Console Port as a PPP Console You can reconfigure the serial port as a PPP console to support a dial-in PPP connection using either the Web Agent or the CLI. Before you can do so, however, you must connect a modem to the switch. * Note: If you do not configure an IP address for the PPP serial interface, the switch immediately sends the modem configuration string. If you type TTY, you will re-access the CLI login prompt.
Chapter 2 Web Agent Procedure To configure the console serial port as a PPP console from the Web Agent: 1. In the navigation pane, expand the System > Configuration folders, and then click Console. The Console Configuration Web page is displayed in the content pane. See Figure 2-14. 2. Select PPP as the console type and click SELECT. The Console Port Configuration Web page is displayed in the content pane and displays PPP for the Console Type (Figure 2-17).
Setting Up the Switch 5. Enter the modem initialization command in the Modem Init Cmd field. The default modem configuration init command is AT&D0SO=1. See Table 2-5 for a definition of the Modem Configuration Init command parameters. Table 2-5.
Chapter 2 Regaining Configuration Access to the PPP Serial Port Console If you incorrectly configure the PPP serial port console, you cannot regain configuration access to the Web Agent or the CLI. This is a temporary situation and can corrected. To regain configuration access to the Web Agent or the CLI when the console port is in PPP mode: 1. Enter TTY in the console window. The CLI login prompt displays. It may be necessary to press Enter several times to see the login prompt.
Setting Up the Switch 5. Open the Select a Modem pull-down menu. 6. Select your modem and select Configure. The Modem Properties window opens. 7. Select the Connection tab. The Connection window opens. 8. Select the following from the Connection Preferences window: — Open the Data bits pull-down menu and select 8. — Open the Parity pull-down menu and select None. — Open the Stop bits pull-down menu and select 1. 9. Select Advanced. The Advanced Connection Settings window opens. 10.
Chapter 2 24. Select OK to close the TCP/IP window. 25. Select OK to close the New Connections Properties window. Using Dial-Up Networking with a PPP Serial Port Console To use TCP/IP applications (Telnet, HTTP, and SNMP) over your PPP serial port interface: 1. Open My Computer on your PC. 2. Double-click Dial-Up Networking. The Dial-Up Networking program folder opens. *Note: You must have dial-up networking installed on your PC. 3. Double-click the PPP modem you previously created.
Setting Up the Switch Changing the TCP Ports for HTTP and Telnet Overview For security purposes, you may want to change the TCP port number for Telnet requests and HTTP requests. The default settings for these ports are the well-known TCP ports. HTTP requests use TCP port 80, and Telnet requests use TCP port 23. Once you change the TCP port number for HTTP, only users who know the new port number can open the Web Agent.
Chapter 2 Figure 2-18. TCP Ports Web page 3. To change the TCP port for Telnet requests, in the Port Number field for Telnet, enter the port number that you want to use. Valid port numbers are 23 or a port number from 9000 through 65355. The default port for Telnet is port 23. 4. To change the TCP port for SSH requests, in the Port Number field for SSH, enter the port number that you want to use. Valid port numbers are 22 or a port number from 9000 through 65535. The default port for SSH is port 22. 5.
Setting Up the Switch CLI Commands To change the TCP port for Telnet requests, use the following CLI command: (configure)# ip telnet port To change the TCP port for HTTP requests, use the following CLI command: (configure)# ip http port To view the current TCP port settings for Telnet and HTTP, use the following CLI command: > show tcp configuration * Note: You must have administrative privilege to enter these commands.
Chapter 2 Managing Configuration Files When you first install the switch, or upgrade from a previous installation, your configuration parameters are stored in a startup.txt file located in the switch’s Non-Volatile Random Access Memory (NVRAM). When the switch is restarted, the startup.txt file runs and stores configuration parameters in volatile RAM as a running configuration. Any changes you make to the switch configuration are automatically recorded in RAM, but not in NVRAM.
Setting Up the Switch Viewing the Running Configuration You must have administrator access to view the running configuration. Web Agent Procedure To view the running configuration: 1. In the navigation pane, expand the System > Configuration > Configuration Files folders. 2. Click Running Config. The Running Configuration Web page is displayed in the content pane.
Chapter 2 Copying Configuration Files You must have administrator access to copy the configuration files. If you make any changes, you must save the running configuration as the startup configuration to save the changes. Before you do this, always copy your startup configuration to a file on the switch or on a TFTP server. You can save the running configuration to the startup configuration and copy the startup configuration to a file using either the Web Agent or the CLI.
Setting Up the Switch Figure 2-19. Configuration File Management Web Page 2. Click Save. The running configuration is saved as the startup configuration. * Note: You can also save the running configuration to the startup configuration through the Configuration File Management Web page. See “Copying Files” for that procedure.
Chapter 2 Copying Files You must have administrator access to copy text files and BOOT, APP1, and APP2 images. You can copy files to and from multiple locations. For example, if you modify the running configuration and you want to reinstate your startup configuration parameters, you can copy your startup configuration to your running configuration in volatile RAM.
Setting Up the Switch Table 2-6. Configuration File Management Web Page Parameters Parameter Description Options Copy Destination Specifies the location of the destination • Unspecified- Specifies an initialized value. • File - Specifies that a source is copied or downloaded to NVRAM. • Running-Config - Specifies that a source is copied to the running configuration. • Startup-Config - Specifies that a source is copied to the startup configuration.
Chapter 2 — TFTP Server — Copies your startup or running configuration, or another file located on the switch, to a location on a TFTP server. *Note: If you select File or TFTP Server, you must also provide the path and filename of the destination file in the Source Destination field. 4. Enter the IP address of the source or destination TFTP server in the TFTP Server IP Address field, if applicable. 5. Click Copy. The source configuration or file is copied to your specified destination.
Setting Up the Switch Viewing the Status of a TFTP Transfer After you have copied the startup configuration or other files to a TFTP server, you can use either the Web Agent or the CLI to check the status of the TFTP transfer to ensure that files copied correctly. Web Agent Procedure To view the status of a TFTP transfer using the Web Agent: 1. In the navigation pane, expand the System > Configuration > Configuration Files folders, and then click File Management.
Chapter 2 2-46 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
3 Configuring System Information Overview You can manage system information by using either the Web Agent or the CLI.
Chapter 3 Entering General System Information You can enter general information about your system by using either the Web Agent or the CLI. Web Agent Procedure You can enter general system information using the following Web Agent fields: ■ Switch name ■ Device location ■ Device contact To enter general system information from the Web Agent: 1. In the navigation pane, expand the System folder, and then click General Information. The General Information Web page is displayed in the content pane.
Configuring System Information 4. Enter the person who should be contacted in the event of a problem in the Contact field. 5. Click APPLY to save your changes, or CANCEL to clear your selection. Enabling the Simple Network Time Protocol You can enable Simple Network Time Protocol (SNTP) on your switch using either the Web Agent or the CLI. Enabling SNTP automatically synchronizes time on all computers, switches, and other devices connected to your switch.
Chapter 3 2. Select Simple Network Time Protocol (SNTP) from the Clock Options box. The SNTP Client Configuration Web page is displayed in the content pane. See Figure 3-3. Figure 3-3. SNTP Client Configuration Web Page 3. Select Enable from the Enable State pull-down menu. The default is Disable. 4. Enter the server IP address in the Server IP address field for the switch on which you want to enable SNTP. 5. Click APPLY to save your changes, or CANCEL to clear your selection.
Configuring System Information Setting Summer Time Hours Summer Time Hours, also referred to as Daylight Savings Time (DST), is the strategy of moving clocks ahead to provide greater amounts of daylight in the afternoon and to standardize time with other parts of the world. In many parts of the world, the Summer Time Hours algorithm is based on a standardized rule.
Chapter 3 Figure 3-4. System Clock Web Page 2. Select Summer Time Hours Algorithm from the Clock Options field. The Summer Time Hours Configuration Web page is displayed in the content pane. See Figure 3-5. 3-6 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring System Information Figure 3-5. Summer Time Hours Web Page 3. Select Enable from the Enable State pull-down menu. 4. Enter the reset value for the clock in minutes in the Offset field. For example, if you intend to reset the clock forward or backward by one hour, keep the default value of 60 minutes. 5. Set the Summer Time Hours that recur annually: a. Select the check box in the Recurring field. b. Select the values for the Week, Day, and Month when the Summer Time Hours are to start and end.
Chapter 3 See Table 3-1 for detailed information about the fields in the Recurring Summer Time Hours section of the Summer Time Hours Configuration Web page. Table 3-1. Recurring Summer Time Hours Parameters Parameter Definition Recurring Select if the Summer Time Hours option is defined by a rule such as Daylight Savings Time (DST - all Start and End fields associated with Recurring Summer Time Hours provide the default values for DST).
Configuring System Information Table 3-1. Recurring Summer Time Hours Parameters Parameter Definition Day Select the day of the week when you want recurring Summer Time Hours to start or end. Options are based on a seven-day week and include: • Sunday - the default Start and End values. In the Western hemisphere, DST starts on the first Sunday in April and ends on the last Sunday in October.
Chapter 3 Setting One-Time Summer Time Hours You can set one-time summer time hours using either the Web Agent or the CLI. Web Agent Procedure To set Summer Time Hours that are not based on a standard rule using the Web Agent: 1. In the navigation pane, expand the System > Configuration folders, and then click System Clock. The System Clock Web page is displayed in the content pane. See Figure 3-4. 2. In the Clock Options field, click Summer Time Hours Algorithm.
Configuring System Information Table 3-2. One-Time Summer Time Hours Configuration Parameter Definition Start Specifies the start of Summer Time Hours. End Specifies the end of Summer Time Hours. 2 of 2 CLI Command To set Summer Time Hours that are not based on a standard rule using the CLI, enter the following command from Configure mode: (configure)# clock summer-time date Setting the System Clock The system clock is used for setting traps, alarms, and other events on the switch.
Chapter 3 Figure 3-6. System Clock Web Page 2. Enter the time in the Current Time Setting Hour, Minutes, and Seconds fields using 24-hour time format (for example, 10 p.m. is 22:00 00. 3. Select the time zone for your area from the Time Zone pull-down menu. 4. Enter the current Month, Date, and Year in the Current Date Setting fields. 5. Click APPLY to save your changes, or CANCEL to clear your selection.
Configuring System Information Setting the Temperature System You can set the upper and lower temperature warning systems for the switch backplane and slot 1. These warning systems cause the following to happen if the temperatures you set are reached: ■ Shutdown Temperature—The switch shuts down if this temperature is reached. ■ Upper Warning Temperature—The switch generates an alarm if this temperature is reached.
Chapter 3 2. In the Slot 1 Sensor and Backplane Sensor fields, enter the desired temperature warnings. * Note: The P882 does not display the current temperature of the backplane. In the Current Temperature field, the switch displays --. * Note: If a redundant Supervisor module is installed, the Slot 2 Sensor column displays. * Note: You cannot change settings for the backplane temperature sensors on the P882.
Configuring System Information Displaying the Power System Statistics You can display the statistics for your switch’s power system from the either the Web Agent and the CLI. Web Agent Procedure To display your switch’s power system statistics using the Web Agent: 1. In the navigation pane, expand the System > Configuration folders, and then click Power System. The Power System Web page is displayed in the content pane and displays your switch’s current power statistics. See Figure 3-8. Figure 3-8.
Chapter 3 two of the three power supplies. The third power supply is a redundant power supply and is used only if one of the other power supplies fails. CLI Command To display your switch’s power system statistics using the CLI, enter the following command from the User mode: > show system power Displaying Cooling System Statistics You can display the statistics for your switch’s cooling system from either the Web Agent or CLI.
Configuring System Information Figure 3-10. P882 Cooling System Status Web Page 2. Check the Status column to ensure that all the individual components are operational. 3. If a component’s status is non-operational, power down the switch and contact a service representative to diagnose the failing unit.
Chapter 3 Figure 3-11. System Reset Page Web Page 2. Select Save to save your Running Configuration (Running-Config to the startup configuration (Startup-Config before performing a system reset. *Note: If you do not save your Running-Config to Startup-Config before you reset the switch, you will lose all of the modifications you made. 3. Click YES to reset the switch, or NO to cancel the operation.
4 Security Overview This chapter contains the following topics: ■ Secure Mode ■ SSHv2 ■ HTTPS Using SSLv3 or TLSv1 ■ RADIUS Client Support For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1. Secure Mode Overview *Important: Avaya recommends that you enable secure mode on all switches that are running v6.0 and later application software.
Chapter 4 When secure mode is enabled: ■ All non-secure protocols, such as Telnet, HTTP, and SNMPv1 and v2 are automatically disabled. ■ You cannot use IP to manage the standby supervisor module. Any IP interfaces that you configured to access the redundant supervisor module are deleted. Table 4-1 describes exactly what happens when you enable and disable secure mode. Table 4-1. Secure Mode When you enable secure mode... When you disable secure mode... SNMP v1 and v2 are automatically disabled.
Security Enabling Secure Mode To enable secure mode, use the following CLI command: (configure)# secure-mode Disabling Secure Mode To disable secure mode, use the following CLI command: (configure)# no secure-mode Viewing the Secure Mode Setting To view the secure mode setting, use the following CLI command: > show secure-mode SSHv2 Overview Purpose of SSH The Avaya Multiservice switch supports Secure Shell (SSH) version 2 for clients and servers.
Chapter 4 Encryption Ciphers The Avaya Multiservice switch supports Blowfish and 3DES encryption ciphers. When the client connects to the host, the client supplies a list of ciphers that it supports. The server selects the strongest common cipher. You can also configure the Avaya Multiservice switch to force use of a single cipher. User Authentication The Avaya Multiservice switch supports only password authentication.
Security Figure 4-1. TCP Ports Web Page 3. In the State field for Telnet, select Disable. 4. In the Port Number field for SSH, enter the port number you want to use for SSH. Valid SSH ports are 22 and 9000 to 65,535. The default port for SSH is port 22. 5. In the State field for SSH, select Enable. SSH is disabled by default. 6. Click Apply. SSH is enabled on the specified port.
Chapter 4 CLI Command To disable SSH, use the following CLI command: (configure)# no ip ssh Generating an SSH Server Key The Avaya Multiservice switch currently supports RSA and DSA key types. You can specify the key length of 768, 1024, or 2048 bytes. A key of length 1024 bytes provides more robust security and is the default key type. The key pair is saved to the local server.
Security CLI Command To generate SSH key pairs and save them on the local server, use the following CLI command: (configure)# ssh keygen [{rsa | dsa}] [key-size {768 | 1024 | 2048}] Displaying the Public SSH Key The SSH Server Key is sent to the client in an SSH connection. To display the public server key, use the following CLI command: (configure)# show ssh public-key This functionality is available only in the CLI. You cannot use the Web Agent to display the public SSH key.
Chapter 4 Figure 4-3. SSH Configuration Web Page 3. In the Server Idle Timeout field, specify the timeout on a connection. Valid range is 0 to 1800 seconds. The default is 600 seconds. 4. Click Apply. CLI Commands To configure SSH, use the following CLI command: ■ 4-8 To set the server idle timeout, (configure)# ssh timeout [] User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Security Displaying SSH Connections CLI Command To display current SSH sessions, use the following CLI command: # show ssh sessions To end an SSH session, use the following CLI command: (configure)# clear ssh This functionality is available only in the CLI. You cannot use the Web Agent to display all current SSH sessions. Sample Output Sample output of the show ssh sessions command is as follows: SessionId User RemoteIp:Port ---------- ---------- -------------0 jsmith 10.10.6.
Chapter 4 HTTPS Using SSLv3 or TLSv1 Overview The Avaya P580 and P882 Multiservice switches support Secure Socket Layer, version 3 (SSLv3), and Transport Layer Security, version 1.0 (TLSv1). SSL and TLS are protocols that provide data security between application protocols (such as HTTP, Telnet, NNTP, FTP) and TCP/IP.
Security This section contains the following information and procedures: ■ Supported Cipher Suites ■ Viewing Cipher Suites ■ Viewing the SSL Configuration ■ Creating a Self-Signed SSL Server Certificate ■ Viewing the Server Certificate ■ Enabling SSL/HTTPS ■ Restarting SSL/HTTPS ■ Reverting to a Backup Certificate Supported Cipher Suites The P580 and P882 Multiservice switches support the following cipher suites: ■ ■ Document No.
Chapter 4 Viewing Cipher Suites Web Agent Procedure To view available cipher suites: 1. In the navigation pane, expand the System > Administration > Security > SSL folders. 2. Click Ciphers. The SSL Ciphers Web page is displayed in the content pane. This page lists the available cipher suites. CLI Command To view the available cipher suites, use the following CLI command: > show ssl ciphers Viewing the SSL Configuration Web Agent Procedure To view the SSL configuration: 1.
Security Creating a Self-Signed SSL Server Certificate Overview A self-signed certificate is a certificate for which the issuer is the same as the subject (the entity whose public key is being authenticated by the certificate). To create a self-signed certificate, you must first complete a certificate signing request (CSR) and then you can self-sign it. Once selfsigned, the certificate is saved to a temporary file in the nonvolatile RAM (NVRAM).
Chapter 4 Figure 4-5. SSL Server Certificate Request Web Page 4. Enter the appropriate information in the following fields: 4-14 ■ Key Type—RSA only. ■ Key Length—Select the length of the key. Options are 512 or 1024 bits. ■ Two-digit Country Code—Enter your country code. ■ State or Province (full name)—Enter your state or province. ■ City—Enter the name of your city. ■ Organization or Company Name—Enter your organization or company name.
Security 5. Click Create Self-Signed Certificate. 6. Restart SSL for the new certificate to take effect. For information on how to restart SSL, see “Restarting SSL/HTTPS” later in this chapter. CLI Command To create a self-signed certificate, use the following commands: ■ To create a CSR, (configure)# ssl certreq [{512 | 1024}] ■ To self-sign the CSR, (configure)# ssl selfcert Viewing the Server Certificate Web Agent Procedure To view the SSL server certificate: 1.
Chapter 4 Figure 4-6. SSL Server Certificate Web Page CLI Command To view the SSL certificate, use the following CLI command: > show ssl cert 4-16 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Security Enabling SSL/HTTPS Before you can enable SSL/HTTPS on the switch, you must disable HTTP. Web Agent Procedure To enable SSL/HTTPS: 1. In the navigation pane, expand the System > Administration folders. 2. Click TCP Ports. The TCP Ports Web page is displayed in the content pane. See Figure 4-1. 3. In the State field for HTTP, select Disable. 4. In the Port Number field for SSL/HTTPS, enter the port number that you want SSL/HTTPS to use. Valid ports are 443 or 9000 to 65,535.
Chapter 4 Restarting SSL/HTTPS You must restart SSL after updating the certificate information. Web Agent Procedure To restart SSL: 1. In the navigation pane, expand the System > Administration > Security > SSL folders. 2. Click Configuration. The SSL Configuration Web page is displayed in the content pane. See Figure 4-4. 3. Click Restart.
Security RADIUS Client Support Overview Purpose of RADIUS In a network with many Avaya switches, configuring user accounts on each of the switches can be time-consuming.You can centralize the user accounts by using a Remote Authentication Dial-In User Service (RADIUS) server. RADIUS is a service that authenticates users when they attempt to log in to a Network Access Device (NAD) such as an Avaya switch.
Chapter 4 This interoperability issue occurs because Microsoft RADIUS server includes a class attribute in Access-Accept messages that the P580 and P882 RADIUS client does not support. With service pack 3, you can disable generation of a class attribute. For more information on this issue, see http://support.microsoft.com/default.aspx?scid=kb;ENUS;Q297317.
Security Similarly, when the same user logs in to a switch on the South campus, the message will append @AvayaRealm and a group name of SouthSwitches. The RADIUS server will send an Access-Accept message indicating that the user has read-only permission. Realms A realm provides a mechanism by which a RADIUS manager can organize user accounts. Consult the RADIUS vendor documentation for information on how to create realms on the server. Once created, user accounts are placed in the realms.
Chapter 4 If the user login is incorrect or does not exist, then the RADIUS server sends an Access-Reject message to the switch and the user is denied access to the switch. If the primary RADIUS server does not respond to the Access-Request message, the switch attempts to use the secondary server if it is configured. On subsequent retries, the switch alternates between the primary and secondary servers. If no secondary server is configured, the switch continues to try the primary server.
Security Table 4-2.
Chapter 4 RADIUS Server Files Each RADIUS vendor may have a different method for configuring client and user files. For information on configuring the client and user files on your RADIUS server, see the RADIUS server documentation. The following tables list the Avaya-specific attributes and values for each attribute. Table 4-3.
Security Sample User File The following is a sample user file. Each RADIUS vendor may have a different method for configuring user files. In this sample, text values are defined that represent the actual values used by the Avaya switch using the directives ATTRIBUTE and VALUE. Two user accounts are shown: a use account that is not assigned to a group and a user account that is assigned to a group. The first account is Bob with password BooBoo. Bob is allowed to log in only to the NAD at 199.87.201.2.
Chapter 4 Configuring a RADIUS Client Web Agent Procedure To configure a RADIUS client: 1. In the navigation pane, expand the System > Administration folders, and then click RADIUS. The RADIUS Web page is displayed in the content pane (Figure 4-7). Figure 4-7. RADIUS Web Page 2. In the Enable State field, select Enable. 3. Configure the RADIUS client as appropriate. Table 4-4 provides explanations of each field. 4-26 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Security Table 4-4. RADIUS Web Page Configuration Parameters Parameter Definition Enable State Enable or disable RADIUS on the switch. Primary Server • IP Address - Enter the IP address for the primary RADIUS server. • Shared Secret - Enter the shared secret the switch will use for encrypting and decrypting passwords. Make sure the primary server is configured with the exact same characters (case sensitive). This value is itself encrypted and will not be displayed anywhere (Web Agent or CLI) once set.
Chapter 4 Table 4-4. RADIUS Web Page Configuration Parameters Parameter Definition Retry Number Enter the number of times to resend the Access-Request message if the RADIUS server does not respond. Retry Time Enter the time (in seconds) to wait before resending an Access-Request message. UDP Port Enter the UDP port number that you want the switch to use for RADIUS authentication. The default value is 1812. Valid options are 1812 or 1645 only.
Security Document No.
Chapter 4 4-30 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
5 Configuring SNMP Overview Supported versions of SNMP The P580 and P882 support SNMPv1, v2, and v3. SNMPv3 Security Features SNMP version 3 provides the following security features that SNMPv1 and v2 do not provide: ■ Encryption of protocol data units (PDUs) to prevent unauthorized users from viewing the PDU contents. SNMPv3 uses CBC-DES for its encryption protocol. ■ Authentication of the user who sent the PDU.
Chapter 5 ■ Creating an SNMPv3 Administrator ■ Configuring Views ■ Configuring Groups ■ Configuring an SNMPv3 User ■ Changing a User Password ■ Configuring SNMPv1 or v2 Community Strings ■ Setting the Administrative Contact ■ Setting the Physical Location of the Switch ■ Disabling or Reenabling SNMP ■ Viewing the SNMP Status *Important: You must have administrator access to the switch to use the CLI commands that are discussed in this chapter.
Configuring SNMP Authentication and Encryption Localized Keys To perform authentication and encryption, the switch and NMS (network management system) share localized keys. When sending a PDU to the switch, the NMS (network management system) generates the localized key and places it in the PDU. When the switch receives the PDU, it compares the localized key in the PDU to the localized key stored in the switch memory. If the two versions match, the PDU is authenticated or decrypted.
Chapter 5 Timeliness Checks The switch performs timeliness checks to ensure that PDUs are not reordered, delayed or replayed. These timeliness checks include the following information: ■ Number of reboots since the switch was upgraded from v5.x application software to v6.x or since the last initialization of NVRAM. ■ Number of seconds since the last switch reboot. When the NMS starts up, it sends the switch a request message for this information.
Configuring SNMP Predefined Views When you upgrade the switch from v5.x application software to v6.x, the following predefined views are created: ■ normal—Includes the MIB objects that the normal security level included. The view includes all the supported MIBs except those objects that are administrator only (snmpTargetMIB, snmpNotificationMIB, snmpProxyMIB, snmpUsmMIB, snmpVacmMIB, snmpCommunityMIB, genlic.mib, load.mib, and the promChassisSystemReset object).
Chapter 5 This section contains the following information: ■ Predefined Groups ■ Migration of Existing Community Strings For information on how to configure groups, see “Configuring Groups.” Predefined Groups When you upgrade the switch from v5.x application software to v6.x, the following predefined groups are created: ■ normalRO—Provides read-only access to the normal view. ■ normalRW—Provides read-write access to the normal view. ■ adminRO—Provides read-only access to the admin view.
Configuring SNMP Table 5-1 lists all the predefined views, groups, and users. Table 5-1. Predefined Views, Groups, and Users View Group normal—Includes the MIB objects that the normal security level included. The view includes all the supported MIBs except those objects that are administrator only. normalRO—Provides read-only access to the normal view. admin—Includes the MIB objects that the admin security level included.
Chapter 5 Table 5-2 lists the groups to which existing community strings are assigned when you upgrade the switch from v5.x application software to v6.x. Table 5-2. Migration of Existing Community Strings Access of Pre-6.0 Community String Security Level of Pre- 6.0 Community String 6.
Configuring SNMP Process The proxy forwarder process is as follows: 1. An NMS prepares an SNMPv3 request PDU. This PDU contains the switch security credentials, including the engine ID and context name of the ATM Uplink module. 2. The supervisor modules receives the PDU from the NMS. It verifies that the security information matches the credentials of the switch. When the supervisor detects an engine ID and context name that differ from those of the switch, it checks the snmpProxyTable for a match. 3.
Chapter 5 SNMPv3 Administrator After either manually assigning the switch an engine ID or assigning the console port an IP address, you can create an SNMPv3 administrator. This administrator will be able to create and modify SNMPv3 users by using SNMP. You must have administrator access to the switch to create the SNMPv3 administrator. The administrator can, however, give specific user groups read-write access to the USM and VACM MIBs.
Configuring SNMP Viewing the Engine ID To view the currently configured engine ID of the switch, use the following CLI command: (configure)# show snmp engineid Creating an SNMPv3 Administrator After either manually assigning the switch an engine ID or assigning the console port an IP address, you can create an SNMPv3 administrator. This administrator will be able to create and modify SNMPv3 users by using SNMP. You must have administrator access to the switch to create the SNMPv3 administrator.
Chapter 5 Table 5-4. snmp-server user Command Parameter Definition The authentication password for the user: • Text passwords can range from 8 to 64 characters. • Localized HMAC-SHA-hashed passwords must be 20 bytes. • Localized HMAC-MD5-hashed passwords must be 16 bytes. Enter all localized passwords in the format of nn:nn:nn.... The encryption password for the user. • Text passwords can range from 8 to 64 characters.
Configuring SNMP Table 5-5. snmp-server view Command Parameter Definition The name of the view that you want to create or modify. The view name can range from 1 to 32 alphanumeric characters. The object identifier (OID) for the object that you want to either include or exclude from the view. You must enter the numeric OID. Use the wildcard character * to specify a sub-tree family. {included | excluded} Specifies whether the object is included or excluded from the view.
Chapter 5 Creating or Modifying a Group To create or modify a group, use the following CLI command: (configure)# snmp-server group {noAuth | auth | priv} [read ] [write ] [notify ] Table 5-6 provides an explanation of the command keywords and variables. CAUTION: Avaya recommends that you not modify the predefined groups. When you upgrade the switch from v5.x application software to v6.x, the existing community strings are assigned to these predefined groups.
Configuring SNMP Deleting a Group To delete a specific group or all groups of a specific group name (if multiple groups have the same group name), use the following CLI command: (configure)# no snmp-server group {noAuth | auth | priv} If multiple groups have the same group name, you must enter the appropriate security keyword (noAuth, auth, or priv) to delete one of the groups. If you do not enter a security keyword, all groups of the group name that you enter are deleted.
Chapter 5 Table 5-7. snmp-server user Command Parameter Definition User name for the SNMPv3 user. The user name can range from 1 to 32 alphanumeric characters. Important: Do not assign a community string and SNMPv3 user the same name. Name of the group to which you are assigning the user. localized Use this keyword if you want to enter the authentication password and privacy password in their localized form instead of text.
Configuring SNMP Removing a User from a Group To remove an SNMPv3 user from a group, use the following CLI command: (configure)# no snmp-server user group Viewing Configured Users To view the currently configured SNMPv3 users, use the following CLI command: # show snmp user [] This command displays the following information: ■ User name ■ Group to which the user belongs ■ Authentication protocol that is used for the authentication and encryption passwords: MD5, SHA,
Chapter 5 Changing a User Password You must change user passwords when the engine ID changes. To change a user password, use the following CLI command: (configure)# snmp-server password The switch prompts you to enter the new password or passwords. The passwords are case-sensitive and can range from 8 to 64 characters. For security reasons, the CLI does not display the passwords when you enter them.
Configuring SNMP Table 5-8 defines the command keywords and variables. Table 5-8. snmp-server community Field Definition The name of the community string. The community string can range from 1 to 26 characters. Important: Do not assign a community string and SNMPv3 user the same name. Name of the group to which you are assigning the community string. Important: Do not assign the community string to a group that requires authentication or encryption.
Chapter 5 Table 5-9. snmp-server community Field Definition ro Assigns read-only access to the community string. rw Assigns read-write access to the community string. [] The IP address from which the community string is valid.
Configuring SNMP Table 5-11. no snmp-server community Command ATM Module Community String Parameter Definition The community string that you want to delete. [] The IP address from which you want to remove access to the community string. To delete a community string for the ATM-Uplink module, use the following command: (configure)# no snmp-server atm-community [] Table 5-12 provides an explanation of the command variables. Table 5-12.
Chapter 5 SNMP To set the administrative contact for the switch, use the sysContact object, OID 1.3.6.1.2.1.1.4. The complete path to this object is: iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).system(1). sysContact(4) Setting the Physical Location of the Switch CLI Command To set the physical location of the switch, use the following CLI command: (configure)# snmp-server location The switch displays the physical location of the switch when you enter the show snmp command.
Configuring SNMP Disabling or Reenabling SNMP Disabling SNMP To disable SNMP, use the following CLI command: (configure)# no snmp-server This command overrides secure mode, which disables SNMPv1 and v2 and enables SNMPv3. For information on secure mode, see “Secure Mode.” Reenabling SNMP To reenable SNMP, use the following CLI command: (configure)# snmp-server enable This command enables the three versions of SNMP: SNMPv1, v2, and v3.
Chapter 5 5-24 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
6 Using VLANs, Hunt Groups, and VTP Snooping Overview The following information and procedures are provided in this chapter and pertain to layer 2 and layer 3 module configurations: ■ VLAN Introduction ■ Creating and Implementing VLANs ■ Using Hunt Groups to Aggregate Bandwidth ■ Configuring VTP Snooping For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1.
Chapter 6 Advantages with VLANs: ■ Segment traffic and usage patterns in a manner similar to creating subnets and segments in traditional networks. ■ Reduce the cost of equipment moves, upgrades, and other changes. ■ Simplify network administration. ■ Create logical work groups for users who share the same system resources. ■ Users not required to share the same physical location. ■ Reduce the need for routing to achieve higher network performance and reduced costs.
Using VLANs, Hunt Groups, and VTP Snooping A switch that is strictly port based needs additional information to separate traffic passing from one VLAN to another. Since each port is dedicated to a particular VLAN, there is no need to analyze the traffic arriving on a port to determine its VLAN membership. As an example, (Figure 6-1) two switches with two VLANs, Sales and R&D, would need a dedicated switch to switch connections (Trunk) for both VLANs between switches.
Chapter 6 IEEE 802.1Q VLAN Tagging The Avaya Multiservice switch is compliant with the IEEE 802.1Q standard for VLANs and defines a Tag Header. Two Tag formats are defined as an Ethernet Encoded (4 bytes) for 802.3 and Ethernet V2 and SNAP (Service Network Access Point) for Token Ring and Fiber Distributed Data Interface (FDDI). The Ethernet version of the Tag Header consists of 4 bytes, two bytes for Tag Protocol ID and two bytes for Tag Control.
Using VLANs, Hunt Groups, and VTP Snooping Forwarding Rules These rules determine the set of ports on the switch through which members of the VLAN can be reached. This is called binding a port to a VLAN. A port may be bound to a VLAN using the Web Agent in the following three ways: 1. Setting the Port VLAN attribute in the Switch Port Configuration Web page.This identifies the VLAN to which all untagged frames received on the port are forwarded.
Chapter 6 Forwarding: Only forward frames to the port for the assigned VLAN. Egress: All frames transmitted out of the port to be tagged using the IEEE 802.1Q/Multi-Layer tag header format. The tagged used will be that assigned to the port. Binding a Port to more than one VLAN using the CLI A port can be statically configured to Bind to more than one VLAN. This causes the port to become a member of each specified VLAN. This feature is configured from the CLI.
Using VLANs, Hunt Groups, and VTP Snooping Creating and Implementing VLANs Adding users to VLANs include: ■ VLAN Considerations ■ Creating a VLAN ■ Configuring VLAN Parameters ■ Assigning Ports to VLANs VLAN Considerations Be aware of the following issues when configuring VLANs: ■ If you set Trunk Mode to Clear, you must set the VLAN Binding Type to Static (default). ■ The switch supports a feature called Automatic VLAN Creation for tagged frames.
Chapter 6 Web Agent Procedure To create a VLAN: 1. In the navigation pane, expand the L2 Switching > VLANs folders, and then click Configuration. The VLAN Configuration Web page is displayed in the content pane. See Figure 6-3. Figure 6-3. VLAN Configuration Web Page 2. Click CREATE. The Create VLAN Web page is displayed in the content pane. See Figure 6-4. 6-8 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Using VLANs, Hunt Groups, and VTP Snooping Figure 6-4. Create VLAN Web Page 3. Enter a name for the VLAN in the Name field. 4. In the ID field, enter an unused VLAN ID value (between 2 to 4094). VLAN IDs are global and must be consistent from switch to switch, even when switches are manufactured by different vendors. 5. See Table 6-1 to configure the Create VLAN Web page parameters: Table 6-1. Create VLAN Web Page Parameters Parameter Definition Name Unique Name assigned to the VLAN in a switch.
Chapter 6 Table 6-1. Create VLAN Web Page Parameters Parameter Definition Initial Hash Table Size For every VLAN created, a hash table is allocated of the initial size. The hash table keeps track of the Layer 2 (MAC) addresses associated with a VLAN. The default setting for Initial Hash Table Size,1024, allows the user to configure approximately 20 simultaneous VLANs. However, the switch supports 1,000 VLANs. To support 1000 simultaneous VLANs, the Hash table size should be at 16.
Using VLANs, Hunt Groups, and VTP Snooping Figure 6-5. VLAN Switch Ports Web Page 3. See Table 6-2 to configure the VLAN Switch Ports Web page parameters: Table 6-2. VLAN Switch Port Web Page Parameters Parameter Defines... Port The switch port associated with the VLAN. Name The switch default port name or the user assigned port name. 1 of 2 Document No.
Chapter 6 Table 6-2. VLAN Switch Port Web Page Parameters Parameter Defines... Binding Type The binding types are set through the switch ports. See “Assigning VLANs to a Port and Associated Issues” in Chapter 8, “Configuring Ports.” • Static - when switch ports are added manually and can be removed • Persistent - when switch ports are bound to VLANs automatically but can not be removed. automatically (i.e., if the binding for a switch port is set to 'Bind to All').
Using VLANs, Hunt Groups, and VTP Snooping Assigning Ports to VLANs See “Configuring Switch Ports Settings,” in Chapter 8, “Configuring Ports,” for instructions on assigning ports to VLANs. CAUTION: Before changing the VLAN that a port is assigned to, you must remove the port from the hunt group that the port is assigned to. Do not attempt to change the VLAN and remove the port from the hunt group simultaneously. If you do, the switch assigns all ports in the hunt group to the new VLAN.
Chapter 6 Hunt groups expand the capacity of the core switched backbone. While there is no specific limit on the number of ports in a hunt group (see “Hunt Group Configuration Considerations”). In the example, the hunt group consists of two full-duplex Gigabit Ethernet links shared between two switches, for an aggregate capacity of 4 Gbps. Enterprise-level servers can be directly attached to the switching core using either 100 Mbps or Gigabit Ethernet connections.
Using VLANs, Hunt Groups, and VTP Snooping ■ Quicker recovery from link failure — If a port in the group fails, the remaining ports carry the load. Recovery is not limited by Spanning Tree Protocol convergence time (convergence time is the time the network takes to resume steady-state forwarding after Spanning Tree Protocol reconfiguration). ■ Supports up to 25 hunt groups per switch, if 48-port mode is disabled and up to 13 hunt groups if 48-port mode is enabled.
Chapter 6 80-Series Forwarding Engines The Forwarding Engines are numbered starting at one and increased by one for each Forwarding Engine. The Supervisor module always has Forwarding Engines numbered one and two. For a 7-slot P580 switch, numbers one and two for the Supervisor module and up to eight per media module slot for a maximum total of 50 Forwarding Engines. For a 17-slot P882, numbers one and two for the Supervisor module and up to eight for each of the media modules, for a maximum total of 130.
Using VLANs, Hunt Groups, and VTP Snooping This is different for the 50-series modules. The twelve port layer 3 50-series media module, all twelve ports are associated with one Forwarding Engine for layer 3 traffic and one Forwarding Engine for layer 2 traffic. In addition only one fabric port is used for all twelve ports. Load Share Function Hunt groups load share by directing different traffic to different ports in the hunt group, when sending traffic to a particular user.
Chapter 6 Figure 6-7. Slot to Fabric Port Relationship Table 6-3.
Using VLANs, Hunt Groups, and VTP Snooping Table 6-3. Module Forwarding Engines and Fabric Ports Module Type Total Number of forwarding engines Number of Fabric Ports Description 50-series 4 port Gigabit Fiber (layer 2) 4 2 2 forwarding engines per fabric port 50-series 20 port 10/100Mbps TX (layer 2) 2 2 1 forwarding engine per fabric port 2 of 2 * Note: All 80-series media modules are L3 capable. Figure 6-8.
Chapter 6 Hunt Group Configuration Considerations Consider the following before creating hunt groups: 6-20 ■ Hunt group end to end physical connections must be configured with the hunt group ports connected to hunt group ports. ■ All ports of the hunt group must be of the same bandwidth and all layer 2 or all layer 3 ports (but not a mix) ■ Can have a mix of 80-series and 50-series as long as they are the same bandwidth and all layer 2 or all layer 3.
Using VLANs, Hunt Groups, and VTP Snooping Hunt Groups and Multicast Traffic All multicast traffic is forwarded by the base port of the hunt group. If the base port changes, multicast traffic is interrupted until the sessions are relearned through the new base port. To decrease or eliminate this multicast traffic interruption, you can: ■ To decrease the multicast traffic interruption, decrease the IGMP query interval from 125 seconds to 5 seconds: a.
Chapter 6 Figure 6-9. Hunt Group Configuration Web Page 2. Click CREATE. The Create Hunt Group Web page is displayed in the content pane. See Figure 6-10. Figure 6-10. Create Hunt Group Web Page 3. In the Name field, enter a name for the hunt group. This field accepts a maximum of 31 alphanumeric characters. 4. In the Load Sharing field, select Enable. 5. In the Auto Flush field, select Enable if you want to enable the auto flush feature for the ports participating in the hunt group.
Using VLANs, Hunt Groups, and VTP Snooping CLI Commands Use the following CLI commands to configure a hunt group: ■ To create a hunt group, (configure)# set huntgroup [load-sharing {enable | disable}] ■ To enable or disable the auto flush feature for the ports participating in a hunt group, (configure)# set huntgroup auto-flush {enable | disable} Adding Ports to the Hunt Group Once you have created and named a hunt group, you can add as many additional ports as needed
Chapter 6 2. Select a port number from the Ports column. The Physical Port Configuration Web page is displayed in the content pane. See Figure 612. Figure 6-12. Physical Port Configuration Web Page 3. Uncheck the checkbox from the Enable column for a specific port. The check mark disappears to disable the port. * Note: Check the speed of the ports that you are configuring into the hunt group.
Using VLANs, Hunt Groups, and VTP Snooping Adding Switch Ports to the Hunt Group 1. Select Modules at the bottom of the Physical Port Configuration Web page. The Module Information Web page is redisplayed. See Figure 611. As an alternate procedure, expand the Modules & Ports folder, and then click Configuration. 2. Select a number from the Switch Ports column, for the module whose port or ports you are adding to the hunt group. The Switch Ports Web page is displayed in the content pane. See Figure 6-13.
Chapter 6 Figure 6-14. Switch Port Configuration Web Page 4. Select the hunt group assignment from the Hunt Group pull-down menu. 5. Click APPLY to save your changes, or CANCEL to restore previous settings. 6-26 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Using VLANs, Hunt Groups, and VTP Snooping 6. Repeat Steps 1-9 for any additional ports that you want to add to this hunt group. 7. Repeat steps 1 through 10 on the switch at the other end of the hunt group connection. 8. In the navigation pane, expand the Modules & Ports folder, and then click Configuration. The Module Information Web page is redisplayed. See Figure 6-11. 9. Select a port number from the Ports column. The Physical Port Configuration Web page is displayed. See Figure 6-12. 10.
Chapter 6 Figure 6-15. Hunt Group Members Web Page CLI Commands To view details about hunt group members using the CLI, enter the following command in configuration mode: (configure)# show huntgroup To add ports to a hunt group using the CLI, enter the following command from Configure mode: (configure)# set port huntgroup { | } [...
Using VLANs, Hunt Groups, and VTP Snooping Configuring VTP Snooping Enabling VLAN Trunk Protocol (VTP®) Snooping on the Avaya Multiservice switch allows it to automatically synchronize its VLAN configuration with that of a Cisco VTP server switch. VTP is a Cisco® layer 2 protocol used to maintain VLAN configuration consistency among switches.
Chapter 6 Web Agent Procedure To configure VTP snooping using the Web Agent: 1. In the navigation pane, expand the Modules & Ports folder, and then click Configuration. The Module Information Web page is displayed in the content pane. See Figure 6-11. 2. Select the number in the Switch Ports column for the module you want to configure VTP. The Switch Ports Web page for that module is displayed. See Figure 6-13. 3.
Using VLANs, Hunt Groups, and VTP Snooping Table 6-4. VTP Snooping Parameters Parameter Definition VTP Snooping State Select Enable to enable VTP snooping globally for the switch. The default value is Disable. Note: Enabling or disabling VTP Snooping does not clear any learned VTP information. Domain Name Enter the name associated with the Cisco VTP Domain. The default is Null (not set). Changing this parameter automatically clears the learned VTP information (the remaining parameters in this table).
Chapter 6 6-32 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
7 Configuring Rapid Spanning Tree Overview Contents Purpose of Spanning Tree This chapter contains the following sections: ■ How RSTP Achieves Rapid Recovery ■ Spanning Tree Configurations ■ Configuring Global Spanning Tree Options ■ Viewing Global Spanning Tree Information ■ Configuring Spanning Tree Bridges ■ Viewing Bridge Port Information ■ Configuring a Bridge Port ■ Configuring Spanning Tree Settings for Switch Ports STP prevents loops in layer 2 networks that have redundant paths.
Chapter 7 In STP, a port that is blocking must change to listening and then learning before it can change to forwarding. Normally, a port remains in the listening state for 15 seconds and in the learning state for 15 seconds. With these two 15-second delays, a port normally takes 30 seconds to change from blocking to forwarding. This 30-second transition time results in a 30second loss of traffic, which is not acceptable in many of today’s networks.
Configuring Rapid Spanning Tree How RSTP Achieves Rapid Recovery Port Roles In addition to port states, RSTP assigns and maintains port roles for all ports in a Spanning Tree domain. One of five possible roles can be assigned to a port: root, designated, alternate, backup, and disabled. Root and designated ports are the only ports that actively participate in the spanning tree (by forwarding frames).
Chapter 7 IEEE Standards For more detailed information about the STP and RSTP, see the IEEE 802.1D standard for Media Access Control (MAC) bridges and IEEE802.1w amendment for rapid reconfiguration. Spanning Tree Configurations The Avaya Multiservice switches support the following Spanning Tree configurations: ■ IEEE 802.1D Spanning Tree ■ Per-VLAN Spanning Tree ■ Dual-Layer Spanning Tree (Figure 7-1) ■ Global Disable Figure 7-1. Spanning Tree Models Single 802.
Configuring Rapid Spanning Tree Per-VLAN Spanning Tree Per-VLAN mode is the Default Spanning Tree setting on all multiservice switches. In this mode, the switch runs a separate spanning process for each VLAN. Each logical Spanning Tree has its own BPDUs which are tagged with the appropriate VLAN Identifier. In this configuration, the switch can participate in as many Spanning Tree domains as there are VLANs defined on the switch.
Chapter 7 In this mode, legacy bridges remain in separate Spanning Tree domains, yet loops between the layer 3 and legacy domains cannot form. For example; if there are three P580 switches in a network running VLAN A and VLAN B, and three legacy devices connect up through a port configured in VLAN A, the legacy devices remain in their own legacy Spanning Tree and do NOT join the Multilayer Spanning Tree.
Configuring Rapid Spanning Tree Configuring Global Spanning Tree Options Overview Global spanning tree options include the configuration and version of spanning tree (common STP or Rapid Spanning Tree). Web Agent Procedure To configure global spanning tree options on the switch: 1. In the navigation pane, expand the L2 Switching folder. 2. Click Spanning Tree. The Spanning Tree Information Web page is displayed in the content pane. See Figure 7-2. Figure 7-2. Spanning Tree Information Web page 3.
Chapter 7 4. In the Protocol Version field, click the version of Spanning Tree that you want the switch to run. 5. Click APPLY to save your changes or CANCEL to restore the previous settings. Table 7-1. Spanning Tree Information Configuration Option Definition IEEE 802.1D Runs a single IEEE 802.1D-compliant spanning tree for the entire bridge. In 802.1D spanning tree mode, there is one root bridge for the whole network, regardless of whether the switches support VLANs or not.
Configuring Rapid Spanning Tree Table 7-1. Spanning Tree Information Configuration Option Definition Dual-Layer Dual-Layer spanning tree is a variation of per-VLAN spanning tree. However, instead of using normal BPDUs which are clear (free of VLAN tags) on clear trunks and tagged on tagged trunks, as is the case with Per-VLAN Spanning Tree. Dual-layer uses a proprietary BPDUs.
Chapter 7 Viewing Global Spanning Tree Information Web Agent Procedure To view global spanning tree information: 1. In the navigation pane, expand the L2 Switching folder. 2. Click Spanning Tree. The Spanning Tree Information Web page is displayed in the content pane. See Figure 7-2. Table 7-2 provides explanations of the information that is displayed in each field of this Web page. Table 7-2.
Configuring Rapid Spanning Tree Configuring Spanning Tree Bridges Web Agent Procedure To configure a spanning tree bridge: 1. In the navigation pane, expand the L2 Switching folder. 2. Click Spanning Tree. The Spanning Tree Information Web page is displayed in the content pane. See Figure 7-2. 3. In the Bridge field, click the bridge that you want to configure. The Spanning Tree Bridge Configuration Web page is displayed. See Figure 7-3. Figure 7-3. Spanning Tree Bridge Configuration Web page 4.
Chapter 7 Table 7-3. Spanning Tree Bridge Configuration Field Definition Priority Priority of the bridge as hexidecimal value. The valid range for this field is 0x0000 (0) to 0xF000 (61,440) in increments of 0x1000 (4,096). The default setting is 0x8000 (32,768). Note: When you upgrade the switch from v5.x application software to v6.x, all bridge priorities are reset to the default setting of 0x8000. Bridge priorities from earlier versions of software are not preserved.
Configuring Rapid Spanning Tree Table 7-3. Spanning Tree Bridge Configuration Field Definition Path Cost Default The type of default path costs that ports in this bridge will use. Options are: • common-spanning-tree—uses the 16-bit default path costs from IEEE Std. 802.1D-1998: — For 10 MB ports, 100 — For 100 MB ports, 19 — For 1 GB ports, 4 — For 10 GB ports, 3 • Rapid-spanning-tree—uses the 32-bit default path costs from IEEE Std. 802.
Chapter 7 ■ To set the maximum age for the bridge, (configure)# set spantree maxage {802.1D | vlan { | name }} ■ To set the hello time for the bridge, (configure)# set spantree hello {802.1D | vlan { | name }} ■ To set the forward delay for the bridge, (configure)# set spantree fwddelay {802.
Configuring Rapid Spanning Tree Figure 7-4. Spanning Tree Bridge Port Information Web Page Table 7-4. Spanning Tree Bridge Port Information Field Explanation Bridge Port Bridge port number. Port Physical port number of the bridge port. Name Name that is assigned to the bridge port. Port ID The ID that Spanning Tree assigns the port. 1 of 2 Document No.
Chapter 7 Table 7-4. Spanning Tree Bridge Port Information Field Explanation Role The current role of the port. The options are: • Root • Designated • Alternate • Backup • Disabled For information about each of these roles, see “How RSTP Achieves Rapid Recovery.” State Current bridging state of the port. The options are: • Discarding — The port is either disabled, blocking or listening. • Learning — The port is learning new MAC addresses, but not yet forwarding traffic.
Configuring Rapid Spanning Tree Configuring a Bridge Port Web Agent Procedure To configure a spanning tree bridge port: 1. In the navigation pane, expand the L2 Switching folder. 2. Click Spanning Tree. The Spanning Tree Information Web page is displayed in the content pane. See Figure 7-2. 3. In the Bridge Ports field, click the bridge for which you want to configure a port. The Spanning Tree Per Module Bridge Port Information Web page is displayed in the content pane. 4.
Chapter 7 6. Configure the bridge port as appropriate. Table 7-5 provides explanations of each field. 7. Click APPLY to save your changes or CANCEL to restore the previous settings. Table 7-5. Spanning Tree Port Configuration Field Definition Priority Priority of the port as a decimal value. A higher priority port (has a lower priority number) is more likely to be chosen as the primary path in the spanning tree when there are two or more paths of equal cost.
Configuring Rapid Spanning Tree Table 7-5. Spanning Tree Port Configuration Field Definition Operational Path Cost The path cost that Spanning Tree is using for the port: • If Administrative Path Cost is set to a nonzero value, this field displays that nonzero value. • If Administrative Path Cost is set to 0, the switch is running Rapid Spanning Tree, and Path Cost Default for the bridge is set to Rapid-spanningtree, then this field displays the following values (recommended in Table 17-7 of IEEE Std.
Chapter 7 Table 7-5. Spanning Tree Port Configuration Field Definition Force BPDU Migration Clicking SEND RSTP BPDU in this field forces the bridge port to send out RSTP BPDUs. By forcing a bridge port to send RSTP BPDUs, you can determine whether legacy 802.1D bridges are present on a LAN segment. If you remove a legacy 802.1D bridge from a segment, other RSTP bridges on the segment cannot detect the removal so they continue sending STP BPDUs.
Configuring Rapid Spanning Tree Configuring Spanning Tree Settings for Switch Ports Web Agent Procedure To configure Spanning Tree settings for a switch port: 1. In the navigation pane, expand the Modules & Ports folder. 2. Click Configuration. The Module Information Web page is displayed in the content pane. 3. In the Switch Ports field, click the switch ports that you want to configure. The Switch Ports Web page is displayed in the content pane. 4.
Chapter 7 Figure 7-6. Switch Port Configuration Web Page 7-22 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring Rapid Spanning Tree 5. Enter the appropriate information in the following fields: ■ Spanning Tree Mode—Enable or disable Spanning Tree on this port. If you click Disable, the port does not participate in Spanning Tree. ■ Admin Point to Point Link—Specify whether this port is connected to a shared LAN segment or a point-to-point LAN segment. A point-to-point LAN segment is connected to exactly one other bridge (normally with a direct cable between them).
Chapter 7 6. Click APPLY to save your changes or CANCEL to restore the previous settings. For information about all other switch port settings, see “Configuring Switch Ports Settings” in Chapter 8, “Configuring Ports.” CLI Commands 7-24 Use the following CLI commands to configure Spanning Tree settings for a switch port: ■ To enable or disable Spanning Tree on a port, (configure)# set port spanning-tree-mode { | } [...
8 Configuring Ports Overview The following information and procedures are provided in this chapter and are common to both layer 2 and layer 3 module configuration: ■ Two Categories of Port Settings ■ Configuring Physical Port Settings ■ Configuring Switch Ports Settings ■ Configuring Port Redundancy ■ GBIC Identification ■ Network Error Detection and Recovery ■ Internal Error Detection and Recovery For more information about the CLI commands that are mentioned in this chapter, see Command Re
Chapter 8 Physical Port Features This section describes the following features that are available when configuring the physical parameters on the ports: Auto-negotiation ■ Auto-negotiation ■ Remote Fault Detection ■ Flow Control Autonegotiation is an extension of the link test methods used by 10Base-T and 10Base-FL to verify the integrity of the link between devices.
Configuring Ports It may seem that because the FLP and the normal link pulse use the same interval at the same frequency, older devices may not be compatible with auto-negotiation. This is, however, not the case. For example, a 10Base-T device that does not have auto-negotiation capabilities sees FLP bursts simply as a link test signal. A 10Base-T device will respond to the FLP burst with its usual normal link pulse signal.
Chapter 8 Table 8-1. Gigabit Modules not Supporting Autonegotiation Gigabit Module Model Number Hardware Revision M5502R-1000SX-F J or earlier M5502R-1000LX-F J or earlier M5502R-1000SLX-F H or earlier 2 of 2 * Note: If a Gigabit module that does not support the autonegotiation is connected to a device that does, disable autonegotiation to ensure proper operation.
Configuring Ports Figure 8-1. Remote fault detection Switch A, Port 1 Tx Rx Rx X Tx Switch B, Port 2 Enable remote fault detection on both ends of a switch-to-switch connection, in the following two cases: ■ When two Gigabit ports that do not support auto-negotiation are connected. ■ When a Gigabit port that supports auto-negotiation is connected to a Gigabit port that does not support auto-negotiation. For a list of Gigabit modules that do not support auto-negotiation, see Table 8-1.
Chapter 8 There are four flow control options on Gigabit Ethernet Ports. ■ Disable ■ Enable ■ Enable – Send Only ■ Enable – Respond Only The Disable option disables flow control (the default). The Enable option enables IEEE802.3X (XOFF/XON) Flow Control on the line. The Avaya Multiservice Switch is the sender of pauses based upon inbound traffic and the Avaya Multiservice Switch is the receiver of pauses based upon outgoing traffic (and the ability of attached equipment to use the protocol).
Configuring Ports Switch Port Features The Avaya P580 and P882 Multiservice switches support up to 1000 VLANs and also support multiple forwarding databases. This means that each VLAN is associated with its own Address Forwarding Table (AFT). Therefore, identical MAC addresses can simultaneously exist on multiple VLANs. The Avaya Multiservice switches provide parameters for configuring VLAN/port associations.
Chapter 8 Table 8-2. Relationship Between Switch Parameters VLAN Binding Trunk Mode Description Static Clear Ingress: Untagged frames are classified to the VLAN associated with the port on which the frame is received. Tagged frames are classified to the VLAN identified by the VLAN tag in the tag header of the frame. Forwarding: Only forward frames to the port for the assigned VLAN. Egress: All frames transmitted will be sent with no tagging. Static 802.
Configuring Ports Table 8-2. Relationship Between Switch Parameters VLAN Binding Trunk Mode Description Bind to Received Clear NOT RECOMMENDED Ingress: Untagged frames are classified to the VLAN associated with the port on which the frame is received. Tagged frames are classified to the VLAN identified by the VLAN tag in the tag header of the frame. Forwarding: All broadcast frames from all VLANs learned on the port will be forwarded. Egress: All frames transmitted will be sent with no tagging.
Chapter 8 The second way is to assign the VLAN to a port is by using the following CLI command in Enable/Configure mode: (configure)# set VLAN By selecting the VLAN name or VLAN ID, you can bind the selected VLAN to additional ports. When binding VLANs this way, the port is part of the flooding domain of the selected VLAN. This is an alternative to using the binding types “bind to all” and “bind to receive”, that allows you to add a port(s) to a subset of VLANs in the switch.
Configuring Ports With the set vlan CLI command, assign port 1, and port 2 to VLAN4 and also assign port 4 to VLAN1 and VLAN2. Then PC1 and PC2 could communicate with SERVER1 across VLANs without any noticeable problems.
Chapter 8 Web Agent Procedure To configure a port on a 10-Gigabit module by using the Web Agent: 1. In the navigation pane, expand the Modules & Ports folder. 2. Select Configuration. The Module Information Web page is displayed in the content pane (Figure 8-2). Figure 8-2. Module Information Web Page 3. In the Ports column for the 10-Gigabit module that you want to configure, select the port. The Physical Port Configuration Web page for that module is displayed. See Figure 8-3.
Configuring Ports Figure 8-3. Physical Port Configuration Web Page for the 10-Gigabit Module 4. In the Enable column, select the checkbox to enable the port. 5. Click APPLY to save your settings, or CANCEL to restore previous settings. 6. In the Name column, select the port name. 7. The Detailed Physical Port Configuration Web page is displayed (Figure 8-4). Figure 8-4. Detailed Physical Port Configuration Web Page for the 10Gigabit Module Document No.
Chapter 8 8. In the Name field, enter a port name, or you can use the default name. 9. In the Category field, select one of the following options: — User Port if you want the switch to generate only log messages for the port. This setting prevents the switch from generating alarm messages (SNMP traps) for the port. — Service Port (default setting) if you want the switch to generate both log messages and alarm messages (SNMP traps) for the port. 10.
Configuring Ports Table 8-3. Detailed Physical Port Web Page Parameter Definition Name A name for this port. For example, you could enter a drop connection name or the name of the station or other device that is connected to the port. Category • The User Port option is intended for connections to enduser nodes. If you select this option, the switch generates only log messages for the port. It does not generate alarm messages (SNMP traps).
Chapter 8 Table 8-3. Detailed Physical Port Web Page Parameter Definition Auto Negotiation Mode Auto-Negotiation is not supported on the 10-Gigabit module. The IEEE 802.3ae standard refers to but does not specify an autonegotiation function. 10-Gigabit devices should all operate at 10Gigabits/sec in Full Duplex mode. Remote Fault Detect Remote fault detection is not supported on the 10-Gigabit module. The 802.3ae standard provides for automatic detection of link failure.
Configuring Ports Figure 8-5. Physical Port Configuration Web Page for the Gigabit Ethernet Module 3. Click the checkbox in the Enable column to enable a port. A check mark displays. * Note: If the port is already enabled (check mark is visible), and you want to disable the port, click the box to Disable the port (check mark vanishes). 4. Click APPLY to save your settings, or CANCEL to restore previous settings. 5. Select the port name from the Name field.
Chapter 8 Figure 8-6. Detailed Physical Port Configuration Web Page for Port on Gigabit Ethernet Module 6. Enter a port name in the Name field, if desired, or use the default name supplied 7. Select one of the following from the Category field pull-down menu: — User Port if this is an end-station port — Service Port if this is a trunk port. 8. In the Flow Control Mode field, select one of the following options: Enable – Sets the port to both send and receive pause signals.
Configuring Ports 10. Select Enable from the Full Duplex Flow Control Advertisement field pull down menu 11. Select Enable from the Pace Priority Mode field pull down menu to recognize and use 3Com’s PACE priority mechanism. 12. Select Enable from the Remote Fault detect field pull down menu to detect 13. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 8-4 provides a more detailed description of the Detailed Physical Port Web page parameters. Table 8-4.
Chapter 8 Table 8-4. Detailed Physical Port Web Page Parameters Parameter Definition Flow Control Mode This field determines if the port uses IEEE 802.3z pause control. The pause mechanism allows the port to stop a sending station from sending more packets if the buffers of the receiving port are full. Flow control helps prevent lost or dropped packets. This feature is recommended for use primarily on end station connections.
Configuring Ports CLI Command To configure ports on a gigabit module using the CLI, enter the following command from Configure mode: (configure)# set port * Note: When a port on an 80-Series Gigabit Ethernet module is disabled, the port link light blinks continuously. In versions earlier than v5.2.10, the link light extinguished when the port was disabled. Loopback tests on ports may fail when traffic is present on the link at startup.
Chapter 8 Figure 8-7. Physical Port Configuration Web Page for the Fast Ethernet Module 4. By default the checkbox is checked in the Enable column. To change the enable remove the check in the checkbox. 5. If you change the enable checkbox Click APPLY to save your settings, or CANCEL to restore previous settings. 6. Select a port name from the Name field (for example, Port 6.1). The Detailed Physical Port Configuration Web page for that port is displayed. See Figure 8-8.
Configuring Ports Figure 8-8. Detailed Physical Port Configuration Web Page for Port on Fast Ethernet Module 7. Enter a port name in the Name field, if desired or use the default name. 8. Select one of the following from the Category field pull-down menu: — User Port if this is an end-station port — Service Port if this is a trunk port. 9. Select a speed (10 Mb/s or 100 Mb/s) from the Speed Mode field pull down menu, If you want to set the port speed manually.
Chapter 8 10. Select a duplex mode (half-duplex or full-duplex) from the Duplex Mode field pull-down menu if you want to manually set the port’s duplex mode. You do not have to select a duplex mode if you set the port to autonegotiate. 11. In the Flow Control Mode field, select one of the following options: Enable – Sets the port to both send and receive pause signals. This setting prevents buffer overflows on both local and remote port. Disable – Sets the port to neither send or receive pause signals.
Configuring Ports 15.
Chapter 8 Table 8-5. Fast Ethernet (10/100) Port Parameters Parameter Definition Name Enter a user configurable name for this port (possibly a drop connection name or the name of the station or other device connected to the port). Category Select either User Port or Service Port. • The User Port is intended for use with switch connections to end user nodes. • The Service Port is intended for use with switch connections to servers or other switches.
Configuring Ports Table 8-5. Fast Ethernet (10/100) Port Parameters Parameter Definition Auto Negotiation Duplex Advertisement Determines what information the port advertises when it starts auto-negotiating. In most cases, Half/Full are the best settings, but there may be cases when you want to auto-negotiate one parameter, while keeping the other fixed.
Chapter 8 Using the All Ports Configuration Web Page You can apply the same parameter settings on all of a module’s ports using the All Ports Configuration Web page. To configure all ports on a module: 1. In the navigation pane, expand the Modules & Ports folder, and then click Configuration. The Module Information Web page is displayed in the content pane. See Figure 8-2. 2. Select the port number from the Ports column for that module. The Physical Port Configuration Web page for that module is displayed.
Configuring Ports Configuring Switch Ports You can configure how each switch port performs its switching functions (for example, VLAN parameters, hunt group assignments, trunk mode, and frame tag scheme) through the switch port parameters. You can configure switch port parameters using either the Web Agent or the CLI. CAUTION: Web Agent Procedure Before changing the VLAN that a port is assigned to, you must remove the port from the hunt group that the port is assigned to.
Chapter 8 Figure 8-9. Switch Port Configuration Web Page 4. Enter information in the Web page fields as appropriate. See Table 8-6 for an explanation of each field. 8-30 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring Ports 5. Click APPLY to save your changes, or CANCEL to restore default settings. * Note: Do not enable Automatic VLAN Creation and VTP Snooping at the same time. Table 8-6 describes the Switch Port Configuration Web page fields. Table 8-6. Switch Port Configuration Web Page Fields Parameter Definition Port VLAN Specifies the VLAN assignment for this port. All untagged frames arriving on this port are assigned to this VLAN.
Chapter 8 Table 8-6. Switch Port Configuration Web Page Fields Parameter Definition Allow Learning Select Disable to prevent the port from learning new MAC addresses and forwarding them to the Supervisor module to be added to the VLANs AFT. Enable is the default. For example, you can set this parameter to Disable, then add a static MAC address entry for this port. If you do not select Disable before you add a static MAC address, unicast flooding can occur.
Configuring Ports Table 8-6. Switch Port Configuration Web Page Fields Parameter Definition Known Mode Enable or disable known mode. The default value is Disable. If known mode is enabled, unicast frames that have an unknown destination address are not flooded out this port. If known mode is disabled, unicast frames that have an unknown destination address are flooded out the port.
Chapter 8 Table 8-6. Switch Port Configuration Web Page Fields Parameter Definition Admin Edge Port Specify whether this port is an edge port or a nonedge port. An edge port is not connected to any other bridge. Only edge ports and point-to-point links can rapidly transition to forwarding state. Options are: • edge-port—Defines the port as an edge port. • non-edge-port—Defines the port as a nonedge port. If you set this field to edge-port, the Oper Edge Port field is also set to edge-port.
Configuring Ports Table 8-7. Example 1. Trunk to Cisco Catalyst 5000TM Parameter Recommended Setting Automatic VLAN Creation Enable (Disable if using VTP Snooping) - Causes the switch to learn new VLAN IDs that arrive at the port, and then bind the port to these VLANs. VTP Snooping Enable - Causes the switch to update its VLANs as they are created, deleted, or changed on the Catalyst.
Chapter 8 Table 8-8. VLAN Binding Options Option Definition Static Assigns VLAN membership manually, using the VLAN Switch Ports page described in “Creating and Implementing VLANs” in Chapter 6, “Using VLANs, Hunt Groups, and VTP Snooping.” Bind to All Binds this port to all VLANs known to the switch. This is an appropriate mode for switch-to-switch connections. Note: When a tagged IEEE 802.
Configuring Ports Automatically Creating VLANs and Frame Tags Parameters VLANs are created automatically by the switch reading the VLAN tag of all ingress IEEE 802.1Q and Multi-Layer tagged frames. The switch then creates a new VLAN for every new VLAN tag identified. However, if the parameter for Frame Tags is set to Ignore, the switch will ignore the VLAN tags on ingress frames. The switch assumes that all ingress frames belong to the ‘Port VLAN’.
Chapter 8 Web Agent Procedure To use the Web Agent to enable the MAC Address Lock feature and traps for unknown source addresses: 1. Manually add the “permitted” MAC addresses to the Address Forwarding Table (AFT). For information on how to manually add MAC address to the AFT, see “Adding Static Entries to the AFT” in Chapter 9, “Managing the Address Forwarding Table.” 2. Open the Switch Port Configuration Web page for the port.
Configuring Ports 4. Use the following command to enable known mode on a port or port range: set port known-mode enable *Note: To prevent the flooding of frames that have unknown destination addresses, enter all ports on the same VLAN as the port for which you are enabling MAC address lock. 5. Use the following command to enable intrusion traps on a port or port range: set port intrusion-trap enable 6.
Chapter 8 Figure 8-10. Switch Ports Configuration - All Ports Web Page 4. Select the check box next to the field you want to configure. 5. Select an option for the specific field from that fields pull-down menu. 6. Select Restore to keep the previous settings or Apply to accept the new settings. 8-40 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring Ports Viewing Switch Port Settings You can view switch port parameters through either the Web Agent and the CLI. Web Agent Procedure To view switch port parameters using the Web Agent: 1. In the navigation pane, expand the Modules & Ports folder, and then click Configuration. The Module Information Web page is displayed in the content pane. See Figure 8-2. 2. Select the switch ports for that module from the Switch Ports column. The Switch Ports Web page is displayed. 3.
Chapter 8 4. Select one of the following items at the bottom of the Web page for more information about the switch ports: CLI Command — Next/Previous Module – Displays the next or previous module’s switch port parameters. — Modules – Returns you to the Module Information Web page. — All Module Switch Ports Configuration – Displays the Switch Port Configuration All Ports Web page and configures all ports for the selected module.
Configuring Ports This section contains procedures for the following tasks: ■ Creating a Port Redundancy Pair ■ Deleting a Port Redundancy Pair ■ Disabling or Enabling Port Redundancy Creating a Port Redundancy Pair Overview You can use the Web Agent or CLI to create a port redundancy pair. The switch supports a maximum of 20 pairs. You must create a unique name for the pair.
Chapter 8 3. Complete the following: ■ Name—Enter the pair’s name. ■ Primary Port—Select the pair’s primary port from the pull-down menu. ■ Secondary Port—Select the pair’s secondary port from the pulldown menu. 4. Click Apply.
Configuring Ports Disabling or Enabling Port Redundancy Web Agent Procedure You can globally enable or disable port redundancy in the Port Redundancy Configuration Web page. Disabling redundancy does not delete the pairs. To enable or disable a port redundancy 1. In the navigation pane, expand the L2 Switching folder, and then click Port Redundancy. The Port Redundancy Configuration Web page is displayed in the content pane. Figure 8-12. Port Redundancy Configuration Web Page 2.
Chapter 8 GBIC Identification The GBIC Identification feature identifies the type of GBICs that are installed in 80-series gigabit modules with GBIC interfaces. The feature identifies the following types of connectors: ■ GBIC SX (short wavelength) ■ GBIC LX (long wavelength) ■ GBIC LX/LH (long wavelength/long haul) If any nonstandard connectors are present, the feature identifies them as GBIC LX/LH. You can view this information by using the Web Agent, CLI, or SNMP.
Configuring Ports Network Error Detection and Recovery Overview Functionality The Network Error Detection and Recovery (NEDR) feature monitors Ethernet CRC errors on Ethernet data ports and compares the rate of errors that occurs to the threshold values that you set. This feature helps you find the source of the errors and take corrective action if necessary.
Chapter 8 Hardware Support You can enable NEDR only for ports on gigabit and 10-gigabit Ethernet modules and only by using CLI commands. You cannot enable the feature on any other types of ports, for example, Ethernet 10/100, ATM Uplink, or supervisor, and cannot enable the feature by using the Web Agent. * Note: If the switch has an 80-series supervisor module installed, monitoring begins as soon as you turn on the switch.
Configuring Ports See Table 8-11 for explanations of the keywords, arguments, and options in this command. The CLI displays a confirmation message if you successfully enable NEDR for a port or range of ports. If no message displays, the port information was invalid. * Note: Occasionally, if you enable NEDR on a 10-Gigabit port, the following error message is displayed: Set port network-error-detection failed: <10-Gigabit port number>. NEDR is successfully enabled regardless of the error message.
Chapter 8 Table 8-11. Keywords, Arguments, and Options Keywords, Arguments and Options Explanation action {notify | disable-port | off} Action that NEDR performs when the rate of errors exceeds the threshold. The options are: • notify—Logs the event in the event log • disable-port—Disables the port and logs the event in the event log. A port is disabled if the rate of errors equals or exceeds the threshold. Make sure a redundant protocol is configured.
Configuring Ports Internal Error Detection and Recovery Overview The Internal Error Detection and Recovery (IEDR) feature shuts down a port if its rate of internal errors exceeds the threshold setting. Currently you can enable this feature only by using the CLI and only for ports on 50-series and 80-series Gigabit Ethernet modules. By default IEDR is disabled. * Note: The 10-Gigabit module does not support IEDR. This feature is designed to serve as mechanism for detecting and isolating hardware failures.
Chapter 8 Enabling IEDR * Note: To enable IEDR for ports in a hunt group, you must use a different command that enables the feature globally for all ports in all hunt groups on the switch. For information on this command, see “Enabling IEDR for Hunt Groups.” * Note: Do not use ISL Tagging (Trunk Mode: Multilayer) on ports that have IEDR enabled. IEDR is disabled by default on gigabit ports. To enable the feature: 1. Enter Global Configuration mode. The CLI displays the (configure)# prompt. 2.
Configuring Ports To globally disable IEDR for all ports in hunt groups, enter: set huntgroup internal-error-shutdown disable Setting the IEDR Threshold for Internal Errors You can set the threshold at which the switch will shutdown a port. By default this threshold is set to 10 internal errors in a 5-second time period. You can set the threshold to any number between 5 and 500 internal errors in a 5-second time period.
Chapter 8 Error Messages * Note: If IEDR detects errors on a port in the hunt group, it tests each port within that hunt group. When it finds the first bad port, it removes it from the hunt group and disables the port.
Configuring Ports Internal-error-config Internal-error-config Internal-error-config Internal-error-config enabled enabled enabled enabled on on on on port port port port 7/1 7/2 7/3 7/4 Feature enabled for port(s) specified If CRC Error Threshold is exceeded then port will automatically be shut down. TRAFFIC LOSS WILL RESULT if no redundant port is configured and port shutdown occurs.
Chapter 8 ■ Upon Success: Threshold value set to 10 ■ Upon Failure (The only failure that can occur is that the number entered was not in the range 5 – 500): Threshold value must be between 5 and 500 8-56 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
9 Managing the Address Forwarding Table Overview The Address Forwarding Table (AFT) is a mapping table of MAC addresses with their associated port locations.The AFT is used by the Avaya Multiservice switch to correctly forward (bridge) frames destined for a particular MAC address to the correct physical port.
Chapter 9 For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1 Chapter contents The following information and procedures are in this chapter.
Managing the Address Forwarding Table Hash Table and Bucket memory usage guidelines The Avaya Multiservice switch provides 60K of memory that is used to store hash tables and AFT buckets. In general, no more then 20K should be used for Hash Tables, leaving 40K available for AFT entries (MAC addresses).
Chapter 9 VLAN ID number outside the recommended range If you use an ID number outside the range of recommended numbers, you may find certain VLAN ID numbers cause “collisions” and are unavailable when you try to create a new VLAN. The reason for this has to do with the way that the switch hashes VLAN numbers into internal tables. The ‘hash’ algorithm used by the switch takes VLAN numbers (which have a range from 1 to 4094) and ‘hashes’ them to a range of 1 to 1024 by picking 10 bits from the VLAN number.
Managing the Address Forwarding Table If the number of VLANs supported in the switch is 500, then the VLAN ID numbers used in the switch should be chosen from the range of 1 to 500 rather then 1 to 1000. Table 9-1. Number of Supported VLANs Version of Code Fabric Mode 1 Fabric Mode 2 Pre-5.0 1000 N/A 5.0-Pre 5.2.10 500 500 5.2.10 and above 500 1000 Table 9-2 is an example of the size of the hash table created per the number of VLANs created using the guidelines. Table 9-2.
Chapter 9 Examples of Configuring VLANs and Hash Table Size Example 1 All VLANs have the same Hash Table Size Configure the Avaya Multiservice switch for 45 VLANs. This requires the default Hash Table size be reduced according to the hash table guidelines. 45 VLANs times 1024 = 46,080 or ~ 46K This exceeds the 20K guideline for the amount of AFT memory used for Hash Tables. Even if the Hash Table size is reduced by half, it still exceed the guideline.
Managing the Address Forwarding Table AFT Default Settings Figure 9-1. Create VLANs Name—Name for the new VLAN ID—VLAN ID number, valid number between 1-4094 (1 is reserved for the Default VLAN) Instance ID—Instance table representation of a VLAN. The Instance ID does not directly correlate to the VLAN ID Initial Hash Table Size—1024, the default setting for the Initial Hash table size. Auto- Increment HT Size—Default setting is True. Enable to automatically correct for undersized hash table size.
Chapter 9 Figure 9-2. Address Forwarding Table Configuration Auto-Increment Auto-Increment is the Enable/Disable setting for the Auto-Sizing feature. If Auto-Increment is enabled, the switch will automatically increase the hash table size provided two conditions are met.See Figure 9-1 for enabling or disabling Auto-Increment HT size.
Managing the Address Forwarding Table It is highly recommended the default of 40% not be changed. The affects of varying the Threshold (Util%) are as follows: ■ Increasing Threshold: Gives better memory utilization at the expense of more frequent flushing, flooding, and relearning. ■ Decreasing Threshold: Gives less efficient memory utilization but does not flush, flood and relearn as often.
Chapter 9 Enter a new value in the Super Age Time field. The valid entries are 1-30 days. The Super Age Timer marks all invalid table entries, then checks to see if they remain invalid for the specified super age interval. This clears the table of entries that are no longer used. The default value is 7 days. Click APPLY to save your changes, or CANCEL to restore previous settings.
Managing the Address Forwarding Table Figure 9-3. Address Table Instance Web page See Table 9-3 for a definition of the Address Table Instance Web page parameters. Table 9-3. Address Table Instance Parameters Parameter Definition VLAN Association Name of the VLAN this Hash table is associated with. Total Number of Entries Displays the total number of entries (MAC addresses) for this VLAN. 1 of 2 Document No.
Chapter 9 Table 9-3. Address Table Instance Parameters Parameter Definition Entry Type Displays the entry type for this VLAN. Options include: • Learned - Entry is dynamically learned. • Management - Entry is configured by the user statically. • Self - Entries for internal addresses contained within the switch. • Multicast - Entries belong to Multicast Groups. Entry Validity Displays the entry validity for this VLAN. Options include: • Valid - Entry exists.
Managing the Address Forwarding Table 3. Click: ■ APPLY to save your changes ■ CANCEL to restore previous settings ■ Delete All Learned Entries if you want to relearn the entire table ■ Delete Invalid Learned Entries if you want to delete all entries that are currently aged out. * Note: If you change the Hash Table Size, the switch relearns all addresses in that table, causing the switch to flood packets for a few seconds.
Chapter 9 Web Agent Procedure To filter the AFT using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Address Forwarding Table folders, and then click Address Search. The Address Entry Search Web page is displayed in the content pane. See Figure 9-4. Figure 9-4. Address Entry Search Web Page *Note: DISPLAY ALL ignores any parameter not checked in the left column. To view all addresses in the table, select DISPLAY ALL without selecting any filters. 2.
Managing the Address Forwarding Table 3. To search using a VLAN: — Select the VLAN check box in the Search By: column — Select a VLAN name from the VLAN field pull-down menu in the Search Value: column. 4. To search using a Port: — Select the Port check box in the Search By: column — Select a search variable from the Port field pull-down menu. The options are: Forward, Filter, and CPU — Enter a port number to display only the entries associated with that switch port. 5.
Chapter 9 Figure 9-5. Address Forwarding Table Web Page * Note: Some types of entries in the Address Forwarding Table can be modified. The port, priority, and persistence can be changed for learned and management entries. 7. To change an entry in the Address Forwarding Table, select the check box in the Index column for MAC address entry. 8. Make the change(s) to the port, priority, or Persistence for the selected entry 9-16 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Managing the Address Forwarding Table 9. After making the changes, click the APPLY button to save the current settings, or CANCEL to restore previous settings. or MORE to view more statistics. 10. See Table 9-4 to review your search criteria options: Table 9-4. Address Forwarding Table Parameters Parameter Defines the... Index Index number of this address entry in the switch address forwarding table. MAC Address MAC address associated with this entry.
Chapter 9 Table 9-4. Address Forwarding Table Parameters Parameter Defines the... Persistence The persistence of the entry in the table can be set on all learned entries: • Permanent - The address is not aged out of the table. • Invalid - This entry is cleared from the table each time the switch resets. • Ageout - Address is cleared from the address forwarding table when the timeout interval expires. This is the state of all entries dynamically learned by the switch.
Managing the Address Forwarding Table CLI Command To search the switch AFT using the CLI, enter the following command in Configure mode: (configure)# show aft entry Adding Static Entries to the AFT You can add static entries to the AFT manually using the Web Agent or the CLI. Web Agent Procedure To add an AFT address manually using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Address Forwarding Table folders, and then click Address Configuration.
Chapter 9 3. In the VLAN field, select a VLAN for this entry. 4. In the Port Binding field, select Forward or Filter: ■ Forward—Frames that have this source or destination MAC address are forwarded. If you select Forward, you must enter the port that you want associated with this MAC address. ■ Filter—Frames that have this source or destination MAC address are dropped. 5.
Managing the Address Forwarding Table 8. In the DA-Priority field, select the priority that you want associated with frames that have this destination MAC address: ■ None ■ Aft—Uses the priority that is assigned to the MAC address in the AFT. If you select this option, you must select a numerical priority for the MAC address. Priorities range from 0 to 7.
Chapter 9 Web Agent Procedure To use the Web Agent to change the status of option 82: 1. Open the IP Global Configuration Web page. For information on how to open this Web page, see “Enabling IP Routing Global Parameters” in Chapter 12, “Configuring IP Routing.” 2. Enable or disable the suboptions as appropriate in the DHCP Option Circuit Info and DHCP Option 82 - Agent Info fields.
10 Configuring Redundancy Options Overview The Avaya Multiservice Switch can be configured with redundancy to provide fault tolerance. For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1 Supervisor Functions The Avaya Multiservice Switch supervisor module manages the resources of the switch, provides access to these resources and supports a number of network protocols.
Chapter 10 VRRP The Avaya Multiservice Switch supports Virtual Router Redundancy Protocol (VRRP), an IETF protocol designed to support redundant LAN routers, as well as load balancing of traffic. VRRP is transparent to host end stations. All configurations are done at the Avaya Multiservice Switch, no additional end station configurations are required. See “Configuring VRRP” in Chapter 12, “Configuring IP Routing,” for more details.
Configuring Redundancy Options Configuring Redundant Hardware The Avaya Multiservice switches provide a redundant backplane to ensure that should a Supervisor module, Switch Controller, or fabric element fail, it will continue to forward data properly. The redundant components are available as separate options. Redundant Switch Controllers and Elements Controllers and Elements are located at the rear of the switches.
Chapter 10 Figure 10-2. Layout of the Redundant Backplane for P882 Chassis The Avaya Multiservice switches are equipped with diagnostics to: ■ Monitor the status of the Primary switch controller. ■ Monitor the status of a Active element. ■ Monitoring of Health Check status messages sent between the Active and Standby supervisors. If the Active supervisor fails, the Standby supervisor assumes supervisor operation.
Configuring Redundancy Options Installing and Enabling Redundant Hardware The standard switch configuration does not include a redundant controller or element. The correct process is to: ■ Install the redundant hardware. See “Installing Redundant Hardware.” ■ Enable the redundant hardware by using either the Web Agent or the CLI. See “Enabling Redundant Hardware.” After the redundant hardware is enabled, the applicable redundant component takes over if either a controller or any element fails.
Chapter 10 Enabling Redundant Hardware Web Agent Procedure To enable redundant hardware using the Web Agent: 1. In the navigation pane, expand the System > Configuration folders, and then click Switch Fabric. The Switch Fabric Status Web page is displayed in the content pane. See Figure 10-3. Figure 10-3. Switch Fabric Status Web Page 2. Select Yes from the Configure redundant Hardware field pull-down menu. 3. Click APPLY.
Configuring Redundancy Options Figure 10-4. Switch Fabric Status Web Page CLI Command To enable the redundant hardware by using the CLI, enter the following command from Enable/Configure mode: (configure)# set fabric configure-redundant-hardware enable Replacing the Primary Controller If a Primary controller fails, notification is provided by: Document No. 10-300077, Issue 2 ■ An event log message ■ An error message that displays in the Switch controller field.
Chapter 10 Figure 10-5. Switch Fabric Status Web Page If a redundant controller is installed in the switch and enabled, the switch resets and the redundant controller automatically takes over the operation of the failed Primary controller. To replace the failed Primary controller: 1. Disable redundant hardware. 2. Copy the running config to the startup config. 3. Synchronize if you have redundant supervisor modules. 4. Power off the switch power supplies.
Configuring Redundancy Options Replacing an Element If an element fails, you are notified by: ■ An event log message ■ An error message that displays in the Switch Elements field To replace a failed element: 1. Disable redundant hardware. 2. Copy the running config to the startup config. 3. Synchronize if you have redundant supervisor modules. 4. Power off the switch power supplies.
Chapter 10 CLI Command To enable an element using the CLI, enter the following command from Configure mode: > set fabric configure-redundant-hardware enable Configuring Supervisor Module Redundant Ethernet Console IP Addresses Web Agent Procedure If you need to communicate with both the Active and Standby Supervisors, configure an alternate Ethernet Console IP address for both. Configure an alternate IP address for both slot 1 and 2 CPU’s, by using the Web Agent or the CLI.
Configuring Redundancy Options 2. Enter the internal IP addresses of the slot 1 and slot 2 CPUs in the Redundant CPU Console IP Address field. The addresses cannot be the same as the console IP or each other. The Gateway must be on the same subnet as the IP addresses. This sets the IP addresses for the Ethernet Consoles in slot 1 and slot 2 CPU’s. The default values are 0.0.0.0. 3. Enter the redundant CPU default gateway IP address in the Redundant CPU Default Gateway field.
Chapter 10 Synchronizing the Active and Standby CPUs Overview After installing the active and standby supervisor modules, you must synchronize them. You can use the Web Agent or CLI to perform the synchronization. * Note: If the Active Supervisor module and the Standby (redundant) Supervisor module are synchronized while the active supervisor module is being heavily used, TFTP transfers from the active supervisor module to the Standby Supervisor module may time out or fail.
Configuring Redundancy Options Supervisor Module Redundancy Statistics The active supervisor periodically sends a health report message to the standby (redundant) supervisor. If the standby supervisor is enabled, it responds with a health report reply. Health report statistics are displayed on the CPU Redundancy Status Web page. To view this Web page, expand the System > Configuration > CPU Redundancy folders, and then click Status/Statistics.
Chapter 10 Table 10-1. Supervisor Module Configurations Configuration Active and Standby Role One Supervisor module in slot 2 The slot 2 supervisor module is active. If a supervisor module is inserted into slot 1, the slot 2 supervisor module remains active and sends health reports to the standby supervisor in slot 1. If the slot 2 supervisor is removed, reset, or fails, or if the switch is reset, the slot 1 supervisor becomes the active supervisor, and the slot 2 supervisor becomes the standby.
Configuring Redundancy Options Synchronization Procedure Web Agent Procedure * Note: You must synchronize the active and standby supervisor modules for the standby (redundant) supervisor to use the same configuration as the active supervisor. Save the running configuration to the startup configuration so that if the active supervisor fails, the current configuration information is not lost. Synchronizing the two supervisors copies the startup configuration file to the standby supervisor.
Chapter 10 Figure 10-7. CPU Redundancy Status Web Page 3. Monitor the CPU redundancy statistics to ensure that the health messages between the supervisor modules are being sent and received. Click REFRESH to ensure that the counters increment. See Table 10-2 for an explanation of the fields on the CPU Redundancy Status Web page. Table 10-2. CPU Redundancy Status Web Page Fields Parameter Definition Status Displays the functional status of the CPU modules.
Configuring Redundancy Options Table 10-2. CPU Redundancy Status Web Page Fields Parameter Definition APP1 • Version - Displays the version of the image in application 1 (APP1) for each supervisor module. • Checksum - Displays the checksum for the image running in APP1. APP2 • Version - Displays the version of the image in application 2 (APP2) for each supervisor module. • Checksum - Displays the checksum for the image in APP2.
Chapter 10 10-18 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
11 Configuring DNS Client Overview This chapter provides an overview of the Domain Naming System (DNS) Client support and procedures for configuring DNS client support on the Avaya Multiservice switch: ■ DNS Client Support ■ DNS Client on the Avaya Multiservice Switch ■ Configuring the DNS Client DNS Client Support Overview DNS is a distributed database of name servers which supply name-toaddress translations for DNS clients.
Chapter 11 Recursive vs. Iterative The goal of DNS is to resolve a fully qualified domain name (FQDN) to an IP address. This work can either be done by the DNS server or the DNS client. These approaches are referred to as Recursive or Iterative, respectively. In the Recursive approach, a client sends a query to the server.
Configuring DNS Client Sample Recursive DNS Query Typically, a network will have a local DNS server which provides translations for devices in the local network. That server will also “know” the IP address of the Root servers. When a client attempts to communicate with a device by its name, the IP portion of the protocol stack will recognize that a name (not an address) has been specified. It will then contact the local DNS server and request the name be translated into an IP address.
Chapter 11 DNS Client on the Avaya Multiservice Switch The Avaya Multiservice switch has DNS client capabilities that work in conjunction with the Command Line Interface (CLI). This feature is useful for testing connectivity (ping and traceroute) as well as copying files from TFTP servers. It is not meant for use with the normal operation of the Avaya switch. Therefore, you should not use a DNS name to specify the location of the Avaya Multiservice switch’s RADIUS server, SNTP Time server, etc.
Configuring DNS Client Order of Operations for DNS on the Switch You can configure up to six DNS servers and up to six DNS suffixes. When you use a name instead of an IP address in a command, the Avaya Multiservice switch will first check to see if the name is a fully qualified domain name (ex: hostA.avaya.com). If it is, this will be sent to the first DNS server in the list of servers.
Chapter 11 Table 11-1. DNS Error Codes Error Message Explanation Refused indicates that the DNS server refuses to answer the query for administrative reasons. Possibly due to security implementations on the DNS server. No RRs indicates that the DNS server authoritatively claims that there are no RRs that match the specified name, type and/or class. No Recursion indicates that one of the configured DNS servers does not support Recursion.
Configuring DNS Client Figure 11-1. DNS Configuration Web Page Document No.
Chapter 11 2. Select Enable from the DNS Lookup field pull-down menu to enable DNS on the switch. *Note: When DNS is enabled and configured, you can enter DNS names in place of IP addresses for the following CLI commands. Again, DNS is for use with the CLI only for testing connectivity and copying files from TFTP servers, not the normal operation of the Avaya Multiservice switch. •ping •telnet •connect •trace (traceroute) •copy tftp 3.
Configuring DNS Client Avaya(configure)# ip name-server 20.20.20.20 Added name server ’20.20.20.20’ to the name server list. Avaya(configure)# ip name-server 30.30.30.30 Added name server ’30.30.30.30’ to the name server list. Avaya(configure)# ip domain-list avaya.com Added domain name ’avaya.com’ to the domain name list. Avaya(configure)# ip domain-list support.com Added domain name ’support.avaya.com’ to the domain name list. Avaya(configure)# show hosts DNS domain name lookup is ENABLED.
Chapter 11 11-10 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
12 Configuring IP Routing Overview The Avaya Multiservice Switch supports the full suite of IP protocols for unicast and multicast packet routing and control. It is compatible with the installed base of IP routers and does not require changes to software in hosts or other routers. For Unicast, the Switch supports OSPF, RIP, and RIP2 interior gateway protocols. For Multicast, it implements IGMP, and DVMRP.
Chapter 12 ■ Configuring VRRP ■ Configuring IRDP ■ Configuring LDAP ■ Configuring a Static Route for the PPP Console ■ Configuring the IP Interface for the PPP Console For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.1. Routing Function The Routing function is logically independent from and sits “on top” of the Layer 2 VLANs.
Configuring IP Routing Requirements for IP Routing Hardware Requirements To configure your switch as an IP router, you must configure your switch with the following hardware: ■ Layer 3 supervisor module * Note: Licensed layer 3 80-series media modules are recommended for best routing performance. Software Requirements To configure your switch as an IP router, with 80-series modules (Supervisor and Media modules) you must configure your switch with a minimum of version 5.0 and above.
Chapter 12 Routing Configuration Quickstart This section provides an overview of the how to configure the Avaya Multiservice switch as a IP router. To configure the switch as a IP router: 1. Ensure that physical port parameters and cabling are correctly configured before creating VLANs. See Chapter 8, “Configuring Ports”. 2. Create a VLAN (each VLAN is an IP subnet). See “Creating and Implementing VLANs,” in Chapter 6, “Using VLANs, Hunt Groups, and VTP Snooping.” 3. Assign switch ports to the VLAN.
Configuring IP Routing Figure 12-2. IP Interfaces Web Page 2. To modify an IP interface, first select the specific interface, then modify the parameters, and then click APPLY or CANCEL to restore previous settings. * Note: If you modify the ARP Timeout value, the new value does not take affect when you click APPLY. To modify the ARP Timeout setting, first change the interface Admin State to Down, then change the ARP Timeout value, and finally change the interface Admin State back to Up: a.
Chapter 12 Creating and Assigning IP Interfaces to the VLAN Web Agent Procedure After you have set up a VLAN, you must create the IP interface that your VLAN and your subnet uses to communicate with each other. While creating the IP interface, you must assign it to the VLAN. The last step is to enable IP forwarding (Routing) global parameters. To create a new IP interface and assign it to a VLAN: 1. In the navigation pane, expand the Routing > IP > Configuration folders, and then click Interfaces.
Configuring IP Routing Figure 12-3. Add IP Interface Web page Document No.
Chapter 12 Table 12-1. Add IP Interface Web Page Fields Parameter Allows you to... Name Enter a unique, alphanumeric name for the interface (maximum 30 characters) VLAN A pull down menu that associates a VLAN with this IP Interface. Note: The way that you configure a port(s) to a VLAN determines the IP Routing option that you select for the interface. Use the following options to configure the appropriate interface: • Default - Selects the default VLAN.
Configuring IP Routing Table 12-1. Add IP Interface Web Page Fields Parameter Allows you to... MAC Format Select the MAC address format for the interface. Options include: • Ethernet V2 • Simple Network Access Protocol (SNAP) ARP Timeout Enter the timeout period for Address Resolution Protocol (ARP) in seconds.The ARP Timeout value is the period of time the switch will wait for data from a station, if no data is received, the station is deleted from the ARP Table.
Chapter 12 Table 12-1. Add IP Interface Web Page Fields Parameter Allows you to... Multicast Protocol Specify the multicast protocol for the interface. Options include: • None (Default) • DVMRP • IGMP * Note: By Default, multicast forwarding is disabled. To enable multicast forwarding go to the IP Global Configuration page. Proxy ARP Enable or disable Proxy ARP. The default value is Disable. ICMP Redirect Enable or disable ICMP Redirect (IDRP). The default value is Enable.
Configuring IP Routing Web Agent Procedure To enable IP routing using the Web Agent: 1. In the navigation pane, expand the Routing > IP > Configuration folders, and then click Global. The IP Global Configuration Web page is displayed in the content pane. See Figure 12-4. Figure 12-4. IP Global Configuration Web Page Document No.
Chapter 12 2. See Table 12-2 to configure the IP Global Configuration Web page. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 12-2. IP Global Configuration Parameters Parameter Allows you to... IP Unicast Forwarding Disable IP Unicast Forwarding. Must be enabled for Unicast Forwarding. The default setting is Enable. IP Multicast Forwarding Enable IP multicast forwarding on a global basis. Must be enabled for Multicast Routing or Forwarding.
Configuring IP Routing Table 12-2. IP Global Configuration Parameters Parameter Allows you to... Maximum Number of Routes Enter the maximum number of routes that you want added to the routing table. The default number of routes is 16384. Note: These routes refer only to IP Unicast entries. Maximum Number of ARP Cache Entries Enter the maximum number of ARP cache entries. ARP entries refers to the space available for the ARP cache.
Chapter 12 Table 12-2. IP Global Configuration Parameters Parameter Allows you to... RIP Routes Enter the number of RIP routes to use the hop count as a metric. Hence, to specify a preference for a RIP route, you need to enter a lower number (path cost). Low-Preference Static Routes Enter a preference value for Low preference static routes. 3 of 3 IP Multinetting You can set up a configuration of multiple subnets, and IP interfaces on a single VLAN. This is also referred to as IP Multinetting.
Configuring IP Routing Creating a Multinet Interface To create a multinet interface: 1. In the navigation pane, expand the Routing > IP > Configuration folders, and then click Interfaces. The IP Interfaces Web page is displayed in the content pane. See Figure 12-2. 2. Select CREATE. The Add IP Interface Web page is displayed. See Figure 12-3. 3. Enter a name for the interface in the Interface field. 4. Select a VLAN for this multinet interface from the VLAN field pulldown menu. 5.
Chapter 12 If the forwarding cache contains a high number of short-lived protocol entries, you can set the switch to use the slow path to route packets of a specific short-lived protocol. By using the slow path to route short-lived protocol traffic, you conserve the resources of the forwarding engines, which provide the fast in band routing engine (FIRE) and fast out of band routing engine (FORE).
Configuring IP Routing Table 12-3. Keywords, Arguments, and Options Keyword, Argument, or Option Definition {tcp | udp} Enter tcp if the protocol that you want to filter uses a TCP port. Enter udp if the protocol that you want to filter uses a UDP port. Examples The TCP or UDP port number that the protocol uses. Enter a port number from 0 through 65535.
Chapter 12 Table 12-4. Keywords, Arguments, and Options Keyword, Argument, or Option Definition {tcp | udp} Enter tcp if the protocol that you want to filter uses a TCP port. Enter udp if the protocol that you want to filter uses a UDP port. Examples The TCP or UDP port number that the protocol uses.
Configuring IP Routing Creating IP Static Routes You can create IP static routes using either the Web Agent or the CLI. *Important: Do not create a static route to a local interface. This configuration is not supported. Web Agent Procedure To create IP static routes using the Web Agent: 1. In the navigation pane, expand the Routing > IP > Configuration folders. 2. Click Static Routes. The IP Static Routes Web page is displayed in the content pane. 3. Click CREATE.
Chapter 12 Table 12-5. IP Static Route Parameters Field Explanation Network Address Enter an IP network address for your IP static route. Mask Enter an IP subnet mask for your IP static route. Next-Hop Address Enter an IP address for the gateway associated with the IP static route. The default setting is null 0, which creates a discard route. For information on creating a discard route, see “Creating a Static Route to a Null Interface.
Configuring IP Routing Figure 12-7. Null Interface Example In the preceding figure, Router 1 has a default route that points to the Border Router for addresses that are not known within the enterprise. If a null interface is not configured: 1. Router 3 forwards packets that have a destination of 10.10.3.32 to Router 1. 2. Because VLAN 103 is down, Router 1 sends the packets to the Border Router. 3. The Border Router then sends the traffic back to Router 1 via the route 10.10.0.0/16.
Chapter 12 Procedure Web Agent Procedure To create a static route to a null interface: 1. In the navigation pane, expand the Routing > IP > Configuration folders. 2. Click Static Routes. The IP Static Routes Web page is displayed in the content pane. 3. Click CREATE. The Add IP Static Route Web page is displayed in the content pane. See Figure 12-6. 4. In the Network Address field, enter the IP address of the network for which you are creating a null interface. 5.
Configuring IP Routing Figure 12-8. IP Static ARP Entries Web Page 2. Select CREATE. The Add IP Static ARP Entry Web page is displayed. See Figure 12-9. Figure 12-9. Add IP Static ARP Entry Web Page 3. See Table 12-6 to configure the Add IP Static ARP Entry Web page parameters: Table 12-6. IP Static ARP Parameters Parameter Allows you to... IP Address Enter an IP address to associate with the Static ARP entry.
Chapter 12 Creating a BOOTP/DHCP Server Entry The BOOTP/DHCP Server Entry allows you to configure a Router as a BOOTP/DHCP Relay Agent between a BOOTP/DHCP server and the requesting client. You can create a BOOTP/DHCP Server entry using either the Web Agent or the CLI. * Note: BootP/DHCP must first be enabled in the IP Global Configuration. Web Agent Procedure To create a BOOTP/DHCP entry using the Web Agent: 1.
Configuring IP Routing CLI Command To create a BOOTP/DHCP entry using the CLI, enter the following command in Configure mode: (configure)# ip boot-dhcp server Configuring Route Redistribution Overview Route redistribution makes it possible for different IP routing protocols to exchange routing information.
Chapter 12 This section contains the following procedures: ■ Creating an IP Redistribute List Entry ■ Viewing IP Redistribute List Entries ■ Modifying an IP Redistribute List Entry ■ Deleting an IP Redistribute Entry Creating an IP Redistribute List Entry Web Agent Procedure To create an IP redistribute list entry: 1. In the navigation pane, expand the Routing > IP > Configuration folders. 2. Click IP Redistribute List. The IP Redistribute List Entries Web page is displayed in the content pane.
Configuring IP Routing Figure 12-13. Add IP Redistribute List Entry 5. In the Access List field, select an access list to filter the routes that are redistributed. If you select NA, all routes are redistributed. * Note: You can use different access lists for different IP redistribute list entries. All IP redistribute list entries do not have to use the same access list. 6. In the Source Protocol field, select the protocol whose routes you want to redistribute. Options are RIP, OSPF, static, and local. 7.
Chapter 12 Viewing IP Redistribute List Entries Web Agent Procedure To view IP redistribute list entries: 1. In the navigation pane, expand the Routing > IP > Configuration folders. 2. Click IP Redistribute List. The IP Redistribute List Entries Web page is displayed in the content pane. See Figure 12-12.
Configuring IP Routing Figure 12-14. IP Redistribute List Entries Web Page 2. Select the route redistribution entry that you want to modify. 3. Modify the entry as necessary. 4. Click APPLY. CLI Command To modify an IP redistribute list entry, use the same redistribute command that you use to create a route redistribution entry. For more information, see “Creating an IP Redistribute List Entry” earlier in this chapter.
Chapter 12 2. Select the route redistribution entry that you want to delete. 3. Click Delete.
Configuring IP Routing This section contains the following procedures: ■ Configuring IGMP ■ Globally Enabling IGMP ■ Modifying IGMP Interfaces ■ Configuring and Modifying DVMRP ■ Configuring the DVMRP Global Configuration ■ Modifying a DVMRP Interface Configuring IGMP IGMP enables hosts to inform routers when they join or leave groups. Routers periodically query hosts (query interval) for the groups in which the hosts are members.
Chapter 12 Figure 12-15. IGMP Global Configuration Web Page 4. Select Enable from the IGMP field pull-down menu to enable IGMP. 5. Select Enable from the MTRACE field pull-down menu to enable MTRACE processing. 6. Click APPLY to save your changes, or CANCEL to restore previous settings.
Configuring IP Routing Figure 12-16. IGMP Interfaces Web page 2. See Table 12-8 to modify an IGMP interface. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 12-8. IGMP Interface Parameters Parameter Allows you to... Select Select the interface to be modified. Interface Displays the IP interface that is configured with IGMP. IP Address Displays the IP address associated with this interface.
Chapter 12 Table 12-8. IGMP Interface Parameters Parameter Allows you to... Always be Group Membership Querier Version 1.0 - Select Enable to make this interface the designated querier. The default is Disable. Version 2.0 - Select Enable to force this interface to send queries. The default is Disable which tells the interface to obey the designated querier election. Note: Only the designated router will query hosts on your network.
Configuring IP Routing Configuring and Modifying DVMRP Distance Vector Multicast Routing Protocol (DVMRP) uses IP packets with protocol type 2 (IGMP) to exchange routing datagrams. DVMRP enables multicast routers to exchange distance vector updates that contain multicast flow lists and their corresponding cost metrics. DVMRP may use tunneling between pairs of DVMRP routers when traffic must pass through one or more intermediary routers or gateways that do not implement DVMRP.
Chapter 12 Figure 12-17. DVMRP Global Configuration Web Page 4. Select Enable from the DVMRP Version 3/0xFF field. 5. See Table 12-9 to configure the DVMRP Global Configuration Web page parameters. 6. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 12-9. DVMRP Global Configuration Web Page Parameters Parameter Allows you to... DVMRP Version 3/xFF Select Disable to globally disable DVMRP. The default value is Enable.
Configuring IP Routing Table 12-9. DVMRP Global Configuration Web Page Parameters Parameter Allows you to... Neighbor Router Timeout Interval Enter the time-out interval (in seconds) that a neighbor stays up without confirmation. This is an important method used to time-out old routes. The valid range for this field is 10 to 50 seconds. The default setting is 35 seconds. Minimum Flash Update Interval Enter the update interval (in seconds) between flash updates.
Chapter 12 Modifying a DVMRP Interface You can modify a DVMRP interface using either the Web Agent or the CLI. Web Agent Procedure To modify a DMVRP interface using the Web Agent: 1. In the navigation pane, expand the Routing > DVMRP folders, and then click Interfaces. The DVMRP Interfaces Web page is displayed in the content pane. See Figure 12-18. Figure 12-18. DVMRP Interfaces Web Page * Note: You must first set “multicast protocol” on an interface to DVMRP before you can configure DVMRP.
Configuring IP Routing Table 12-10. DVMRP Interface Parameters Parameter Defines the... Interface Type Select an Interface type. You can configure the interface type as: • Broadcast - All traffic is forwarded through the routers. This is not a tunnel and does not require encapsulation. • Non-Encapsulated Tunnel - All multicast data traffic is IPIP encapsulated, but the protocol messages are unicast.
Chapter 12 Monitoring Switch Performance Using IP Statistics This section provides detailed information on the analysis and use of IP and IP multicast statistics. IP routing statistic options include: ■ Displaying Global IP Routing Statistics ■ Searching the IP Routing Table ■ Displaying the IP Routing Table Statistics ■ Searching the IP ARP Cache Displaying Global IP Routing Statistics You can monitor switch performance using either the Web Agent or the CLI.
Configuring IP Routing Figure 12-19. IP Routing Global Statistics Web Page 2. Click — Clear to set all statistics to zero. — Refresh to update all statistics. 3. See Table 12-11 to review the definition of each statistic: Table 12-11. IP Routing Global Statistics Statistic Defines the... IP In Receives Total number of input datagrams received from interfaces, including those received in error.
Chapter 12 Table 12-11. IP Routing Global Statistics Statistic Defines the... IP In Address Errors Number of input datagrams discarded because the IP address in their IP header’s destination field was not a valid address to be received at this entity. This count includes invalid addresses (for example, 0.0.0.0) and addresses of unsupported Classes (for example, Class E).
Configuring IP Routing Table 12-11. IP Routing Global Statistics Statistic Defines the... IP Out Discards Number of output IP datagrams for which no problem was encountered to prevent their transmission to their destination, but were discarded (for example, for lack of buffer space). Note that this counter includes datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion.
Chapter 12 Table 12-11. IP Routing Global Statistics Statistic Defines the... ICMP In Errors Number of ICMP messages that the entity received but determined as having ICMP-specific errors (bad ICMP checksums, bad length). ICMP In Destination Unreachables Number of ICMP Destination Unreachable messages received. ICMP In Time Exceeds Number of ICMP Time Exceeded messages received. ICMP In Parameter Problems Number of ICMP Parameter Problem messages received.
Configuring IP Routing Table 12-11. IP Routing Global Statistics Statistic Defines the... ICMP Out Source Quenchs Number of ICMP Source Quench messages sent. ICMP Out Redirects Number of ICMP Redirect messages sent. For a host, this object will always be zero, since hosts do not send redirects. ICMP Out Echo Requests Number of ICMP Echo (request) messages sent. ICMP Out Echo Replies Number of ICMP Echo Reply messages sent.
Chapter 12 Table 12-11. IP Routing Global Statistics Statistic Defines the... BOOTP/DHCP In Responses Total number of BOOTP/DHCP response datagrams received by the BOOTP/DHCP Relay Agent. BOOTP/DHCP In Discards Number of BOOTP/DHCP requests discarded.Incremented when an IP interface receives a DHCP/BootP request, but the IP interface does not have the BooTP/DHCP Relay Gateway Enabled. BOOTP/DHCP In Hops Exceeds Number of BOOTP/DHCP requests not forwarded due to number of hops exceeds.
Configuring IP Routing Figure 12-20. IP Route Table Search Web Page 2. Select the search criteria you want to use to find more specific information on available routes. For example, if you want to find all static routes that are presently configured on your switch, search by source and specify static as your search value. 3. See Table 12-12 to determine your search parameters: Table 12-12. IP Route Table Search Parameters Parameter Allows you to search...
Chapter 12 Figure 12-21. IP Route Table Web Page * Note: To delete a local entry from your IP routing table, you must delete the local IP interface associated with that entry. Displaying the IP Routing Table Statistics To display the IP Routing Table Statistics: 1. In the navigation pane, expand the Routing > IP > Display folders, and then click Route Table Statistics. The IP Routing Table Statistics Web page is displayed in the content pane. See Figure 12-22. Figure 12-22.
Configuring IP Routing Table 12-13. IP Routing Table Statistics Web Page Parameters CLI Command Parameter Definition Current Number of Routes Displays the total number of active routes. Peak Number of Routes Displays the peak number of routes. Total Routes Added Displays the total number of routes added. Total Routes Deleted Displays the total number of routes deleted. RIP Route Changes Displays the number of changes to the IP route database made by RIP.
Chapter 12 Figure 12-23. ARP Cache Entry Search Web Page 2. Select the search criteria you want to use to find more specific information on your switch’s current ARP cache. For example, if you want to find all of the IP ARP cache entries associated with your out-ofband connection on your switch, search by VLAN and specify Ethernet Console as your search value. 3. See Table 12-14 for an explanation of the ARP Cache Search Web page parameters: Table 12-14.
Configuring IP Routing IP Multicast Statistics You can view IP Multicast statistics through by using either the Web Agent or the CLI.
Chapter 12 Figure 12-24. IGMP Global Statistics Web Page 2. To modify your global statistics, perform one of the following: — Click CLEAR to reset all statistics to zero — Click REFRESH to view the latest statistics. 3. See Table 12-15 for an explanation of the IGMP Global Statistics Web page parameters: Table 12-15. IGMP Global Statistics Web Page Parameters Parameter Defines the... Group Membership Reports Received Number of reports received in response to a group membership query.
Configuring IP Routing Web Agent Procedure To display the IGMP Interface Statistics using the Web Agent: 1. In the navigation pane, expand the Routing > IGMP folders, and then click Interface Statistics. The IGMP Interface Statistics Web page is displayed in the content pane. See Figure 12-25. Figure 12-25. IGMP Interface Statistics Web Page 2.
Chapter 12 Table 12-16. IGMP Interface Statistics Web Page Parameters Parameter Defines the... This Router is Group Membership Querier Router that was configured or elected to be the designated group membership querier. The switch queries hosts on each interface only when it is acting as the designated querier on that interface. Robustness Variable Setting for the expected packet loss on a subnet. If a subnet is expected to have more packet loss, the Robustness Variable should be increased.
Configuring IP Routing CLI Command To display the IGMP Interface Statistics using the CLI, enter the following command from configuration mode: (configure)# show ip igmp statistics Displaying the IGMP Group Membership Table The multicast group table provides information on interfaces that are members of an IGMP group and contains an expiry time for the entry, IP address of the group, and the group reporter address. Web Agent Procedure To display the multicast group table using the Web Agent: 1.
Chapter 12 Table 12-17. IGMP Group Membership Table Web Page Fields CLI Command Parameter Defines the... Group Member Interface Interface that is connected to a member of an IGMP group. Group Address Group address that has members on this interface. Group Created On Time at which the group was created on the router. Group Multicast Protocol Routing protocol being used for the group. If no routing protocol is being used on the interface a group is on, this column displays IGMP.
Configuring IP Routing 2. To modify the Local Multicast Forwarding Cache, select an entry and: — Click Delete Entry to delete one or more entries. — Click Flush Table to clear the entire table. — Click REFRESH to receive the most up-to-date information on the entries in the table. 3. See Table 12-18 to review the IGMP Multicast Forwarding Cache information: Table 12-18. IGMP Local Multicast Forwarding Cache Parameters Parameters Defines the...
Chapter 12 Figure 12-28. DVMRP Global Statistics Web Page 2. Click: — CLEAR to reset all statistics to zero — REFRESH to view the latest statistics. 3. See Table 12-19 for an explanation of the DVMRP Global Statistics Web page parameters: Table 12-19. DVMRP Global Statistics Web Page Parameters Statistic Defines the number of... Probe Messages Received Probe messages received on this switch.
Configuring IP Routing Table 12-19. DVMRP Global Statistics Web Page Parameters Statistic Defines the number of... Probe Messages Transmitted Probe messages transmitted to the network. Report Messages Transmitted Report messages transmitted on this switch. Prune Messages Transmitted Prune messages transmitted upstream on this switch. This indicates the number of old branches removed from the multicast distribution tree.
Chapter 12 2. Select an interface and perform one of the following: — Click REFRESH to view the latest interface statistics. — Click CLEAR All to reset all statistics to zero. — Click CLEAR to reset the selected interface. 3. See Table 12-20 for an explanation of the DVMRP Interface Statistics Web page parameters: Table 12-20. DVMRP Interface Statistics Parameters Parameter Defines the... DVMRP Interface IP interface configured with the DVMRP multicast routing protocol.
Configuring IP Routing Table 12-20. DVMRP Interface Statistics Parameters Parameter Defines the... Invalid Routes Received Number of invalid routes received on this interface. Neighbor DVMRP Router(s) Number of (neighbor) routers that are also running DVMRP. Note: This number is a hypertext link that provides additional information on the DVMRP neighbor router(s).
Chapter 12 Table 12-21. DVMRP Neighbor Routers CLI Command Parameter Displays... Neighbor Network Address The neighbor router’s IP address. Found on Interface The neighbor routers found on this interface. DVMRP Supported Major/Minor Version The DVMRP version supported by the neighbor router. Expiration period in (sec) The time (in seconds) before the neighbor router times out. Neighbor Received Probe From This Router Whether the neighbor router received this router’s probe message.
Configuring IP Routing Figure 12-31. DVMRP Route Table Statistics Web Page 2. See Table 12-22 for an explanation of the DVMRP Route Table Statistics Web page parameters: Table 12-22. DVMRP Routing Statistical Parameters Parameter Defines the... Current Number of Routes Total number of routes present in the routing database. This number includes both valid and invalid routes.
Chapter 12 Figure 12-32. DVMRP Route Table Web Page 2. To modify your DVMRP Route table, do one of the following: — To delete one or more entries., select the entry and click Delete Entry — To clear the entire table, click Flush Table. — To receive the most up-to-date information on the entries in the table, Click REFRESH. 3. See Table 12-23 for an explanation of the DVMRP Route Table parameters: Table 12-23. DVMRP Route Table Parameters Parameter Defines the...
Configuring IP Routing Table 12-23. DVMRP Route Table Parameters Parameter Defines the... Designated Forwarder(s) Network router(s) responsible for forwarding from the source network onto the downstream interface. Displays the Designated Forwarders Web page. Downstream Dependent Router(s) Number of downstream DVMRP routers that are dependent on this router for this particular route. Displays the DVMRP Downstream Dependent Router(s) Web page.
Chapter 12 Displaying the DVMRP Designated Forwarder(s) Table Web Agent Procedure To view the DVMRP Designated Forwarder table: 1. In the navigation pane, expand the Routing > DVMRP folders, and then click Route Table. The DVMRP Route Table Web page is displayed in the content pane. See Figure 12-32. 2. Select the number from the Designated Forwarder column for the appropriate source network. The Designated Forwarder(s) Table Web page is displayed. See Figure 12-33. Figure 12-33.
Configuring IP Routing Displaying the DVMRP Downstream Dependent Routers Web Agent Procedure To view the DVMRP downstream dependent routers: 1. In the navigation pane, expand the Routing > DVMRP folders, and then click Route Table. The DVMRP Route Table Web page is displayed in the content pane. See Figure 12-32. 2. Select the number from the Downstream Dependent Router(s) column for the appropriate source network. The Downstream Dependent Router(s) Web page is displayed. 3.
Chapter 12 Web Agent Procedure To display the multicast forwarding cache Web page: 1. In the navigation pane, expand the Routing > DVMRP folders, and then click Multicast Forwarding Cache. The Multicast Forwarding Cache Web page is displayed in the content pane. See Figure 12-34. Figure 12-34. Multicast Forwarding Cache Web Page 2. To modify the Multicast Forwarding Table: — Select the entry and click Delete Entry to delete one or more entries. — Click Flush Table to clear the entire table.
Configuring IP Routing Table 12-27. Multicast Forwarding Cache Web Page Parameters Parameter Defines the... Source Address Mask Subnet mask associated with the DVMRP source subnetwork. Upstream Interface Local interface which is receiving this flow. Upstream Neighbor (Router) Address IP address of the upstream neighbor (router). Invalid Flows From Upstream Number of invalid flows received from the upstream neighbor.
Chapter 12 Table 12-28. Upstream Prune Information Web Page Parameter Parameter Displays the... Interface Type The interface type. Types include: • Broadcast - All traffic is forwarded through the routers. This is not a tunnel and does not require encapsulation. • IPIP Tunnel - All multicast traffic (data and protocol messages) on this interface is encapsulated in IP unicast packets with the protocol set to IPIP (IP in IP).
Configuring IP Routing Table 12-29. DVMRP Downstream Links Web Page Parameters Parameter Displays the... Interface Type Interface type. Types include: • Broadcast - All traffic is forwarded through the routers. This is not a tunnel and does not require encapsulation. • IPIP Tunnel - All multicast traffic (data and protocol messages) on this interface is encapsulated in IP unicast packets with the protocol set to IPIP (IP in IP).
Chapter 12 Configuring VRRP Virtual Router Redundancy Protocol (VRRP) is used to provide fast-fail over for hosts if the default gateway fails. This eliminates the single point of failure inherent in a network with statically configured default routes. The VRRP protocol defines an election process that will determine a Master and a Backup router. The Master router will forward all packets destined for the IP Address associated with the virtual router.
Configuring IP Routing Figure 12-35. IP Global Configuration Web Page 2. Select Enable from the VRRP field pull-down menu. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. CLI Command To globally enable VRRP from the CLI, enter the following command in Configure mode: (configure)# router vrrp Enabling VRRP on an Interface VRRP can be enabled on an interface using the Web Agent or the CLI.
Chapter 12 Web Agent Procedure To enable an VRRP on an interface using the Web Agent: 1. In the navigation pane, expand the Routing > IP > Configuration folders, and then click Interfaces. The IP Interfaces Web page is displayed in the content pane. See Figure 12-36. Figure 12-36. IP Interface Web Page 2. Select the interface on which you want VRRP to be enabled. 3. Select Enable from the VRRP field pull-down menu for the interface you selected. 4.
Configuring IP Routing Figure 12-37. VRRP Virtual Routers Web Page 2. Select CREATE. The Add VRRP Virtual Router Web page opens (Figure 12-38). Figure 12-38. Add VRRP Virtual Router Web Page 3. Table 12-31 lists the parameters and describes the type of information that should be entered in the Add VRRP Virtual Router Web page fields to create a VRRP virtual router. Document No.
Chapter 12 Table 12-31. Add VRRP Virtual Router Web Page Parameters Parameter Definition Interface This is the IP Interface that the virtual router will be associated with. The drop-down menu displays all the IP Interfaces currently created. Select the Interface that the virtual router will be associated with. Be sure to enable VRRP on the particular Interface selected. Multiple virtual routers may be created on a single interface but they must have unique IP Addresses and VRID’s.
Configuring IP Routing Table 12-31. Add VRRP Virtual Router Web Page Parameters Parameter Definition Advertisement Timer Enter the value of the Advertisement Interval in seconds. This is the time interval that the router will send out advertisements if it is the Master. The range is from 1 255 seconds. The Advertisement Interval also defines the time that a Backup will wait until becoming Master.
Chapter 12 Table 12-31. Add VRRP Virtual Router Web Page Parameters Parameter Definition Address Owner Override Enable or Disable Address Owner Override using the drop-down menu. Enabling Address Owner Override allows the VIP to reply to ICMP requests if the router is not the IP Address owner of the virtual router’s IP Address (the VIP and IP Address are different). Address Owner Override helps to ensure connectivity and availability of all virtual routers.
Configuring IP Routing Figure 12-39. VRRP Virtual Router Statistics Web Page 2. To modify the VRRP statistics: — Click CLEAR to reset all the entries. — Click REFRESH to receive the most up-to-date information on the entries. 3. See Table 12-32 for an explanation of the VRRP Virtual Router Statistics Web page parameters: Table 12-32. VRRP Virtual Router Statistics Web Page Fields Parameter Definition... Interface Displays the IP Interface name that the virtual router is associated with.
Chapter 12 Table 12-32. VRRP Virtual Router Statistics Web Page Fields Parameter Definition... State Displays the current state of the virtual router. ·Initialize - Indicates that the virtual router is waiting for a Startup Event. A virtual router could be in this state due to VRRP being disabled Globally, VRRP being disabled on the corresponding IP Interface, or that the associated IP Interface is Down. ·Backup - Indicates that the virtual router is in the Backup state.
Configuring IP Routing Assigning the IP Address of a Virtual Router When creating a virtual router, it must be first decided whether to make the IP Address of the virtual router (the VIP) unique or the same as the Primary IP Address of the associated IP Interface address. If the VIP is unique, this is known as non-IP Address Owner. This means the VIP is not "owned" by the router as a Primary IP Address.
Chapter 12 This is especially helpful in a network where a routing protocol is used (RIP, OSPF). In most cases, the VRRP election process will take place before the routing table has been updated. This may cause a longer period of traffic loss. Assigning Priorities to Virtual Routers The allowed configurable range for the Priority of a virtual router is 1-254. 255 is reserved for a virtual router that is IP Address Owner (as described above).
Configuring IP Routing Configuring IRDP ICMP Router Discovery Protocol (IRDP) is an alternative router discovery protocol using ICMP messages on multicast links. ICMP uses router discovery messages, known as router advertisements and router solicitations. Each router periodically multicasts a router advertisement from each of its multicast interfaces, announcing the IP address of that interface, and other router IP addresses.
Chapter 12 2. Select the interface on which to enable IRDP in the Select column. A checkmark displays. 3. See Table 12-33 to configure the ICMP Router Discovery Protocol Web page parameters. Table 12-33. ICMP Router Discovery Protocol Web Page Fields Parameter Allows You to... Select Select the interface to be configured. Interface View the IRDP interface name. Network Address View the network IP address of the IRDP interface. IRDP State Select Enable IRDP on the selected interface.
Configuring IP Routing 4. Select Enable from the IRDP State pull-down menu. 5. Select Multicast from the Adv. Address pull-down menu. 6. Modify the default value in the Min. Advertisement Interval (sec.) field and enter the minimum time interval that passes before the host contacts the switch. 7. Modify the default value in the Max. Advertisement Interval (sec.) field and enter the maximum time interval that passes before the host contacts the switch. 8.
Chapter 12 Configuring LDAP Lightweight Directory Access Protocol (LDAP) allows you to access the “Access Control Lists”(ACLs), retrieve them from a database on an LDAP server, and apply them to the Avaya P580 or P882 Multiservice switches. You can also: ■ View LDAP statistics for the switch ■ Configure a primary and secondary LDAP server ■ Configure a search base for the switch to contact in response to an LDAP request.
Configuring IP Routing Figure 12-41. LDAP Configuration Web Page 2. See Table 12-34 to configure the LDAP Configuration Web page parameters. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 12-34. LDAP Configuration Web Page Parameters Parameter Allows You To... Primary Server IP Address Enter the IP address of your primary LDAP server for the access control list domain. This address is used first when connecting to and downloading access lists from an LDAP server.
Chapter 12 Table 12-34. LDAP Configuration Web Page Parameters Parameter Allows You To... Secondary Server Port Enter the backup LDAP server port number for the access control list domain. The port number is used in conjunction with the secondary server IP address. There are no special overload values. The default port number is 389. Enter the search criteria that will be sent to the LDAP server. The default value is “ou=Devices, ou=AvayaPolicyManager, o=Avaya”.
Configuring IP Routing Viewing LDAP Statistics You can view LDAP statistics from either the Web Agent or the CLI. Web Agent Procedure To view LDAP statistics using the Web Agent: 1. In the navigation pane, expand the Routing > IP > Display folders, and then click LDAP Statistics. The LDAP Statistics Web page is displayed in the content pane. See Figure 12-42. Figure 12-42. LDAP Statistics Web Page 2. Click Refresh to dynamically update LDAP Statistics parameters. 3.
Chapter 12 Table 12-35. LDAP Statistics Web Page Parameters Parameter Definition Consumer Signal Indicates the success of the LDAP client when downloading a policy. If the consumer signal matches the producer signal, downloading LDAP to a policy was successful. If the consumer signal is -1, then either the LDAP client had a problem processing the access lists or the consumer signal set on the LDAP client did not match the signal configured on the LDAP server.
Configuring IP Routing Configuring the IP Interface for the PPP Console You can configure an IP interface for the PPP console from either the Web Agent or the CLI. Web Agent Procedure To configure the PPP console with an IP address and mask using the Web Agent: 1. Configure your console serial port as a PPP Console. See “Connecting a Modem”, in Chapter 2, “Setting Up the Switch”. 2. Connect your modem cable to the switch’s serial port. 3.
Chapter 12 12-92 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
13 Configuring Access Lists Overview Contents This chapter contains the following sections: ■ Creating Access Rules ■ Enabling an Access List ■ Example: Using an Access Control Rule to Filter Web Traffic ■ Logging ACL Activity ■ Optimizing Switch Performance For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.
Chapter 13 These five parameters are referred to as a “5 Tuple”. Source or destination addresses allow you to prioritize traffic between any combination of host, subnet, and network addresses. Further, if you specify a source or destination TCP/UDP port, you can prioritize specific traffic between hosts on two different networks. For example, you could increase the priority of Voice Over IP (VoIP) traffic between two subnets in a call center by specifying the UDP port number used by the phone system.
Configuring Access Lists An ACL name can be a number. For example, you can create a list whose name is 1 or 151. If you chose to use numbers, keep in mind the following restrictions: ■ Numbers 1 through 99 are reserved for Standard type Rules ONLY. So, for example, if you try to create an Extended Rule whose ACL Name is 1, it will be rejected. ■ Numbers 100 through 199 are reserved for Extended type Rules ONLY.
Chapter 13 What is TCP Established? TCP Established is a criteria applied by a rule where the “Acknowledge” bit in a TCP header is examined. If this option is not “checked”, the rule will apply to the packets whose Acknowledge bit is clear (0). If the option is checked, packets that have the Acknowledge bit set will be affected by the rule. The Acknowledge bit in the TCP header, when 0, indicates that the packet is an initial “call” to the destination. The host sending the message will clear the bit (0).
Configuring Access Lists The rules for implementing the above restrictions would be as follows: Rule # Rule TCP Established 1 allow Any to call WS dest port 80 Un-Checked 2 allow WS to respond Checked 3 allow WS to IN Un-Checked 4 deny WS to Any (Outside) Un-Checked 5 allow IN to Any Un-Checked 6 deny remaining traffic from Outside to Any Un-Checked Rules 1 and 2 collectively manage Web traffic to and from the Web server (WS).
Chapter 13 Creating Access Rules This section contains the following procedures: ■ Creating Standard Access Rules ■ Creating Extended Access Rules Creating Standard Access Rules To create standard access rules: 1. In the navigation pane, expand the Routing > IP > Configuration folders, and then click Access Lists. The IP Access List Web page is displayed in the content pane. See Figure 13-1. *Note: The IP Access List displays all standard and extended access rules that have been created.
Configuring Access Lists Figure 13-1. IP Access List Web Page 2. Click Create Standard. The Create Standard Access List Web page is displayed. See Figure 13-2. Figure 13-2. Create IP Standard Access List Web Page 3. See Table 13-1 to configure the Create Standard IP Access List Web page to filter or prioritize traffic: Document No.
Chapter 13 Table 13-1. Create Standard IP Access List Web Page Parameters Parameter Allows you to... Access List Name The Avaya Multiservice switch supports ACL names up to 32 characters (Alpha-Numeric). Spaces are allowed in the names but are not recommended. Instead of spaces, use the underscore “_” character. See “Naming Conventions for ACLs” for more information. Access Rule Index Enter the sequence number for each new rule you create. Index numbers can be 1 through 512.
Configuring Access Lists *Note: The IP Access List Web page displays all standard and extended access rules that have been created. If no rules have been created, the following statement displays: No IP Access Rules are currently configured. 2. Select Create Extended. The IP Extended Access Rule Creation Web page is displayed. See Figure 13-3. Figure 13-3. IP Extended Access Rule Creation Web Page 3.
Chapter 13 Table 13-2. IP Extended Access Rule Creation Parameters Parameter Allows you to... Access List Name Enter the alphanumeric name of the access list this rule will be added to. See “Naming Conventions for ACLs” for more information Access Rule Index Enter the sequence number for each new rule you create. Index numbers can be 1 through 512. Packets are compared against rules in ascending index order. Note: Entering a new rule may override other rules.
Configuring Access Lists Table 13-2. IP Extended Access Rule Creation Parameters Parameter Allows you to... TCP/UDP Source Port Specify a range of source ports that pass between two hosts or switches using the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP). Options include: • Min. - The lowest numbered port in the range. The default is 0. • Max. - The highest numbered port in the range. The default is 65,535.
Chapter 13 Enabling an Access List You can enable an access list on the switch through the Web Agent and the CLI. When you enable an ACL, the switch: ■ ■ Web Agent Procedure May change the maximum number of forwarding entries for IP unicast traffic to improve the performance of the switch. If the maximum number of entries is set to: — Less than 15,000, the switch automatically doubles the setting. — Between 15,000 and 30,000, the switch changes the setting to 30,000.
Configuring Access Lists 2. Select Enable from the Enable field pull-down menu to filter inbound traffic. 3. Select the name of the access list to be used for filtering when IP access control is enabled from the IP Access List field pull-down menu. 4. Click APPLY to save your changes.
Chapter 13 7. Enter the IP address in the Dest Address field that represents the destination address of the Web server. Enter a wildcard of 0.0.0.0 to identify the specific IP address of the destination Web server. * Note: To deny/filter traffic to a specific address and not to an entire subnet, you must specify the destination IP address of the network node, and use a subnet wildcard of 0.0.0.0. 8. Specify the TCP protocol ID = 6.
Configuring Access Lists 3. Enter a number between 100 and 199 (or Alphanumeric) (extended ACL) in the Access List Name field to identify your new access control list. 4. Enter a number in the Access Rule Index file to identify the access rule. 5. Select Deny/Filter from the Access Type field pull-down menu. 6. Enter the source address (10.1.2.0) and the source address wildcard (0.0.0.255), respectively, in the Source Address field. 7. Enter the destination address (10.1.1.
Chapter 13 ■ Forwarding information: — The priority of the packet if the ACL assigns it a priority and forwards it. — Forward with no change in priority if the ACL forwards the packet without changing its priority. — FILTER if the ACL blocks the packet. To avoid excessive consumption of the switch resources, ACL matches are logged for slow path traffic at specific time intervals. You can set the interval at which the matches are logged. The default setting is two seconds.
Configuring Access Lists CLI Command To enable ACL logging, use the following CLI command: (configure)# ip acl-logging enable To disable ACL logging, use the following CLI command: (configure)# ip acl-logging disable Sample Event Log Entries Figure 13-5 displays sample ACL matches in the event log. Figure 13-5. Sample ACL matches in the event log Setting a Logging Interval Web Agent Procedure To set the interval for ACL logging: 1.
Chapter 13 CLI Command To set the interval for ACL logging, use the following CLI command: (configure)# ip acl-logging logging-interval Optimizing Switch Performance Overview * Note: This section provides a detailed discussion of the architecture and functionality of the Avaya Multiservice switch with respect to ACLs. This material goes well beyond standard configuration issues by addressing system performance, memory management, and optimization.
Configuring Access Lists Document No. 10-300077, Issue 2 ■ DA: Destination IP Address. ■ F-chip: Forwarding-chip (F-chip) is an application specific integrated circuit (ASIC) that forwards recognized packets via Fast Path or unrecognized packets via Slow Path. It learns or flushes L3 forwarding entries (L3FE) as directed by the CPU. In earlier versions of the hardware, the F-Chip was referred to as the Packet Routing Engine (PRE).
Chapter 13 the CPU for processing and forwarding. Once the CPU has determined the destination, it updates the L3 forwarding cache on the F-chips with the L3FE. Once updated, the F-chip can forward future packets via Fast Path. Techniques ■ SA: Source IP Address. ■ Slow Path: When an ingress F-chip does not recognize a packet compared to its cache of known Flows, the packet is forwarded to the CPU to determine proper destination and ACL Rule assignment.
Configuring Access Lists Once you have determined that the ACL is the root cause, and have optimized the rules, you need to tune system parameters. Evaluating System Performance The first step is to determine whether the use of an ACL affects system performance. This requires an analysis of traffic patterns, the use of device statistics, and a “process of elimination”.
Chapter 13 How Many Cache Entries? Each F-chip/PRE (see “Identifying the Ports” later in this chapter for PRE column explanation) reserves space for IP unicast, IP multicast, and IPX. By default, the number of entries are limited to 15,000 for each (45,000 total). If the CPU attempts to add an entry in excess of 15,000, the L3FE will not be stored and that Flow will only be forwarded via the Slow Path.
Configuring Access Lists Figure 13-7. Active FE Cache Web page Enabling Routing at the Module The P580 and P882 have the option of centralized (unlicensed) or distributed (licensed) routing function. When a module is licensed, the onboard F-Chips (FIRE) provide the fast-path processing. When a module is unlicensed, the fast path is handled by the single F-Chip (FORE) on the Supervisor Module.
Chapter 13 Designing Safe, Efficient ACLs The entry of ACL rules via the CLI, Web or Avaya Policy Manager does not encourage or enforce any checking beyond correct syntax. The general guideline is that you are configuring a Layer-3 switch, not a firewall. The following are some guidelines for designing safe, efficient ACLs and how they affect performance: ■ Specify both source and destination address whenever possible.
Configuring Access Lists Identifying the Ports The chassis is organized by slots, fabric ports, PREs or F-chips, and physical ports. The number of F-Chips and physical ports varies according to the module type.
Chapter 13 Table 13-3.
Configuring Access Lists SA-DA mode can cause a noticeable increase in the total flows identified and result in an increased usage of F-chip memory. See “Managing F-chip Memory” in this case. *Important: Changing the Hash Mode setting affects every L3enabled F-chip on the P580 or P882. Web Agent Procedure To use the Web Agent to manually change the IP unicast hash mode from DA-only to SA-DA: 1. In the navigation pane, expand the Routing > L3 Forwarding Cache > Cache Configuration.
Chapter 13 differentiate packets by protocol and port. These entries all hash to the same value because they have the same source and destination address, and you may observe a degradation of the switch performance. Example To block SNMP access to the supervisor from the network, on IP interface 10.10.0.240/255.255.255.0, use the following ACL entry: ip access-list SNMP 10 deny udp any host 10.10.0.
Configuring Access Lists To view the current total number of entries for the CPU, expand the Routing > L3 Forwarding Cache folders, and then click Cache Configuration. The Total Current Entries field displays the current total entries for the CPU. To view the current total number of entries for each F-chip, expand the Routing > L3 Forwarding Cache folders, and then click Cache Contents. The Active FE Web page is displayed in the content pane. See Figure 13-7.
Chapter 13 13-30 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
14 Configuring RIP Routing Overview * Note: To globally enable the Routing Information Protocol (RIP), see Chapter 12, “Configuring IP Routing.
Chapter 14 Figure 14-1. RIP Global Configuration Web Page 2. See Table 14-1 to configure the RIP Global Configuration Web page parameters 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 14-1. RIP Global Configuration Web Page Parameters Parameter Allows you to... Global RIP Enable or disable the RIP protocol. The default is Enable. Note: You must disable the IP Interface before Disabling or Enabling RIP.
Configuring RIP Routing Table 14-1. RIP Global Configuration Web Page Parameters Parameter Allows you to... Triggered Updates Disable or Enable route updates that were triggered by a topology change in the network to be added to the routing table. The default is Enable. Update Pkt Delay Enter the value (in seconds) that represents the time delay between successive RIP update packets to the neighbor, when the update requires multiple packets. The default value is 1 second.
Chapter 14 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 14-2. RIP Interface Web Page Parameters Parameter Allows you to... Select Select the RIP interface to be modified. Interface Displays an interface from a list of interfaces that you previously configured. Network Address Displays an IP address to be associated with the displayed interface. Mode Specify the RIP State.
Configuring RIP Routing Table 14-2. RIP Interface Web Page Parameters Parameter Allows you to... Default Metric Specify the RIP route metric value. Costing metric used when advertising the RIP route on this interface. 1 is the default setting. The parameter range is 0-15. Default Route Specify the mode for the default route learning on this interface. Different states include: • Disable - Disables the default route. • Talk Only - Send RIP information to the network.
Chapter 14 Creating Trusted RIP Neighbors Trusted RIP neighbors enable you to enhance the switch’s security by enabling one or more neighbors to relay RIP information. * Note: Adding one or more trusted RIP neighbors ensures that your router accepts only information from these neighbors. Consequently, all other information is filtered. Do not create trusted RIP neighbor(s) if you do not wish to filter RIP information from the network. You can create a trusted neighbor using either the Web Agent or the CLI.
Configuring RIP Routing Figure 14-4. Add Trusted RIP Neighbors Web Page 6. Enter the IP address for the node that acts as the trusted RIP neighbor in Network Address field. 7. Click APPLY to save your changes, or CANCEL to restore previous settings.
Chapter 14 Key Chains on the Avaya Multiservice Switch The Avaya Multiservice switch supports the creation of a single Key Chain with a single Key. Hence, Key and Key Chain are interchangeable terms. The Key has a setting for a start time and duration. Regardless of duration, the Key’s start time must be set, even if the duration is set to infinity. If the duration is less than 4294967295 seconds, the Key will expire. Ironically, this number is approximately 136 years.
Configuring RIP Routing Figure 14-5. Key Chain Web Page 2. Configure the key chain as appropriate. See Table 14-3 for an explanation of each field. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 14-3. Key Chain Parameters Parameter Defines the... Key Chain 1-16 character ASCII name of the Key Chain Key ID Three digit number of the Key. Valid range 1 to 255. Key Name 16 character alpha-numeric key. This is the actual key used by MD5 encryption.
Chapter 14 Table 14-3. Key Chain Parameters Parameter Defines the... Key Accept Time:seconds The second(0 - 59) this key becomes valid Key Accept Year The year (2000 - 2009) this key becomes valid Key Accept Month The month (1 - 12) this key becomes valid Key Accept Day The day (1 - 31) this key becomes valid. If you enter a day that does not exist in a month such as the 31st of February, the Key will not be created. Key Accept Duration The duration in seconds that this key is valid.
Configuring RIP Routing Viewing RIP Statistics You can view RIP statistics using either the Web Agent or the CLI. Web Agent Procedure To view RIP statistics using the Web Agent: 1. In the navigation pane, expand the Routing > IP > RIP folders, and then click Interface Statistics. The RIP Interface Statistics Web page is displayed in the content pane. See Figure 14-6. Figure 14-6. RIP Interface Statistics Web Page 2. To modify your RIP statistics: — Click CLEAR to reset all the entries.
Chapter 14 Table 14-4. RIP Statistical Parameters Parameter Defines the... Updates Received Number of RIP updates received based on route changes in the IP routing table. Bad Packets Received Number of bad packets received on this interface. Bad Routes Received Number of bad routes received on this interface.
15 Configuring the OSPF Routing Protocol Overview The following information and procedures provided in this chapter pertain to layer 3 module configuration only: ■ What is OSPF? ■ Configuring OSPF ■ Monitoring Switch Performance Using OSPF Statistics ■ NBMA IP Interfaces For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.
Chapter 15 summarize the networks in their areas and advertise them onto the backbone area. The backbone, in turn, distributes the information to the other areas. ■ Backbone Router — a router that has at lease one directly connected network in the backbone area. This includes all ABRs. However, not all backbone routers must be ABRs. A backbone router that has all its interfaces in the backbone would be an internal backbone router.
Configuring the OSPF Routing Protocol Configuring the OSPF Global Configuration The OSPF global configuration allows you to globally configure OSPF on your switch. It also allows you to specify your router ID and whether or not you want the switch to be the Autonomous System (AS) border router. You can globally configure OSPF using either the Web Agent or the CLI. Web Agent Procedure To globally configure OSPF using the Web Agent: 1.
Chapter 15 2. See Table 15-1 to configure the OSPF Global Configuration Web page parameters. 3. Click APPLY to save changes, or CANCEL to restore previous settings. Table 15-1. OSPF Global Configuration Web Page Parameters Parameter Explanation OSPF Select to enable or disable OSPF globally on your switch. Router ID Specify the Router ID on the switch. The router ID is a 32bit number assigned to each router running OSPF. This number uniquely identifies the router within an Autonomous System. If 0.0.
Configuring the OSPF Routing Protocol Table 15-1. OSPF Global Configuration Web Page Parameters Parameter Explanation Static Ext Type Specify whether imported high preference static routes are advertised in OSPF with type 1 (internal) or type 2 (external) metrics. Static Low Ext Type Specify whether imported low preference static routes are advertised in OSPF with type 1 (internal) or type 2 (external) metrics.
Chapter 15 Figure 15-3. ADD OSPF Area Web Page 3. See Table 15-2 to configure the Add OSPF Area Web page parameters. 4. Click CREATE to save your changes, or CANCEL to restore previous settings. Table 15-2. Add OSPF Area Web Page Parameters Parameter Allows you to... Area ID Specify the Area ID (32-bit character) for the new area. This must be a unique ID within AS. Note: Do not use 0.0.0.0 as an area ID. Area Type Select the type of area. Types include: • Non-Stub - Non-edge device/router.
Configuring the OSPF Routing Protocol CLI Command To create OSPF areas, use the following CLI command: (configure router:ospf)# area
Chapter 15 Modifying OSPF Areas You can modify the parameters of an OSPF area using either the Web Agent or the CLI. Web Agent Procedure To modify an OSPF area using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Areas. The OSPF Areas Web page is displayed in the content pane. See Figure 15-2. 2. Select an OSPF Area to be modified from the Select field. 3. See Table 15-2 and modify the OSPF Area Web page parameters. 4.
Configuring the OSPF Routing Protocol Modifying OSPF Interfaces You can modify the parameters on an OSPF interface using either the Web Agent or the CLI. Web Agent Procedure To modify an OSPF interface using the Web Agent: 1. In the navigation pane, expand Routing > IP > Configuration folders. 2. Click Interfaces. The IP Interfaces Web page is displayed in the content pane. 3. Select the Select check box for the interface that you want to modify. 4. In the Admin.
Chapter 15 11. Reenable the interface: a. In the navigation pane, expand Routing > IP > Configuration folders. b. Click Interfaces. The IP Interfaces Web page is displayed in the content pane. c. Select the Select check box for the interface that you want to reenable. d. In the Admin. State column for the interface that you want modified, select UP. e. Click Apply. Table 15-3. OSPF Interface Web Page Parameters Parameter Definition Select Select the OSPF interface to be modified.
Configuring the OSPF Routing Protocol Table 15-3. OSPF Interface Web Page Parameters Parameter Definition Dead Interval Enter the time (seconds) that a router’s Hello packets have not been seen before it’s neighbors declare the router down. This should be some multiple of the Hello interval. This value must be the same for all routers attached to a common network. The value range is 1-65535. The default is 40.
Chapter 15 Configuring an OSPF Passive-Interface You can prevent OSPF from sending routing updates across the network by using the OSPF passive-interface command. Enabling this command prevents OSPF from sending hello packets across the network. Any OSPF hello packets received from other OSPF routers on the network are also ignored. OSPF advertises the passive-interface as a stub network in the router updates it sends to other OSPF interfaces.
Configuring the OSPF Routing Protocol Figure 15-5. OSPF Virtual Links Web Page 2. Select CREATE. The Add OSPF Virtual Link Web page is displayed. See Figure 15-6. Figure 15-6. Add OSPF Virtual Link Web Page 3. Enter the new OSPF Link information. See Table 15-4 for an explanation of the Add OSPF Virtual Link Web page parameters. 4. Click CREATE to create the virtual link, or CANCEL if you do not want to create the OSPF virtual link. Document No.
Chapter 15 Table 15-4. Add OSPF Virtual Link Web Page Parameters Parameter Defines the... Router ID Router ID for the far end of the virtual link. Area Area ID through which the virtual link travels. Transmit Delay Estimated number of seconds it takes to transmit a link state update packet over this virtual link. The value range is 1-3600. The default is 1. Retransmit Interval Number of seconds between link-state advertisement retransmissions for adjacencies belonging to this virtual link.
Configuring the OSPF Routing Protocol Deleting OSPF Virtual Links You can delete OSPF Virtual links using either the Web Agent or the CLI. Web Agent Procedure To delete an OSPF virtual link using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Virtual Links. The OSPF Virtual Links Web page is displayed in the content pane. See Figure 15-5. 2. Select the virtual link that you want to remove. 3. Click DELETE. The virtual link is removed.
Chapter 15 Creating OSPF Summaries The primary purpose of the OSPF summary is route aggregation. Route aggregation is a group range of IP addresses that are linked to a single address. You can create a new OSPF summary from either the Web Agent or the CLI. Web Agent Procedure To create a new OSPF summary using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Summaries. The OSPF Summaries Web page is displayed in the content pane. See Figure 15-7.
Configuring the OSPF Routing Protocol 3. See Table 15-5 for details about the Add OSPF Summary Web page parameters: Table 15-5. Add OSPF Summary Web Page Parameters Parameter Definition Area Select the area ID of the area from which the routes are aggregated (summary IP address). Network Address Enter the IP address of the network to be advertised. Mask Enter the subnet mask of the network to be advertised.
Chapter 15 Modifying OSPF Summaries You can modify an OSPF summary using wither the Web Agent or the CLI. Web Agent Procedure To modify an OSPF summary using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Summaries. The OSPF Summaries Web page is displayed in the content pane. See Figure 15-7. 2. Select the OSPF summary to be modified. 3. See Table 15-5 to configure the OSPF Summaries Web page parameters. 4.
Configuring the OSPF Routing Protocol Displaying OSPF Statistics You can display OSPF statistics using either the Web Agent or the CLI. Web Agent Procedure To display the OSPF global statistics using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Statistics. The OSPF Statistics Web page is displayed in the content pane. See Figure 15-9. Figure 15-9. OSPF Statistics Web Page 2. See Table 15-6 for an explanation of the OSPF Statistics Web page parameters.
Chapter 15 Table 15-6. OSPF Statistical Parameters Parameter Displays the... OSPF Version Current version of OSPF. The P580/P882 with Integrated Routing supports OSPFv2. External LSA Count Number of external (LS type 5) link state advertisements (LSAs) in the link-state database. Originate LSA Count Number of LSAs originated by this router. Receive New LSA Count Number of new LSAs received by this router.
Configuring the OSPF Routing Protocol Displaying OSPF Links The OSPF link display provides information on the currently active OSPF links. You can display the OSPF using either the Web Agent or the CLI. Web Agent Procedure To display OSPF links using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Links. The OSPF Links Web page is displayed in the content pane. See Figure 15-10. Figure 15-10. OSPF Links Web Page 2.
Chapter 15 Displaying OSPF Neighbors The OSPF neighbors table summarizes the list of OSPF interfaces and their associated neighbors. You can display OSPF neighbors using either the Web Agent or the CLI. Web Agent Procedure To display the OSPF neighbors using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Neighbors. The OSPF Neighbors Web page is displayed in the content pane. See Figure 15-11. Figure 15-11. OSPF Neighbors Web Page 2.
Configuring the OSPF Routing Protocol Table 15-8. OSPF Neighbors Web Page Parameters Parameter Definition IP Address The IP address associated with the OSPF neighbor. State The functional level of an interface. States include: • Down - This is the initial state of a neighbor conversation. It indicates that no recent information has been received from the neighbor.
Chapter 15 Searching the OSPF Link State Database You can search the OSPF kink state database using either the Web Agent or the CLI. Web Agent Procedure To search the OSPF link state database using the Web Agent: 1. In the navigation pane, expand the Routing > IP > OSPF folders, and then click Link State Database Search. The Link State Database Search Web page is displayed in the content pane. See Figure 15-12.
Configuring the OSPF Routing Protocol Table 15-9. OSPF Link State Database Search Web Page Parameters Parameter Allows you to... Area ID Searches the database for the 32-bit identifier of the area from which a LSA was received. Type Searches the database for all entries that match one of the following types: • Router Links - These packets describe the states of the router’s links to the area and are only flooded within a particular area.
Chapter 15 Table 15-10. OSPF Link State Database Parameters Parameter Displays... Detail Link A link to the LSA Detail Web page. Area ID The 32-bit identifier of the area from which the LSA was received. Type The LSA format and function. Types include: • Router Links - These packets describe the states of the router’s links to the area and are only flooded within a particular area.
Configuring the OSPF Routing Protocol Figure 15-14. LSA Detail Web Page 8. See Table 15-11 for an explanation of the LSA Detail Web page parameters. Table 15-11. LSA Detail Web Page Parameters Parameter Definition Area Displays the 32-bit identifier of the area from which the LSA was received. Type Displays the link state type. Types include: • Router Links • Network Links • Summary Network • Summary AS Border • AS External • Multicast Group • NSSA External LS ID Displays the link-state ID.
Chapter 15 Table 15-11. LSA Detail Web Page Parameters Parameter Definition Network Mask Displays the network mask for the LSA. Attached Router ID 1 &2 Displays the router ID for the attached router(s). 2 of 2 9. To update the LSA entry, select Refresh Entry.
Configuring the OSPF Routing Protocol CAUTION: The NBMA feature is not backward compatible. If you have NBMA interfaces set up and need to downgrade from v6.1 to a 5.2 version of software, contact technical support. This section contains procedures for the following tasks: ■ Setting Up an NBMA IP Interface ■ Setting Up NBMA Neighbors ■ Removing NBMA Neighbors Setting Up an NBMA IP Interface You can set up an NBMA IP interface by using either the Web Agent or the Command Line Interface (CLI).
Chapter 15 7. Click APPLY to save your changes, or CANCEL to restore previous settings. *Note: You must bring the IP interface Down to successfully enable OSPF on the IP interface. If you do not, you will get an error message and OSPF will not be enabled. CLI Commands To use the CLI to set up an NBMA IP interface: 1. Enter Configuration mode. The CLI displays the following prompt: (configure)# 2.
Configuring the OSPF Routing Protocol CLI Commands To set up NBMA neighbors on OSPF, you must first create an OSPF interface. After you create an OSPF interface, use the following command to set up NBMA neighbors: (configure router:ospf)# nbma-neighbor Removing NBMA Neighbors You can remove NBMA neighbors using either the Web Agent or the CLI.
Chapter 15 15-32 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
16 Configuring IPX Routing Overview This chapter provides the following information and procedures for configuring layer 2 modules or licensed layer 3 modules. See Chapter 1 “Introduction” for more details about routing IP and Internetwork Packet Exchange (IPX) Protocol through the Avaya Multiservice Switch.
Chapter 16 IPX Datagram Structure The IPX datagram contains an IPX header and any data to be transferred on the network. The IPX header is a 30 byte header that contains 10 fields. Figure 16-1 illustrates a conceptual view of an IPX datagram: Figure 16-1.
Configuring IPX Routing Table 16-1. IPX Datagram Structure Fields Field Definition Packet Type Indicates the type of service required or offered by the packet. Types include: • Sequenced Packet Exchange (SPX packet) • NetWare Core Protocol (NCP packet) • NetBIOS (propagated packet) Destination Network The IPX network address of the destination network. Destination Node The MAC address of the destination node. Destination Socket Address of the process running in the destination node.
Chapter 16 Hardware Requirements To configure your switch as an IPX router, your Avaya P580 or P882 Multiservice switch must be configured with the following hardware: ■ Layer 3 50-series media modules. ■ 80-Series Supervisor Modules ■ 80-Series Licensed Layer 3 media modules Configuring IPX Routing Globally You can configure IPX routing globally using the Web Agent or the CLI. Web Agent Procedure To Enable or Disable IPX routing globally using the Web Agent: 1.
Configuring IPX Routing Table 16-2. IPX Routing Global Configuration Web Page Parameters CLI Commands Parameter Allows you to... IPX Routing Select Disable to prevent IPX from routing globally. The default value is Enable. Use Default Route Select Enable if you know the default route. The default value is Disable. RIP Select Disable to prevent IPX RIP from routing globally. This affects all IPX interfaces set up to use the IPX RIP routing protocol. The default value is Enable.
Chapter 16 Figure 16-3. IPX Interfaces Web Page 2. To create a new IPX interface Click on CREATE. * Note: Only the create button is shown if no IPX Interfaces are configured. The Add IPX interface Web page is displayed. See Figure 16-4 Figure 16-4. ADD IPX Interface Web Page 3. See Table 16-3 to configure an IPX Interface. 4. Select CREATE. The IPX Interfaces Web page is displayed. See Figure 16-5. 16-6 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring IPX Routing Figure 16-5. IPX Interfaces Web Page *Note: Due to its length, the IPX Interfaces Web page is split into two views. 5. To view or modify IPX Interfaces, expand the Routing > IPX > Configuration folders in the navigation pane, and then click Interfaces. The IPX Interfaces Web page is displayed in the content pane. See Figure 16-5. 6. Click APPLY to save your changes or CANCEL to restore previous settings. Document No.
Chapter 16 Table 16-3. IPX Interface Web Page Parameters Parameter Allows you to... Select Select the Interface to be configured. This field id displayed in the IPX Interfaces Web page not in the Add Interfaces Web page. Admin. State Select the administration state of the interface. Options include: Up Down Interface Enter the name of the IPX interface.Up to 31 Alphanumeric characters VLAN Select the VLAN that corresponds to the IPX interface you selected.
Configuring IPX Routing Table 16-3. IPX Interface Web Page Parameters Parameter Allows you to... SAP Select Disable to prevent IPX SAP from routing globally. This affects all IPX interfaces set up to use the IPX SAP routing protocol. The default value is Enable. Type 20 Packet Propagation Specify whether or not Type 20 packets can be sent, received, disabled, or sent and received on a given interface. Options include: Disable - Type 20 packets are neither sent nor received.
Chapter 16 2. To create a new IPX Static Route, click CREATE. * Note: Only the create button is shown if no IPX Static Routes are configured. The Add IPX Static Route Web page is displayed. See Figure 16-7. Figure 16-7. Add IPX Static Route Web Page 3. See Table 16-4 to configure the IPX Static Route parameters. Table 16-4. IPX Static Route Parameters 16-10 Parameter Allows you to... Network Enter the IPX network number that you want to assign to the IPX static route.
Configuring IPX Routing 4. Click APPLY to save your changes, or CANCEL to restore previous settings. 5. To view or modify IPX Static Routes, expand the Routing > IPX > Configuration folders in the navigation pane, and then click Static Routes. The IPX Static Routes Web page is displayed in the content pane. See Figure 16-8. *Note: It is also possible to create a static route by, making a RIP source route from the IPX Static Route Table. Figure 16-8.
Chapter 16 CLI Command To delete an IPX static route using the CLI, enter the following command from Configure mode: (configure)# clear ipx route { default | *} Modifying IPX Static Routes You can modify IPX static routes form either the Web Agent or the CLI. Web Agent Procedure To modify an IPX static route using the Web Agent: 1. In the navigation pane, expand the Routing > IPX > Configuration folders, and then click Static Routes.
Configuring IPX Routing Figure 16-9. IPX static Services Web Page 2. Select CREATE to create a new static service. The Add IPX Static Service Web page is displayed. See Figure 16-10. * Note: Only the Create button is shown if no IPX Static Services are configured. Figure 16-10. Add IPX Static Service Web Page 3. See Table 16-5 to configure the Add IPX Static Service Web page parameters. Document No.
Chapter 16 Table 16-5. IPX Static Service Web Page Parameters Parameter Allows you to... Service Name Enter the IPX Static Service name. For example, FS_ENG01. Use SLIST (NetWare 3.x) or NLIST (NetWare 4.x) to list your current server names and types from your NetWare server. You may want to explicitly add a service so that clients always use the services of a particular server. Type Enter the service type (in hex) that identifies the type of IPX static service the server provides.
Configuring IPX Routing Figure 16-11. IPX Static Services Web Page CLI Command To create IPX static services using the CLI, enter the following command in Configure mode: (configure)# ipx service Deleting IPX Static Service You can delete an IPX static service using either the Web Agent or the CLI. Web Agent Procedure To delete an IPX static service using the Web Agent: 1.
Chapter 16 2. Select the checkbox for the IPX Static Service that you want to modify from the Select column. 3. See Table 16-5 to modify the IPX Static Services Web page parameters. CLI Command To modify an IPX static service using the CLI, enter the following command in Configure mode: (configure)# ipx service
Configuring IPX Routing Figure 16-12. IPX Global Statistics Dialogue Box 2. To view the latest statistics available, click REFRESH to update all statistics. 3. To reset all of the statistics that are currently displayed, click CLEAR. The statistics all reset to zero. 4. See Table 16-6 for a explanation of the IPX Global Statistics Web page parameters: Table 16-6. IPX Global Statistics Dialogue Box Parameters Parameter Allows you to...
Chapter 16 Table 16-6. IPX Global Statistics Dialogue Box Parameters Parameter Allows you to... IPX In Unknown Sockets View the number of IPX packets discarded because the destination socket was not open. IPX In Max Hops Exceeded View the number of IPX packets discarded because the Transport Control field is greater than or equal to 16. IPX In Checksum Errors View the number of IPX packets received with bad checksums.
Configuring IPX Routing Figure 16-13. IPX Route Table Search Web Page 2. Select the SEARCH Criteria you want to use to find information on specific routes. For example, if you want to find all static routes that are presently configured on your switch, search by source and specify static as your search value. 3. See Table 16-7 to determine the search parameters: Table 16-7. IPX Route Table Search Parameters Parameter Allows you to...
Chapter 16 Displaying the IPX Route Table To display the IPX route table: 1. Perform an IPX Route Table search as described in “Searching the IPX Route Table.” If available routes are found they are displayed in the IPX Route Table Web page. 2. See Table 16-8 to review your configuration: Table 16-8. IPX Route Table Parameters Parameter Defines the... Select Parameter selected. Network Network number (in hex) of the IPX network. Interface Interface associated with the IPX network.
Configuring IPX Routing Figure 16-14. IPX Route Table Statistics Web Page 2. See Table 16-9 and review each statistic: Table 16-9. IPX Route Table Statistics Statistic Definition Current Number of Routes Indicates the current number of IPX routes. Peak Number of Routes Lists the peak number of routes. Route Add Failures Indicates the number of failed attempts to add a route to the routing table. Searching the IPX Service Table To search the IPX service table: 1.
Chapter 16 Figure 16-15. IPX Service Table Search Web Page 2. Select the search criteria you want to use to find information on specific services in the Search By column. For example, if you want to find all static services that are presently configured on your switch, select Source from the Search By column and specify Static as your search value. 3. See Table 16-10 to determine the search parameters: Table 16-10. IPX Service Table Search Parameters Parameter Allows you to...
Configuring IPX Routing Table 16-10. IPX Service Table Search Parameters Parameter Allows you to... Service Name Search the IPX Service Table using a service name you specify. Note that you can specify a single asterisk (*) to indicate a wildcard character that will match all characters entered before the wildcard. For example, entering FS_ENG* will find all service names that start with FS_ENG. Service Type Search the IPX Service Table using the service type you specify.
Chapter 16 Table 16-11. IPX Service Table Parameters Parameter Defines the... Type Service type that identifies the type of service the server provides. Well known service types include: • Unknown (0) • Print Queue (3) • File Server (4) • Job Server (5) • Print Server (7) • Archive Server (9) • Remote Bridge Server (24) • Advertising Print Server (47) Network Network number of the IPX service. Node Node address of the service.
Configuring IPX Routing Figure 16-16. IPX Service Table Statistics 2. See Table 16-12 to review each statistic: Table 16-12. IPX Service Table Statistics Web Page Statistic Defines the... Current Number of Services The current number of IPX services. Peak Number of Services The peak number of services. Service Add Failures The number of failed attempts to add a service to the routing table. Document No.
Chapter 16 16-26 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
17 Configuring the IPX RIP Protocol Overview The information and procedures provided in this chapter pertain to layer 3 module configuration only.
Chapter 17 Figure 17-1. IPX RIP Interfaces Web Page 2. See Table 17-1 to modify the IPX RIP Interfaces Web page parameters. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 17-1. IPX RIP Interfaces Web Page Parameters Parameter Allows you to... Select Select a RIP interface to modify. Note: This field is displayed in the IPX RIP Interface Web page. Interface Identify the IPX interface associated with the RIP interface.
Configuring the IPX RIP Protocol Table 17-1. IPX RIP Interfaces Web Page Parameters Parameter Allows you to... Triggered Updates Select Disable to disallow RIP updates to be immediately transmitted to the network in response to changes in the network topology. The default is Enable. Advertise Default Route Only Select Enable to allow the advertising of the default network exclusively (subject to a route to the default network being known to the switch). The default is Disable.
Chapter 17 Figure 17-2. IPX RIP Filters Web Page 2. Select CREATE to create a new filter. The Add IPX RIP Filter Web page is displayed. See Figure 17-3. Figure 17-3. Add IPX RIP Filter Web Page 3. See Table 17-2 to modify the Add IPX RIP Filter Web page parameters. 4. Click APPLY to save your changes, or CANCEL to restore previous settings. 17-4 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Configuring the IPX RIP Protocol Table 17-2. Add IPX RIP Filters Web Page Parameters Parameter Allows you to... Select The Select chechbox selects the IPX Interface. This box only appears with the IPX RIP Filters Web page. Interface Select the interface to which this filter will be applied to RIP packets sent and/or received on the interface. Precedence Specify the filter precedence (in order of importance) with 0 equal to most important.
Chapter 17 Table 17-2. Add IPX RIP Filters Web Page Parameters Parameter Allows you to... Ticks Specify the time (in ticks) that the packet takes to reach the network number you specified. A tick is approximately 1/18th of a second. This entry is used to override the value in the RIP packet. If you enter 0, there will be no override in the transmission of data on the network.
Configuring the IPX RIP Protocol 4. Click Apply to save your changes, or CANCEL to restore previous settings. The filter created in this example ensures that all advertising of network 10 from the interface labeled Backbone is suppressed. Example #2: Suppress Advertising of all Networks Except 10 To configure your switch to suppress the advertising of all networks except network 10 on the IPX interface named Backbone, you must first create two filters. To create filter 1 from the Web Agent: 1.
Chapter 17 c. Enter 0 in the Start Network field. d. Enter ffffffff in the End Network field. e. Select Outbound from the Direction pull-down menu. f. Select Enable from the Filter/Suppress pull-down menu. g. Enter 0 in the Ticks and Hops fields. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Filter 2 ensures that the advertising of all networks on the interface Backbone will be suppressed.
Configuring the IPX RIP Protocol Table 17-3. IPX RIP Interface Statistical Parameters CLI Command Parameter Definition Interface The IPX interface associated with this RIP interface. State The current state of the RIP interface. Network Number The network number of the IPX network associated with the interface. Triggered Updates Sent The number of triggered updates sent from the RIP interface. Non-triggered Updates Sent The number of non-triggered updates sent from the RIP interface.
Chapter 17 17-10 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
18 Configuring the IPX SAP Protocol Overview The information and procedures provided in this chapter pertain to layer 3 module configuration only.
Chapter 18 Figure 18-1. IPX SAP Interfaces Web Page 2. See Table 18-1 to configure the IPX SAP Interface Web page parameters. 3. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 18-1. IPX SAP Interface Web Page Parameters Parameter Allows you to... Select Select a SAP interface to modify. Interface Identifies the IPX interface associated with the SAP interface. Network Number Identifies the number of the IPX network associated with the interface.
Configuring the IPX SAP Protocol Table 18-1. IPX SAP Interface Web Page Parameters Parameter Allows you to... Aging Interval Multiplier Enter the length of time that information from received SAP updates are kept as a multiplier of the Periodic Update Interval.Default is 3.
Chapter 18 Creating IPX SAP Name Filters You can create IPX SAP name filter suing either the Web Agent or the CLI. Web Agent Procedure To create IPX SAP name filters using the Web Agent: 1. In the navigation pane, expand the Routing > IPX > SAP folders, and then click Name Filters. The IPX SAP Name Filters Web page is displayed in the content pane. See Figure 18-2. Only the CREATE button is displayed when no SAP filters are configured. Figure 18-2. IPX SAP Name Filters Web Page 2.
Configuring the IPX SAP Protocol 3. Configure an IPX SAP name filter. See Table 18-2 for an explanation of the Add IPX SAP Name Filter Web page parameters 4. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 18-2. IPX SAP Name Filter Web Page Parameters Parameter Allows you to... Interface Select the interface to which this filter will be applied to SAP packets sent and/or received on the interface from the pull-down menu.
Chapter 18 Table 18-2. IPX SAP Name Filter Web Page Parameters Parameter Allows you to... Filter/Suppress Select to enable or disable whether the services matching Name and Type are filtered (inbound) or suppressed (outbound). • Filtered - Applies the filter only to SAP packets received (inbound direction) on the interface. • Suppressed - Applies the filter only to SAP packets sent (outbound direction) on the interface. Select Enable to filter/suppress traffic.
Configuring the IPX SAP Protocol f. Select Enable from the Filter/Suppress pull-down menu. g. Enter 0 in the Hops field. This ensures that there is no override in the transmission of data on the network. 4. Click APPLY to save your changes, or CANCEL to restore previous settings. * Note: This filter ensures that all advertising of any known print server on Interface Remote will be suppressed.
Chapter 18 Figure 18-5. Add IPX SAP Net Filter Web Page 3. See Table 18-3 to configure the Add IPX SAP Net Filters Web page parameters. 4. Click APPLY to save your changes, or CANCEL to restore previous settings. Table 18-3. Add IPX SAP Network Filter Web Page Parameters Parameter Allows you to... Select Select the IPX interface. Note: This field is displayed in the IPX SAP Net Filter Web page, not in the Add IPX SAP Net Filter Web page.
Configuring the IPX SAP Protocol Table 18-3. Add IPX SAP Network Filter Web Page Parameters Parameter Allows you to... Type Specify the service type (in hex) that identifies the type of service the server provides. Well-known service types include: • Unknown (0) • Print Queue (3) • File Server (4) • Job Server (5) • Print Server (7) • Archive Server (9) • Remote Bridge Server (24) • Advertising Print Server (47) • NetWare Directory Services (278) A value of ffff matches all service type values.
Chapter 18 Filtering all Services Except Netware Directory Services (NDS) To configure your switch to filter all services except NDS a specific Interface, you must create two filters. Together, Filter 1 and Filter 2 filter services learned on the indicated interface except for NDS advertisements. To create these filters using the Web Agent: Filter 1 This filter ensures that all NDS packets received are not filtered on Interface Remote. 1.
Configuring the IPX SAP Protocol Filter 2 Filter 2 ensures that all networks and service types are filtered for the indicated interface. 1. In the navigation pane, expand the Routing > IPX > SAP folders, and then click Net Filters. The IPX SAP Net Filters Web page is displayed in the content pane. See Figure 18-4. 2. Click CREATE to create a new filter. The Add IPX SAP Net Filter Web page is displayed. See Figure 18-5. 3. Configure the following parameters: a.
Chapter 18 Interpreting IPX SAP Interface Statistics You can interpret IPX SAP interface statistics using either the Web Agent or the CLI. Web Agent Procedure To interpret IPX SAP interface statistic using the Web Agent: 1. In the navigation pane, expand the Routing > IPX > SAP folders, and then click Interface Statistics. The IPX SAP Interface Statistics Web page is displayed in the content pane. See Figure 18-6. Figure 18-6. IPX SAP Interface Statistics Web Page 2.
Configuring the IPX SAP Protocol Table 18-4. IPX SAP Interface Statistical Parameters Parameter Definition Non-triggered Updates Sent The number of non-triggered updates sent from the SAP interface. GNS Responses Sent The number of GNS responses sent from the SAP interface. Updates Received The number of updates received. Updates may be received periodically even if no changes have occurred. Requests Received The number of requests received on the SAP interface.
Chapter 18 18-14 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
19 Configuring AppleTalk Routing Overview The following information and procedures provided in this chapter pertain to layer 3 module configuration only: ■ Implementation ■ Configuring AppleTalk Routing ■ Viewing AppleTalk Statistics For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.
Chapter 19 The Avaya P580 and P882 Multiservice switches support the following AppleTalk protocols: ■ AppleTalk Address Resolution Protocol (AARP) This is an AppleTalk support protocol that maps the hardware address of an AppleTalk node to an Appletalk protocol address. ■ Routing Table Maintenance Protocol (RTMP) This protocol maintains information about AppleTalk addresses and connections between different networks.
Configuring AppleTalk Routing Need for AppleTalk Routing If you configure your Avaya P580 or P882 Multiservice switch into a network running AppleTalk routing, you should be aware of the following: ■ Appletalk is built into all Apple devices, thus making them automatically network capable. This makes Apple an extremely easy network system to install and maintain. ■ Due to the naming mechanism that AppleTalk uses, users do not have to understand how AppleTalk works.
Chapter 19 Enabling AppleTalk Global Routing To enable AppleTalk routing globally: 1. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click Global Configuration. The AppleTalk Routing Global Configuration Web page is displayed in the content pane. See Figure 19-1. * Note: AppleTalk Routing is disabled by default. Figure 19-1. AppleTalk Routing Global Configuration Web Page 2. Select Enable from the AppleTalk Routing pull-down menu. 3.
Configuring AppleTalk Routing 3. Select CREATE. The Add AppleTalk Interfaces Web page is displayed. See Figure 19-3. Figure 19-3. Add AppleTalk Interfaces Web Page 4. See Table 19-1 to configure the Add AppleTalk Interface Web page parameters: Table 19-1. Add AppleTalk Interface Web Page Parameters Parameter Definition Interface Enter the name of the AppleTalk interface to be created. 1 to 32 Characters VLAN Select the VLAN to be associated with the AppleTalk interface.
Chapter 19 Table 19-1. Add AppleTalk Interface Web Page Parameters Parameter Definition Network Range Start Enter the starting network number. The network number specifies the range of AppleTalk network numbers for extended networks. Each number in the range must be an integer between 0 and 65279. Note: The Network Range Start value must be less than or equal to the Network Range End value. Network Range End Enter the ending network number.
Configuring AppleTalk Routing CLI Commands Use the following CLI commands in interface mode to create an AppleTalk interface: ■ (config-if:)# appletalk cable-range ■ (config-if:)# appletalk address ■ (config-if:)# appletalk zone ■ (config-if:)# appletalk vlan Editing AppleTalk Interfaces You can edit AppleTalk interfaces using either the Web Agent or the CLI.
Chapter 19 3. To add a new zone, enter the new AppleTalk zone name in the Add text field and click Add. Repeat this step as needed for each new zone on this interface. 4. To change a zone name(s), place a check mark(s) in the Select column and make the change(s) to the zone name(s). Click Apply to save the new AppleTalk zone, or either Delete or Cancel to remove the new zone. 5. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click Interfaces.
Configuring AppleTalk Routing CLI Command To edit an AppleTalk interface using the CLI, enter the following command from Interface mode: (config-if:)# appletalk Deleting an AppleTalk Interface You can delete an AppleTalk interface using either the Web Agent or the CLI. Web Agent Procedure To delete an AppleTalk interface using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click Interfaces.
Chapter 19 Creating an AppleTalk Static Route You can create an AppleTalk static route using the Web Agent or the CLI. Web Agent Procedure To create an AppleTalk static route using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click Static Route. The AppleTalk Static Route Web page is displayed in the content pane. See Figure 19-6. Figure 19-6. AppleTalk Static Route Web Page 2. Select CREATE to add a new static route.
Configuring AppleTalk Routing Table 19-2. Add AppleTalk Static Route Web Page Parameters Parameter Definition Network Range Start Enter the starting network number. The network number specifies the range of AppleTalk network numbers for extended networks. Each number in the range must be an integer between 1 and 65279. Note: Network Range Start must be less than or equal to Network Range End. Network Range End Enter the ending network number.
Chapter 19 CLI Command To create an AppleTalk static route using the CLI, enter the following command in Interface mode: (config-if:)# appletalk static cable-range to [floating] zone Editing AppleTalk Static Routes You can edit AppleTalk Static routes using either the Web Agent or the CLI. Web Agent Procedure To edit an AppleTalk static route using the Web Agent: 1.
Configuring AppleTalk Routing 3. If you need to add a new zone, enter the new AppleTalk zone name and click Add in the Add text field. If you need to delete a zone(s), place a check in the Select column next to the zone you need to delete then click the DELETE button. 4. Navigate back the AppleTalk Static Route Web page by expanding the Routing > AppleTalk > Configuration folders, and then clicking Static Route. The AppleTalk Static Route Web page is displayed in the content pane. See Figure 19-6.
Chapter 19 Figure 19-11. AppleTalk Static Route 2. Select the AppleTalk static route that you want to delete from the Select column. 3. Click DELETE to remove the AppleTalk static route. CLI Command To delete an AppleTalk static route using the CLI, enter the following command in Configure mode: (config-if:)# no appletalk static Creating an AppleTalk Name-Binding Protocol (NBP) Filter The NBP performs a conversion from named AppleTalk entities to their AppleTalk protocol addresses.
Configuring AppleTalk Routing Web Agent Procedure To create an NBP Filter using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click NBP Filter. The AppleTalk NBP Filter Web page is displayed in the content pane. See Figure 19-12. Figure 19-12. AppleTalk NBP Filter Web Page 2. Select CREATE to add a new NBP filter. The Add AppleTalk NBP Filter Web page is displayed. See Figure 19-13. Figure 19-13. Add AppleTalk NBP Filter Web Page 3.
Chapter 19 Table 19-3. AppleTalk NBP Filter Parameters Parameter Definition Type Select the type of filtering. The options include: • Deny • Permit Interface Select the interface(s) to apply this filter to.
Configuring AppleTalk Routing 3. Click: CLI Command — CREATE to add a new filter. The Add AppleTalk NBP Filter Web page is displayed. See “Creating an AppleTalk NameBinding Protocol (NBP) Filter” earlier in this chapter for more information. — DELETE to remove the selected NBP filter. — CANCEL to restore previous settings. — Edit If to add or delete this NBP filter to/from an interface. The Add/Delete Interface to NBP Filter Web page is displayed.
Chapter 19 Figure 19-15. Add/Delete Interface to NBP Filter Web Page 3. Select the interface to be added from the Add field pull-down menu. Or Click an interface from the Select column for the interface that you want to be remove. 4. Click: CLI Commands — Add to add this NBP filter to the selected interface. — DELETE to remove this NBP filter from the selected interface. — CANCEL to restore previous settings.
Configuring AppleTalk Routing Creating an AppleTalk Zone Filter You can create an AppleTalk Zone Filter using either the Web Agent or the CLI. Web Agent Procedure To create an AppleTalk zone filter using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Configuration folders, and then click Zone Filter. The AppleTalk Zone Filter Web page is displayed in the content pane. See Figure 19-16. Figure 19-16. AppleTalk Zone Filter Web Page 2. Select CREATE.
Chapter 19 Table 19-4. Add AppleTalk Zone Filter Web Page Parameters Parameter Definition Access List Enter the access list number to be associated with the zone filter. Valid values are 632-663. Name Enter the name of the zone to be filtered. You can also leave this field blank for wildcarding. Type Select the type of filtering. The options include: • Deny • Permit Interface CLI Command Select the interface to apply this filter to.
Configuring AppleTalk Routing CLI Command — CANCEL to restore previous settings. — Edit If to add or delete this zone filter to/from an interface. The Add/Delete Interface to Zone Filter Web page is displayed. See “Adding or Deleting Interfaces to a Zone Filter” later in this chapter for more information.
Chapter 19 4. Click: CLI Commands — Add to add this zone filter to the selected interface. — DELETE to remove this zone filter from the selected interface. — CANCEL to restore previous settings.
Configuring AppleTalk Routing Viewing AppleTalk Global Statistics You can view AppleTalk global statistics using either the Web Agent or the CLI. Web Agent Procedure To view AppleTalk global statistics using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Display folders, and then click Global Statistics. The AppleTalk Global Statistics Web page is displayed in the content pane. See Figure 19-19. Figure 19-19. AppleTalk Global Statistics Web Page Document No.
Chapter 19 2. See Table 19-5 for information about the AppleTalk Global Statistics Web page parameters. 3. Click REFRESH to update all statistics, or CLEAR to reset all statistics to zero. Table 19-5. AppleTalk Global Statistical Web Page Parameters Parameter Number of... Echo Req Tx Echo requests transmitted. Echo Reply Rx Echo replies received. Echo Req Rx Echo requests received. DDP Output Counter DDP packets sent from this node. DDP Output Short DDP packets sent using the short format.
Configuring AppleTalk Routing Table 19-5. AppleTalk Global Statistical Web Page Parameters Parameter Number of... Config Addr Error Configuration address errors detected. Config Zone Error Zone configuration errors detected. RTMP Rq Rx RTMP requests received. RTMP Rq Tx RTMP requests transmitted. RTMP Rsp Rx RTMP responses received. RTMP Rsp Tx RTMP responses transmitted. RTMP RDR Rx RTMP route data requests received. RTMP RDR Tx RTMP route data requests transmitted.
Chapter 19 Figure 19-20. AppleTalk Interface Statistics Table 2. See Table 19-6 for information on the AppleTalk Interface Statistics Table parameters: Table 19-6. AppleTalk Interface Statistics Table Parameters Parameter Definition Interface Displays the name of the AppleTalk interface. Network Range Displays the network range associated with the AppleTalk interface. Network Number Displays the network number of this node. Node Displays the node number of this node.
Configuring AppleTalk Routing Web Agent Procedure To view the AppleTalk route table, and delete or flush entries from the table using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Display folders, and then click Route Table. The AppleTalk Route Table is displayed in the content pane. See Figure 19-21. Figure 19-21. AppleTalk Route Table Web Page 2. See Table 19-7 for information about the AppleTalk Route Table parameters. 3.
Chapter 19 Table 19-7. AppleTalk Route Table Parameters Parameter Definition Owner Displays the AppleTalk component responsible for the addition of the route.The options include: • Local • Static • RTMP Next Hop Displays the next hop address where forwarded packets are routed. Interface Displays the Appletalk interface associated with the route table entry. Zones Displays the zones associated with the selected AppleTalk route.
Configuring AppleTalk Routing 2. See Table 19-8 for information on AppleTalk Route Table Statistics Web page parameters: Table 19-8. AppleTalk Route Table Statistics Web Page CLI Command Parameter Definition Current Number of Routes Displays the current number of AppleTalk routes. Peak Number of Routes Displays the peak number of AppleTalk routes. Currently there is no CLI command to show appleTalk Route Statistics.
Chapter 19 2. See Table 19-9 for a definition of the AppleTalk ARP Cache Table parameters. 3. Select the ARP entries that you want to delete and click Delete Entries. or Click Flush Route Table to reset the ARP cache table entries. Only Dynamic and Router Neighbor entries are flushed. Table 19-9. AppleTalk ARP Cache Table Parameters Parameter Definition Select Select the table entry to be acted upon. Network Range Displays the network range. Node Displays the node number for the entry.
Configuring AppleTalk Routing Viewing the AppleTalk Zone Table You can view the AppleTalk Zone table using either the Web Agent or the CLI. Web Agent Procedure To view the AppleTalk zone table using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Display folders, and then click Zone Table. The AppleTalk Zone Table is displayed in the content pane. See Figure 19-24. Figure 19-24. AppleTalk Zone Table 2. See Table 19-10 for an explanation of the AppleTalk Zone Table parameters.
Chapter 19 Viewing AppleTalk Zone Table Statistics You can view the AppleTalk Zone Table Statistics using either the Web Agent or the CLI. Web Agent Procedure To view AppleTalk zone table statistics using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Display folders, and then click Zone Table Statistics. The AppleTalk Zone Table Statistics Web page is displayed in the content pane. See Figure 19-25. Figure 19-25. AppleTalk Zone Table Statistics Table 2.
Configuring AppleTalk Routing Viewing the AppleTalk NBP Table You can view the AppleTalk NBP Table using either the Web Agent or the CLI. Web Agent Procedure To view the AppleTalk NBP table using the Web Agent: 1. In the navigation pane, expand the Routing > AppleTalk > Display folders, and then click Zone Table. The AppleTalk Zone Table Web page is displayed in the content pane. See Figure 19-24. 2. See Table 19-12 for an explanation of the AppleTalk NBP Table parameters: Table 19-12.
Chapter 19 19-34 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
20 Managing Intelligent Multicasting Overview The following information and procedures provided in this chapter pertain to layer 2 and layer 3 module configurations: ■ Introduction ■ Configuring Intelligent Multicasting ■ Managing IGMP Snooping ■ Managing the LGMP Server ■ Managing the LGMP Client ■ Managing CGMP Snooping For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Versio
Chapter 20 Router ports are ports that are attached to (or in the path to) multicast routers and must be treated specially. All multicast traffic on a VLAN must be forwarded to the router port. Configuration of an Intelligent Multicast session first requires a session to be established. Once that session is established, client and router ports can be added to or removed from the session. Session and port configuration can be done either manually or dynamically.
Managing Intelligent Multicasting The Learning Process, IGMP Snooping To learn which sessions must be configured, or which client or router ports must be added or removed, a mechanism to draw that information from the layer 3 protocols must be enabled. For the Avaya Multiservice Switch, IGMP Snooping is that mechanism. IGMP Snooping can learn about multicast sessions from IP interfaces that reside on the same switch. * Note: IGMP Snooping is only available for VLANs that have an IGMP interface enabled.
Chapter 20 The Dissemination Process, LGMP and CGMP Snooping The Dissemination Process provides a method to dynamically configure multicast sessions on switches with VLANs that do not have IP interfaces. See Figure 20-1. Figure 20-1. LGMP and CGMP Snooping Switch 1 will route the multicast traffic from the Multicast Server on VLAN 1 to VLAN 2. Switch 2 does not have an IP interface on VLAN 2.
Managing Intelligent Multicasting Configuring Intelligent Multicasting This section provides the following procedures: ■ Configuring Global Intelligent Multicasting ■ Displaying Router Ports ■ Configuring Static Router Ports ■ Searching for Intelligent Multicast Sessions ■ Deleting an Intelligent Multicast Session ■ Deleting a Multicast Session Client Port ■ Creating a Static Multicast Session ■ Deleting Static Multicast Sessions ■ Creating Static Client Ports ■ Deleting Static Client Po
Chapter 20 Figure 20-2. Intelligent Multicasting Global Configuration Web Page *Note: In order to route multicast traffic, IP multicast forwarding must be enabled on the switch. See “Enabling IP Routing Global Parameters” in Chapter 12, “Configuring IP Routing.” 2. See Table 20-1 to configure the Intelligent Global Multicast Configuration Web page parameters. 3. Click 20-6 — APPLY to save your changes. — CANCEL to restore previous settings.
Managing Intelligent Multicasting Table 20-1. Intelligent Global Multicast Configuration Web Page Parameters Parameter Definition Enable State Select Disable to prevent intelligent multicasting globally. The default value is Enabled. Automatic Router Port Pruning Select: • Disable - to prevent automatic router port pruning. The default value is Enable. • Time - Enter the time, in seconds, after which quiet learned router ports can be pruned. The valid range (in seconds) is 10 to 172800 (48 hours).
Chapter 20 Displaying Router Ports You can display router ports using either the Web Agent or the CLI. Web Agent Procedure To display router ports using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click Global Configuration. The Intelligent Multicast Global Configuration Web page is displayed in the content pane. See Figure 20-2. *Note: You must enable intelligent multicasting on a global basis to make your router ports active.
Managing Intelligent Multicasting Table 20-2. Router Port Display/Configuration Web Page Parameters Parameter Definition Port Displays the switch port configured as a router port. VLAN Displays which VLAN the router port is bound to. Application Displays the active applications of the router port.
Chapter 20 4. Select All from the VLAN column to add this router port to all VLANs Or Select a specific VLAN from the VLAN field pull-down menu. *Note: When adding a router port to all VLANs, the router port is added only to the VLANs bound to the switch port. To bind multiple VLANs to a switch port, see “Using VLANs, Hunt Groups, and VTP Snooping” in Chapter 6. 5. Click CREATE to save your changes.
Managing Intelligent Multicasting Figure 20-4. Intelligent Multicast Session Search Web Page 2. See Table 20-3 for an explanation of the Intelligent Multicast Session Search Web page parameters. Table 20-3.
Chapter 20 3. Select SEARCH to begin the search for the multicast session. The Multicast Sessions Web page is displayed.with the search results. See Figure 20-5. Figure 20-5. Multicast Sessions Web Page 4. See Table 20-4 for an explanation of the Multicast Sessions Web page parameters: Table 20-4. Multicast Sessions Web Page Parameters Parameter Definition Select Select the multicast session. Session ID Displays the multicast session identifier.
Managing Intelligent Multicasting Table 20-4. Multicast Sessions Web Page Parameters Parameter Definition Client Ports Displays the number of client ports in the multicast session and opens the Multicast Session Client Ports Web page. Application Displays the active application(s) that configured the multicast session.
Chapter 20 Deleting a Multicast Session Client Port You can delete an intelligent multicast session client port by using either the Web Agent or the CLI. Web Agent Procedure To delete a multicast session client port by using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click Session Search. The Intelligent Multicast Session Search Web page is displayed in the content pane. See Figure 20-4. 2.
Managing Intelligent Multicasting Table 20-5. Multicast Session Client Port Web Page Parameters Parameter Definition Select Select the multicast session client port. Port Displays the client port number. Application Displays the application(s) associated with this client port.
Chapter 20 Figure 20-7. Static Multicast Session Web Page 2. Select Create to create a new session. The Static Multicast Session Configuration Web page is displayed. See Figure 20-8. Figure 20-8. Static Multicast Session Configuration Web Page 3. Configure the Static Multicast Session Configuration Web page parameters. See Table 20-6. 4. Click APPLY to create the new static multicast session, or CANCEL to restore previous settings. Table 20-6.
Managing Intelligent Multicasting Table 20-6. Static Multicast Session Configuration Web Page Parameters Parameter Definition MAC Address Enter the MAC address of the new static multicast session. Specifying the MAC address is not used for an IP multicast session. VLAN Enter the VLAN associated with the new multicast session. Click All to add all VLANs to the multicast session, or select a specific VLAN from the pull-down menu.
Chapter 20 3. Click DELETE to remove the static multicast session. Table 20-7. Static Multicast Sessions Web Page CLI Command Parameter Definition Select Select the static multicast session to be deleted. VLAN Displays the VLAN on which the static multicast session exists. MAC Address Displays the MAC address of the static multicast session. IP Address Displays the IP address associated with the static multicast session, if available.
Managing Intelligent Multicasting Figure 20-10. Static Multicast Sessions Clients Port Web Page 3. Enter the new port number to be added in the Port field,. 4. Click Add Client Port. The new port is added. CLI Command To create a static client port using the CLI, enter the following command from Configure mode: (configure)# set intelligent-multicast static-client-port Deleting Static Client Ports Static client ports can be deleted from either the Web or the CLI.
Chapter 20 Managing IGMP Snooping This section provides the following procedures for managing Internet Group Management Protocol (IGMP) snooping: ■ Enabling IGMP Snooping ■ Viewing IGMP Snooping Statistics Enabling IGMP Snooping You can enable IGMP snooping using either the Web Agent or the CLI. Web Agent Procedure To enable IGMP Snooping using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click IGMP Snooping.
Managing Intelligent Multicasting 2. Select Enable from the State field. 3. Click APPLY to complete the operation or CANCEL to ignore the operation. Table 20-8. IGMP Snooping Web Page Parameters Parameter Definition Enable State Select Enable to allow the IGMP snooping on the interface. The default value is Disable. Intelligent Multicast Session Statistics • New Sessions Created - Displays the number of new sessions created by IGMP snooping.
Chapter 20 3. Click: CLI Command — CLEAR to clear the statistics. — REFRESH to refresh the contents of the table.
Managing Intelligent Multicasting Figure 20-12. LGMP Server Configuration Web Page 2. See Table 20-9 to configure the LGMP Server Configuration Web page parameters. 3. Click... Document No. 10-300077, Issue 2 — APPLY to save your changes. — CANCEL to restore previous settings.
Chapter 20 Table 20-9. LGMP Server Configuration Web Page Parameters Parameter Definition Enable State Select to enable or disable LGMP server configuration. The default value is Disabled. Proxy Mode Select to enable or disable Proxy mode. Proxy mode allows the server to send LGMP router report and leave messages on behalf of neighbor routers on the same VLAN. Server ID Priority The priority of the LGMP server on this switch.
Managing Intelligent Multicasting Table 20-9. LGMP Server Configuration Web Page Parameters Parameter LGMP Message Transmission Statistics Definition • Report - Displays the number of LGMP report messages transmitted. • Leave - Displays the number of LGMP leave messages transmitted. • End Session - Displays the number of LGMP end session messages transmitted. • Router Report - Displays the number of LGMP router report messages transmitted.
Chapter 20 CLI Command To view LGMP server statistics, use the following CLI command: > show lgmp server statistics Viewing the LGMP Server Statistics per VLAN You can view the LGMP server statistics per VLAN using either the Web Agent or the CLI. Web Agent Procedure To modify the LGMP server display per VLAN using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click LGMP Server.
Managing Intelligent Multicasting Table 20-10. LGMP Server Display per VLAN Web Page Parameters Parameter Definition Select Select the LGMP server to modify. VLAN Displays the VLAN associated with the LGMP server. State Displays the current state of the LGMP server. • Distributor - The LGMP server serves LGMP messages to LGMP clients. • Non-Distributor - The LGMP server monitors the current distributor.
Chapter 20 Managing the LGMP Client This section provides the following procedures for managing the Lucent Group Management Protocol (LGMP) client: ■ Enabling the LGMP Client ■ Viewing LGMP Clients Statistics ■ Viewing LGMP Clients per VLAN statistics Figure 20-14. LGMP Client Configuration Web Page 20-28 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Managing Intelligent Multicasting Table 20-11. LGMP Client Configuration Web Page Parameters Parameter Definition Enable State Select to enable or disable LGMP client. The default value is Disabled. LGMP Clients Displays the number of LGMP clients per VLAN and opens the LGMP Client Displays per VLAN Web page. LGMP Message Reception Statistics • Report - Displays the number of LGMP report messages received. • Leave - Displays the number of LGMP leave messages received.
Chapter 20 Enabling the LGMP Client You can enable the LGMP client statistics using either the Web Agent or the CLI. Web Agent Procedure To enable an LGMP client using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click LGMP Client. The LGMP Client Configuration Web page is displayed in the content pane. See Figure 20-14. *Note: You must enable intelligent multicasting on a global basis to activate LGMP client configuration. 2.
Managing Intelligent Multicasting Viewing LGMP Clients per VLAN statistics You can view LGMP clients per VLAN statistics using either the Web Agent or the CLI. Web Agent Procedure To view LGMP client statistics per VLAN using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click LGMP Client. The LGMP Client Configuration Web page is displayed in the content pane. See Figure 20-14. 2. Select the number from the LGMP Clients field.
Chapter 20 Table 20-12. LGMP Client Display per VLAN Web Page Parameters Parameter Definition Select Select the LGMP client statistics to clear. VLAN Displays the VLAN associated with the LGMP client. LGMP Message Reception Statistics • Report - Displays the number of LGMP report messages received per VLAN. • Leave - Displays the number of LGMP leave messages received per VLAN. • End Session - Displays the number of LGMP end session messages received per VLAN.
Managing Intelligent Multicasting Figure 20-16. CGMP Snooping Web Page Enabling CGMP Snooping You can enable CGMP Snooping using either the Web Agent or the CLI. Web Agent Procedure To enable CGMP snooping using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click CGMP Snooping. The CGMP Snooping Web page is displayed in the content pane. See Figure 20-16.
Chapter 20 Table 20-13. CGMP Snooping Web Page Parameters Parameter Definition Enable State Select to enable or disable CGMP snooping. CGMP Packet Reception Statistics • Join Messages Received - Displays the number of CGMP join messages received. • Leave Messages Received - Displays the number of CGMP leave messages received. • Unknown Messages Received - Displays the number of unknown CGMP messages received.
Managing Intelligent Multicasting Viewing CGMP Snooping You can view CGMP Snooping using either the Web Agent or the CLI. Web Agent Procedure To view CGMP snooping using the Web Agent: 1. In the navigation pane, expand the L2 Switching > Intelligent Multicast folders, and then click CGMP Snooping. The CGMP Snooping Web page is displayed in the content pane. See Figure 20-16. 2. View the CGMP Snooping Web page fields. 3.
Chapter 20 20-36 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
21 Monitoring the Avaya Multiservice Switch Overview The following information and procedures provided in this chapter pertain to layer 2 and layer 3 module configurations: ■ Interpreting Front Panel LED Displays ■ Checking Active Alarms ■ Using the Event Subsystem ■ Configuring Syslog Event Reporting ■ Configuring Utilization Monitoring For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, S
Chapter 21 Table 21-1. Front Panel LED Explanations Module... 10/100 Modules LED... Behavior... Indication... Port Solid green Port enabled with link up. Flashing green Port disabled. Flashing orange Hardware failure. Off No link. Solid green, with orange flash Port enabled and sending and receiving traffic Traffic indicated by yellow flashes. Flashing green Port disabled with link up. Flashing orange Hardware failure. Off No link.
Monitoring the Avaya Multiservice Switch Figure 21-1. Active Alarm Table Web Page CLI Command Use the show alarms CLI command to view the active alarm table. You can enter this command in User mode. Using the Event Subsystem Overview The Avaya P580 and P882 Multiservice switches have two activity logs: Document No. 10-300077, Issue 2 ■ Event Log - stores a large table of events. You can set the size of the table.
Chapter 21 This sections contains procedures for the following tasks: ■ Configuring Event Notification ■ Configuring Notification of Protocol Events ■ Setting Log Size ■ Viewing the Event and Shutdown Logs ■ Clearing the Event Log ■ Viewing Event Statistics Configuring Event Notification Web Agent Procedure To configure event notification: 1. In the navigation pane, expand the Events folder and then click General Events. The General Event Management Web page is displayed in the content pane.
Monitoring the Avaya Multiservice Switch Figure 21-2. General Event Management Web Page 2. In the ID field, select the classes of events that you want logged. Table 21-2 lists the classes of events that you can log and what events are logged for each class. If you enable event notification for CLI, SNMP, RIP, OSPF, DVMRP, LDAP, Apple Talk, or VRRP, you must set which categories of protocol events generate notifications.
Chapter 21 4. Click APPLY. Table 21-2. Event Classes Class Determines whether the switch sends a notification for... Start Starts of the system. System System events. Configuration Each configuration change (for example, enabling and disabling ports). Temperature Status Changes in temperature status. Temperature status messages could precede a switch shutdown, and are often critical. Resource Changes in system resources. Fan Status Fan status.
Monitoring the Avaya Multiservice Switch Table 21-2. Event Classes Class Determines whether the switch sends a notification for... Redundant CPU Changes in status of a redundant CPU. Notification is sent if: • The status changes from standby to active or vice versa. • The active supervisor loses or establishes contact with the standby supervisor. DVMRP DVMRP events, if DVMRP event logging is enabled. CLI CLI events, if CLI event logging is enabled.
Chapter 21 ■ To forward events to syslog servers, (configure)# set syslog facility {start | system | config | temp | resource | fan | service_port | user_port | power | bridge_stat | switch_fabric | ospf | rip | ldap | appletalk | auth_failure | redundant_cpu | dvmrp | cli | snmp | unknown_mac | vrrp | login_status | acl_log | ssl_ssh | all} Configuring Notification of Protocol Events Overview *Important: If enabled, protocol event logging displays system messages that help Avaya Technical Support troub
Monitoring the Avaya Multiservice Switch Figure 21-3. Protocol Event Management Web Page 2. Enable the categories of protocol events for which you want to generate notifications. See Table 21-3 for an explanation of each category. 3. Click APPLY. Table 21-3. Protocol Event Categories Event Category Explanation Fault Serious errors that can cause a system crash, for example, panic. The default setting is Disable.
Chapter 21 CLI Command To set which categories of protocol events generate notifications, use the following CLI command: (configure)# logging protocol event {rip | ospf | dvmrp | ldap | cli | snmp | appletalk | vrrp} {fault | error | warning | info | trace | debug} Setting Log Size You can set the log size using either the Web Agent or the CLI. Web Agent Procedure To set the log size using the Web Agent: 1. In the navigation pane, expand the Events folder and then click General Events.
Monitoring the Avaya Multiservice Switch Viewing the Event and Shutdown Logs You can view the event log and shutdown log using either the Web Agent or the CLI. Web Agent Procedure To view the event log or shutdown log using the Web Agent: 1. In the navigation pane, expand the Events folder and then click either Event Log or Shutdown Log. The Event Log Search Web page or Shutdown Log Search Web page is displayed in the content pane. See Figure 21-4 for the Event Log Search Web page.
Chapter 21 4. Click Search. The event log or shutdown log is displayed in the content pane. See Figure 21-5. For an explanation of the event log fields, see Table 21-4. * Note: If you do not select a severity level or event type, the entire event log or shutdown log is displayed. Figure 21-5. Event Log Web page Table 21-4. Event Log Fields Entry Definition Log ID Displays the number of this event in the log FIFO (First In First Out). Event ID Displays an index that identifies the event class.
Monitoring the Avaya Multiservice Switch Clearing the Event Log You must have read-write access to clear the event log. This functionality is not available if you have read-only access. Web Agent Procedure To clear the event log: 1. In the navigation pane, expand the Events folder and then click Event Log. The Event Log Search Web page is displayed in the content pane. See Figure 21-4. 2. Click CLEAR EVENT LOG. CLI Command To clear the event log, use the (configure)# logging clear CLI command.
Chapter 21 Table 21-5. Event Statistics Web Page Parameters Parameter Definition Event Log wraps Displays the number of times the event log has wrapped. The event log may or may not wrap, depending on how many events have been sent to the event log and when it was last cleared. When the event log does wrap, the old events are discarded and replaced with the newest events. Events dropped due to overload of event system Displays the number of events that were dropped to prevent overloading.
Monitoring the Avaya Multiservice Switch You can specify a maximum of three remote syslog servers. Syslog messages from the Avaya Multiservice switch are unidirectional. No acknowledgement is expected from the syslog server. * Note: If you enable syslog event reporting, Avaya recommends that you enable Simple Network Time Protocol (SNTP) on the switch and on the remote syslog servers. For information on SNTP, see “Enabling the Simple Network Time Protocol” in Chapter 3, “Configuring System Information.
Chapter 21 3. In the Enable State field, select Enable or Disable: ■ Enable—Enables syslog reporting to the IP addresses that you enter in the Syslog Collector’s IP Addresses fields. ■ Disable—Disables syslog reporting. Syslog is disabled by default. 4. In the Syslog Collector’s IP Addresses fields, enter the IP addresses of the remote syslog servers. You can specify a maximum of three syslog servers. 5. In the Severity field, select a severity level.
Monitoring the Avaya Multiservice Switch Configuring Utilization Monitoring Overview Utilization monitoring makes it possible for you to monitor utilization of the: ■ CPU—the number of packets per second that the CPU on the supervisor module routes (slow path). ■ Forwarding engine—the number of packets per second that the 80series forwarding engines route. This statistic includes packets routed by the forwarding engines on 80-series media modules (FIRE) and on the supervisor module (FORE).
Chapter 21 Table 21-7. Keywords, Arguments, and Options Keyword, Argument, or Option Definition cpu Enables monitoring of CPU utilization. forwarding-engine Enables monitoring of 80-series forwarding engines.
Monitoring the Avaya Multiservice Switch Setting a Utilization Threshold To set a utilization threshold, enter Global Configuration mode and use the following command: set utilization high-threshold {cpu | FIRE | FORE} The default setting for the utilization threshold is 95 percent. Table 21-9. Keywords, Arguments, and Options Keyword, Argument or Option Definition cpu Sets the high threshold for CPU utilization.
Chapter 21 Viewing Utilization Settings To view the current utilization settings, use the following command: show utilization settings You can enter this command from user mode.
Monitoring the Avaya Multiservice Switch Sample Sample Sample Sample 8: 3 percent 9: 3 percent 10: 2 percent 11: 3 percent Viewing Statistics for Forwarding Engine Utilization To display the statistics for forwarding engine utilization, use the following command: show utilization results forwarding-engine You can enter this command from user mode. Table 21-10.
Chapter 21 The command displays a history of utilization and the average utilization. A sample of the display is as follows: Average statistics over the 120 second sample window: Forwarding Engine Utilization =1 percent. Forwarding Engine Total Packet Rate = 28843 PPS. Routing Component IPU Packet Rate = 28835 PPS. Routing Component IPM Packet Rate = 0 PPS. Routing Component IPX Packet Rate = 0 PPS.
22 Monitoring and Configuring the Forwarding Cache Overview Contents The information and procedures provided in this chapter pertain to layer 3 module configuration only: ■ Configuring the Forwarding Cache ■ Monitoring the Forwarding Cache Statistics ■ Displaying the Forwarding Cache For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.
Chapter 22 To prevent this issue from occurring, monitor the forwarding cache and increase the maximum number of system entries as necessary. You may need to adjust the setting initially to accommodate peaks in network demand. Configuring the Forwarding Cache You can configure the forwarding cache using the Web Agent or the CLI. Web Agent Procedure To configure the forwarding cache using the Web Agent: 1.
Monitoring and Configuring the Forwarding Cache 3. Click: — APPLY to save your changes — CANCEL to restore previous settings — REFRESH to update your system configuration — CLEAR to reset all configuration parameters to zero. Table 22-1. Layer-3 Forwarding Cache Configuration Web Page Parameters for Tree Configuration Field... For the protocol... Allows you to... Hash Mode IP Unicast (IPU) Configure the table hash lookup mode for the IP unicast, IP multicast and IPX protocols.
Chapter 22 CLI Command To configure the forwarding cache using the CLI, enter the following commands from Configure mode: ■ (configure)# ip multicast route-cache ■ (configure)# ip unicast route-cache ■ (configure)# ipx route-cache * Note: There is no CLI command to clear the L3 FE cache.
Monitoring and Configuring the Forwarding Cache Figure 22-2. Frame Forwarding Statistics Web Page 2. See Table 22-2 for an explanation for the Frame Forwarding Statistics Web page parameters. Table 22-2. Frame Forwarding Statistics Web Page Parameters Parameter Defines the... FIRE Fabric Port/ Chip Index Fabric port associated with the layer 3 module. The P580 switch has 13 fabric ports: the P882 switch has 33 fabric ports.
Chapter 22 Table 22-2. Frame Forwarding Statistics Web Page Parameters Parameter Defines the... L3 Slow Path Frames Number of frames received on a fabric port that were not successfully matched against existing forwarding entries in the layer 3 (L3) address cache. Subsequently, these frames were forwarded to the supervisor module (slow path). All frames sent to the supervisor module are routed in software.
Monitoring and Configuring the Forwarding Cache To search the L3 address cache using the Web Agent: 1. In the navigation pane, expand the Routing > L3 Forwarding Cache folders, and then click Entry Search. The Active Forwarding Cache Entry Search Web page is displayed in the content pane. See Figure 22-3. Figure 22-3. Active Forwarding Cache Entry Search Web Page 2. Select the search criteria that you want to use to find more specific information on available routes from the Search By column.
Chapter 22 Table 22-3. L3 Forwarding Cache Entry Search Web Page Parameters Parameter Allows you to search for all entries... Destination Address Within the routing cache that match the specified destination address (IP address), or IPX network number Source Address Within the routing cache that match the specified source address (IP address), or IPX network number Protocol By protocol identifier. By default, this field is 0 for IP.
Monitoring and Configuring the Forwarding Cache Figure 22-4. Forwarding Cache Search by VLAN CLI Command To display the L3 Forwarding Cache cache, use one of the following commands for a specific routing cache: ■ > show ip unicast cache ■ > show ip multicast cache ■ > show ipx cache Displaying the Forwarding Cache You can display the Forwarding cache information using either the Web Agent or the CLI. Web Agent Procedure To display the forwarding cache information using the Web Agent: 1.
Chapter 22 Figure 22-5. Active FE Cache Web Page 2. To modify your FE Cache table, do one of the following: — Select the entry and click Flush Entry to delete one or more entries — Click Flush Table to clear the entire table * Note: Flushing the table will disrupt traffic flow and clear all Forwarding Entries, and all flows must be relearned. — Click REFRESH to refresh the contents of the table — Click Clear to remove the statistics only (the entry in the table remains). 3.
Monitoring and Configuring the Forwarding Cache Table 22-4. Active FE Cache Web Page Fields Parameter Defines... Fabric/Chip Index The Packet Routing Engine in question. Type The type of packet (for example, IP unicast, IP multicast). Mode The table mode which includes: • DA-Only • SA & DA The table mode indicates what values are used in a comparison to determine whether or not a packet is forwarded. Memory Use in Bytes Memory used by each entry.
Chapter 22 22-12 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
23 Using RMON and Ethernet Statistics to Analyze Network Performance Overview The following information and procedures provided in this chapter pertain to layer 2 and layer 3 module configurations: ■ Viewing Network Statistics ■ Setting Up Port Mirroring For more information about the CLI commands that are mentioned in this chapter, see Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, Software Version 6.
Chapter 23 Figure 23-1. Module Statistics Web page 2. Select Clear Counters to get a fresh view of the statistics being gathered. This resets all of the counters to zero, so that you can track the counters from a specific point forward. 3. Select a module from the Module column to view statistics for that specific module. The Port Statistics Web page is displayed. See Figure 23-2. Figure 23-2. Port Statistics Web page 23-2 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Using RMON and Ethernet Statistics to Analyze Network Performance 4. Click Clear Counters to get a fresh view of the statistics being gathered. This resets all of the counters to zero so that you can track the counters from a particular point forward. 5. Select a port from the Name column to view statistics for that specific port. The Ethernet Interface Statistics Web page is displayed. See Figure 23-3. Figure 23-3. Ethernet Interface Statistics Web page 6.
Chapter 23 Table 23-1. Ethernet Interface Statistics Web Page Fields Statistic Indicates Actions Sample The sample number. N/A Interval Start The date and time this log entry was made. N/A Utilization Percentage of utilization. The percentage of available bandwidth used by traffic. Bytes Raw number of octets received at the interface. Provides some indication of the amount of network bandwidth being used. A sharp increase could indicate a need to reconfigure the network.
Using RMON and Ethernet Statistics to Analyze Network Performance Table 23-1. Ethernet Interface Statistics Web Page Fields Statistic Indicates Actions Multicasts Normal during network operation. For example, multicast packets are to send target video streams to selected stations on the network, and are part of the operation of the Spanning Tree Protocol. Possible causes: • Too many multicast frames can consume valuable network bandwidth.
Chapter 23 Table 23-1. Ethernet Interface Statistics Web Page Fields Statistic Indicates Actions Oversized Packets Count of packets with a valid CRC that violate the maximum Ethernet packet size. Possible cause: Device or application creating non-compliant packets. These malformed packets are most often the result of software errors. Fragments Fragments or runts result from normal collision activity in Ethernet networks.
Using RMON and Ethernet Statistics to Analyze Network Performance Table 23-1. Ethernet Interface Statistics Web Page Fields Statistic Indicates Actions Collisions (halfduplex links only) Counts number of times that packets have collided on the network. Collisions increase as network use of shared segments increases. Therefore, if the collision rate increases without an increase of network use, it might indicate a problem.
Chapter 23 Packets addressed to the CPU, such as pings, are duplicated out of the mirror port. Tagged packets that are sent into a source port with a VLAN ID to which the source port is not bound, are not transmitted out the mirror port. VLAN tag information is not propagated to the mirror port. * Note: To prevent unnecessary traffic flooding on a mirror port, put the mirror port on the same VLAN as the source port.
Using RMON and Ethernet Statistics to Analyze Network Performance Web Agent Procedure To set up a port mirror on a switch in Fabric mode 1 by using the Web Agent: 1. In the navigation pane, expand the Modules & Ports folder, and then click Port Mirroring. The Port Mirroring Information Web page is displayed in the content pane. See Figure 23-4. Figure 23-4. Port Mirroring Information Web Page 2. See Table 23-2 for an explanation of the fields on the Port Mirroring Information Web page. Table 23-2.
Chapter 23 3. Select a source port for traffic from the Configure Source column. The Port Mirroring Configuration Web page is displayed. See Figure 23-5. Figure 23-5. Port Mirroring Configuration Web page 4. See Table 23-3 for an explanation of the fields on the Port Mirroring Configuration Web page. Table 23-3. Port Mirroring Configuration Web Page Parameters Parameter Definition Source Port(s) List of available selections.
Using RMON and Ethernet Statistics to Analyze Network Performance Table 23-3. Port Mirroring Configuration Web Page Parameters Parameter Definition Piggyback Port Port used to enable bi-directional port mirroring. If no piggyback port is specified, only received traffic from the source port will go to the mirror port. The piggyback port should have the same bandwidth as the source port. Only one port per fabric can be used as a piggyback port. Sampling rates have no effect on transmitted information.
Chapter 23 CLI Command To set up an RMON mirror port by using the CLI, enter the following command from Enable/Configure mode: (configure)# set port mirror Setting Up Port Mirroring on a Switch in Fabric Mode 2 Fabric mode 2 port mirroring provides the ability for 80-series modules to monitor traffic that a port transmits and receives. Four channels are provided for monitoring traffic, so you can monitor four different ports or port ranges simultaneously.
Using RMON and Ethernet Statistics to Analyze Network Performance Web Agent Procedure To use the Web Agent to set up port mirroring on a switch in Fabric mode 2: 1. Expand the Modules & Ports folder. 2. Click Port Mirroring. The Port Mirroring Information Web page is displayed in the content pane. See Figure 23-6. Table 23-5 provides an explanation of each field on the Web page. Figure 23-6.
Chapter 23 Table 23-4. Port Ranges for Fabric Mode 2 Port Mirroring Module Port ranges that you can mirror 4-port gigabit modules • 1–2 • 3–4 • Any single port You can mirror any four single ports simultaneously (one port per channel). However you cannot mirror a port range and a single port within that range simultaneously. Example: You can mirror port 1 on channel 1, port 2 on channel 2, and port 3 on channel 3 simultaneously.
Using RMON and Ethernet Statistics to Analyze Network Performance Table 23-4. Port Ranges for Fabric Mode 2 Port Mirroring Module Port ranges that you can mirror 48-port 10/100 modules • 1–12 — any 1 port or the entire range. • 13–24 — any 1 port or the entire range. • 25–36 — any 1 port or the entire range. • 37–48 — any 1 port or the entire range. If you mirror a single port, you can mirror only 1 port per range at a time.
Chapter 23 7. Do one of the following: IF you select... THEN... Periodic in the Sampler Type column In the Max Packets per Second column, enter the maximum number of packets per second that you want the mirror port to receive. Disable or Always in the Sampler Type column Go to step 8. 8. If you selected Transmit/DA Filter in the Direction/Filter field, enter the MAC address that you want to monitor in the DA Filter field for the port mirror. 9.
Using RMON and Ethernet Statistics to Analyze Network Performance Table 23-5. Port Mirroring Information Web Page Parameters Parameter Definition Direction/Filter The direction of traffic that you want to mirror and the filter that you want to set up, if any. Options are: • Receive/None-Mirrors all receive traffic. • Transmit/None-Mirrors all transmit traffic. • Both/None-Mirrors all transmit and receive traffic.
Chapter 23 Removing a Fabric Mode 2 Port Mirror Web Agent Procedure To remove a port mirror on a switch in Fabric mode 2 by using the Web Agent: 1. In the navigation pane, expand the Modules & Ports folder, and then click Port Mirroring. The Port Mirroring Information page is displayed in the content pane. 2. In the Source Port column, select None for the port mirror that you want to remove. 3. Click Apply.
24 Managing Buffers and Queues on 50-Series Modules Overview The following information and procedures provided in this chapter pertain to layer 2 and layer 3 module configurations. Buffer management features help you to optimize traffic throughput through the switch fabric.
Chapter 24 The Service Ratio can be chosen to match traffic patterns and performance requirements using a weighted round robin scheduling algorithm. The available service ratios of the algorithm are defined in “Managing Buffers and Queues”. The factory default service ratio for fabric ports is 999/1. The factory default service ratio for physical ports is 1023 to 1.
Managing Buffers and Queues on 50-Series Modules Figure 24-1. Module Information Web Page 2. Select the module whose buffers you want to manage from the Select column. 3. Select the Module number for that module from the Buffer Management column. The Buffer Management Web page is displayed. See Figure 242. Figure 24-2. Buffer Management Web Page 4. See Table 24-1 for an explanation of the Buffer Management Web page parameters. Document No.
Chapter 24 Table 24-1. Buffer Management Web Page Parameters Parameter Definition Fabric Port Buffers Displays the port’s fabric port buffers and allows you to open the Buffer Detail Configuration Web page for the selected module. Service ratios: • 3 to 1 • 99 to 1 • 999 to 1 • 9999 to 1 Physical Port Buffers Displays the port’s physical port buffers if available.
Managing Buffers and Queues on 50-Series Modules Figure 24-3. Buffer Detail Configuration Web Page 6. See Table 24-2 for an explanation of the Buffer Detail Configuration Web page input and output fields: Table 24-2. Buffer Detail Configuration Web Page Parameters Parameter Definition... Memory Displays the amount of physical memory associated with this buffer. Age Timer Displays the amount of time a packet remains in the queue before being discarded as a stale packet.
Chapter 24 Table 24-2. Buffer Detail Configuration Web Page Parameters Parameter Definition... High Priority Allocation Displays the percent of the buffer’s queuing space allotted to high priority traffic. Because the high-priority queue is serviced more frequently than the normal priority queue, raising this value may not necessarily provide better service.
Managing Buffers and Queues on 50-Series Modules 7. Repeat Steps 1-4 to tune Physical Port (Fast Ethernet) buffers. Physical Port ports have additional buffers on both the input and output ports. 8. Click APPLY to save your changes, or CANCEL to restore previous settings. CLI Command To manage buffers and queues using the CLI, enter the following command from Configure mode: (configure)# set buffering port Document No.
Chapter 24 24-8 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
25 80-Series QoS Overview Quality of Service (QoS) is a set of tools that make it possible for you to manage traffic across a switch or a network. These tools protect specific traffic from the effects of network congestion. You can enable these features for a module or individual ports on a module to control the flow of traffic across your network.
Chapter 25 Why implement QoS? Purpose of QoS In a network that has time-sensitive traffic (VoIP) or bandwidth-intensive traffic (real-time or near-real-time streaming-video), QoS makes it possible for you to prioritize the time-sensitive traffic and assign larger amounts of bandwidth to those applications that require it. VoIP traffic has relatively low bandwidth requirements, but cannot tolerate latency or frame loss. Therefore, this traffic needs a high priority to ensure its timely delivery.
80-Series QoS How Does QoS Work? The QoS process starts at the point where a frame enters the switch and ends when the frame exits the switch. This section describes the QoS process from start to finish: ■ QoS Process for Ingress Traffic ■ QoS Process for Egress Traffic ■ Diagram of QoS Process QoS Process for Ingress Traffic Process The QoS process for ingress traffic involves the following steps: 1. Identifying the priority, also called class, of the frame or packet.
Chapter 25 3. Forwarding the frame or packet from the ingress queue to its destination. If you enable policing for the queue, the switch forwards ingress traffic that falls within the maximum bit rate that you set and drops ingress traffic that exceeds the maximum bit rate. For more information on policing, see “Ingress Policing” later in this chapter. Example You want to assign a priority of 5 to a VoIP flow that is destined to an IP 600 phone switch.
80-Series QoS Example You want to assign a priority of 5 to a VoIP flow that is destined to an IP 600 phone switch. You then want the switch to use the CBWFQ queueservicing algorithm to forward frames from queue 5. The IP 600 phone switch is connected to an Avaya P882 Multiservice switch on port 5.5. 1. You set up an ACL rule that associates a priority of 5 with the destination IP address of the VoIP flow.
Chapter 25 Diagram of QoS Process Figure 25-1 illustrates the QoS process from when a frame enters the switch to when the frame exits the switch. Figure 25-1. QoS Process Frame received on switch port. Ø Priority of frame is identified. Ø Frame is stored in 1 of 8 ingress priority queues Ý Frame is forwarded from ingress priority queue to egress port. NOTE: If policing is enabled, the switch forwards traffic that falls within the maximum bit rate and drops traffic that exceeds the maximum bit rate.
80-Series QoS Classification of Traffic The switch assigns traffic to one of eight queues according to the priority, or “class,” of the traffic. Priorities range 0 to 7, 7 being the highest priority. You can set the switch to classify traffic by the priority assigned to the following characteristics: ■ ■ ■ Layer 2 characteristics: — Physical port that the frame or packet is received on — Cisco ISL tag or 802.
Chapter 25 ■ Setting a Physical Port to Ignore Tag Priority ■ Setting the Priority of a MAC Address ■ Displaying the Priority of a MAC Address ■ Setting a Physical Port to Use DiffServ ■ Setting a Physical Port to Mask DiffServ Bits ■ Assigning a Priority to a DSCP ■ Displaying the DiffServ Table ■ Displaying the QoS Settings for a Physical Port ■ Setting Up an ACL Rule ■ Setting Up a Default ACL Rule ■ Displaying ACL Rules Default Priority By default, the switch uses the priority fro
80-Series QoS Classifying Traffic by Layer 2 Characteristics In addition to Cisco ISL tag, 802.1p tag, and physical port priority, the switch can classify traffic by: ■ Source MAC address ■ Destination MAC address For information about how to set a priority for a source or destination MAC address, see “Setting the Priority of a MAC Address” later in this chapter. In addition to these layer 2 characteristics, you can classify bridged IP traffic by DiffServ code point.
Chapter 25 The priority that is specified by an ACL takes precedence over all other priorities. Because of this precedence, the switch determines whether a rule in an ACL exists for an IP packet in the final stage of classification. If an ACL exists, the priority associated with the ACL replaces the current priority of the frame. For information on how to set a rule in an ACL, see “Setting Up an ACL Rule” later in this chapter.
80-Series QoS Diffserv RFC 2475 defines a field in the layer 3 header of IP packets, called the DiffServ code point (DSCP). Typically, hosts or routers sending traffic into a DiffServ network mark each transmitted packet with the appropriate DSCP. The switch then uses the DSCP to classify packets. You can alternately set the switch to replace the DSCP in a packet with a different DSCP. The switch then uses the new DSCP to classify the packet.
Chapter 25 Table 25-2. Precedence of Priorities Layer Precedence of Priority Priority Used for Classification Layer 2 DSCP (for bridged IP traffic) Destination MAC address priority Source MAC address priority 802.1p tag Cisco ISL tag Low Physical port priority 2 of 2 Supported Number of Queues Table 25-3 specifies the number of ingress and egress queues that are available on each module. Table 25-3.
80-Series QoS Table 25-3. Modules and Available Queues Module Ingress Queues Egress Queues 48-port 10/100 modules • 1 set of 8 queues for ports 1–12. 1 set of 8 queues per port. • 1 set of 8 queues for ports 13–24. Total: 48 sets of 8 queues. • 1 set of 8 queues for ports 25–36 • 1 set of 8 queues for ports 37–48 Total: 4 sets of 8 queues 2 of 2 Setting the Priority of a Physical Port CLI Command Use the set port default-priority command to set the priority of a physical port.
Chapter 25 Table 25-4. Keywords, Arguments, and Options Keyword, Argument or Option Definition all-ports All ports in the chassis. If you specify allports, all ports on all modules in the chassis are set with the same priority. The priority that you want to assign to the port or port range. Enter a number between 0 and 7. The highest priority is 7. Each physical port has a default priority of 3. 2 of 2 Examples Table 25-5. Examples: set port default-priority To... Enter...
80-Series QoS Table 25-6. Keywords, Arguments, or Options Keyword, Argument or Option Definition The slot number of a module. If you specify , the switch ignores tag priorities on all ports of the module. The slot number of a module, and, either a port number, or a range of port numbers having the format Px-Py. For example: • To specify port 1 on the module in slot 3, enter 3/1. • To specify ports 1 through 5 on the module in slot 3, enter 3/1-5.
Chapter 25 Setting the Priority of a MAC Address CLI Command Use the set aft entry command to set the priority of a source MAC address or destination MAC address.
80-Series QoS Table 25-8. Keywords, Arguments, and Options Keyword, Argument or Option Definition The priority that you want to assign to the destination MAC address. Enter a number between 0 and 7.
Chapter 25 Table 25-9. Examples: set aft entry To... Enter... • Associate MAC address 00:00:00:00:00:55 with port 1 on the module in slot 3 and with VLAN 50. set aft entry 00:00:00:00:00:55 VLAN 50 port-binding forward 3/1 da-priority aft 7 • Forward frames that have a source or destination MAC address of 00:00:00:00:00:55. • Assign a priority of 7 to packets that have a destination MAC address of 00:00:00:00:00:55.
80-Series QoS Setting a Physical Port to Use DiffServ CLI Command Use the set port use-diffserv command to set a port to classify bridged IP traffic by its DiffServ code point (DSCP). The syntax for the command is: (configure)# set port use-diffserv {{ | } [..., { | }] | all-ports} {on | off} Table 25-10. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
Chapter 25 Setting a Physical Port to Mask DiffServ Bits CLI Command Use the set port mask-diffserv command to mask the three least significant bits of the DSCP when the switch is using the DSCP to classify bridged IP traffic. If you mask the three least significant bits of the DSCP, the switch recognizes the remaining bits as the precedence field of the type of service (TOS) field and classifies the packets accordingly.
80-Series QoS Assigning a Priority to a DSCP CLI Command Use the set diffserv priority command to assign a priority to a DiffServ code point (DSCP) in the DiffServ Mapping Table. The syntax of the command is: (configure)# set diffserv priority dscp [] Table 25-12. Keywords, Arguments, and Options Example Keyword, Argument or Option Definition The priority that you want to assign. Enter a number between 0 and 7.
Chapter 25 Displaying the QoS Settings for a Physical Port CLI Command Use the show port command to display the QoS settings for a physical port. This command displays the priority of the port, if the port is set to ignore 802.1p tag priority, and if the port is set to use the DSCP for bridged IP traffic. The syntax of the command is: > show port [{ | } [...,{ | }]] Table 25-13.
80-Series QoS The command syntax is: Standard ACL (configure)# access-list {permit [{use-priority | use-diffserv [mask] | remark-diffserv [mask] | use-l2}] | deny | fwd1 | fwd2 | fwd3 | fwd4 | fwd5 | fwd6 | fwd7 | fwd8} { | any | host } Extended ACL (configure)# access-list {permit [{use-priority | use-diffserv [mask] | remark-diffserv [mask]
Chapter 25 Table 25-14. Keywords, Arguments, and Options Keyword, Argument or Option Definition The DSCP that you want to replace the DSCP of the packet. use-l2 Classifies traffic by the layer 2 priority of the packet. If you enter use-l2, the switch ignores the ACL rule priority and DiffServ priority. deny Blocks the packet. fwd1 | fwd2 | fwd3 | fwd4 | fwd5 | fwd6 | fwd7 | fwd8 The priority that you want to set. The number following the fwd specifies the priority.
80-Series QoS Table 25-14. Keywords, Arguments, and Options Keyword, Argument or Option Definition The destination IP address of the subnet that you want to assign a priority to. The inverse of a network mask. Enter a 32-bit number in four-part, dotted decimal format. Place ones in the bit positions that you want to mask. This parameter specifies a range of IP address. For example, to specify all IP addresses in the 10.10.70 subnet, enter 10.10.70.0 0.0.0.255.
Chapter 25 Table 25-15. Examples: Standard ACL Rules To... Enter... • Replace the existing DSCP with a DSCP of 5 for all traffic that has a source IP address in the 10.10.80 subnet. access-list MyAccessList1 6 permit remark-diffserv 5 mask 10.10.80.0 0.0.0.255 • Mask the three least significant bits of the DSCP Use the layer 2 priority of the packet to classify all traffic that has a source address in the 11.11.11 subnet access-list MyAccessList1 7 permit use-l2 11.11.11.0 0.0.0.
80-Series QoS Table 25-16. Examples: Extended ACL Rules To... Enter... Assign a priority of 2 to all TCP traffic that has a: access-list MyAccessList2 3 permit use-priority 2 tcp 1.1.0.0 0.0.255.255 gt 24 6.6.0.0 0.0.255.255 eq 23 • Source IP address in the 1.1 subnet • Source port that is greater than 24 • Destination IP address in the 6.6 subnet • Destination port of 23 • Replace the existing DSCP of packets with a DSCP of 12 for all traffic that has a source IP address of 199.93.238.83.
Chapter 25 Table 25-16. Examples: Extended ACL Rules To... Enter... • Use the DSCP to classify all UDP traffic that has a: access-list MyAccessList2 9 permit use-diffserv mask udp host 7.7.7.7 host 8.8.8.8 range 33 44 — Source IP address of 7.7.7.7 — Destination IP address of 8.8.8.8 — Destination port between 33 and 44 • Mask the three least significant bits of the DSCP • Assign a priority of 7 to all TCP traffic that has a: — Source IP address of 9.9.9.
80-Series QoS Examples To... Enter... Use the DSCP in the packet to classify all traffic that does not match any other ACL rule. access-list MyAcessList1 512 permit use-diffserv any Replace the existing DSCP with a DSCP of 63 for all traffic that does not match any other ACL rule. access-list MyAcessList1 512 permit remark-diffserv 63 any The switch uses the new DSCP of 63 to classify the packets. Use the layer 2 priority in the packet to classify all traffic that does not match any other ACL rule.
Chapter 25 The switch uses queue 0 to forward protocol packets (ARP, VRRP, OSPF, and so on) to the supervisor module. If you enable policing on queue 0, be sure to allocate the queue enough bandwidth for management packets and learned packets. Failure to allocate enough bandwidth to the queue may result in poor network performance. Do not disable this queue by allocating it 0 bits per second (bps).
80-Series QoS Table 25-17. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module. If you specify , policing is enabled for all ports on the module in the slot that you specify. The slot number of a module, and, either a port number, or a range of port numbers having the format Px-Py. For example: • To specify port 1 on the module in slot 3, enter 3/1. • To specify ports 1 through 5 on the module in slot 3, enter 3/1-5.
Chapter 25 Displaying the Policing Settings Use the show port police command to display the settings for policing. For information on how policing works, see “Ingress Policing” earlier in this chapter. The syntax for this command is: > show port police { | } [..., { | }] Table 25-18. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
80-Series QoS Queue-Servicing Algorithms The following queue-servicing algorithms are available for egress queues: ■ Weighted fair queueing (WFQ) ■ Strict Priority ■ Class-based queueing (CBQ) ■ Class-based weighted fair queueing (CBWFQ) * Note: In earlier versions of the switch software, you could set ingress queues to use the weighted fair queuing (WFQ) and strict priority queue-servicing algorithms. In v5.3.1 and later, you can set only egress queues to use these queue-servicing algorithms.
Chapter 25 The switch always services the queue that has the highest accumulated weight. If two queues have the same accumulated weight, the switch first services the queue that has the highest priority (0 – 7). Table 25-19 lists the default weight increment for each queue. Table 25-19. Default Weight Increments Queue Weight Increment WFQ 0 1 WFQ 1 2 WFQ 2 4 WFQ 3 8 WFQ 4 16 WFQ 5 32 WFQ 6 64 WFQ 7 128 For information on how to set up WFQ, see “Setting Up WFQ” later in this chapter.
80-Series QoS Strict Priority Queueing With strict priority queuing, the switch services the eight queues in order of their priority. The highest priority queue is serviced until it is empty, and then the lower priority queues are serviced sequentially until they are empty. For example, queue 7 must be empty before the switch services queue 6. Queue 6 must be empty before the switch services queue 5. Queue 5 must be empty before the switch services queue 4, and so on.
Chapter 25 ■ The action that you want the switch to take when the bit rate exceeds the maximum bit rate. — Drop the packets Or — Forward the packets according to the weight of the queue * Note: Avaya recommends that you do not set a port using CBWFQ as the source port or mirror port for a port mirror. When the switch limits the bandwidth of a port, packets are subject to random drop. If packets from a source port or mirror port are dropped, the mirror traffic may not match the source traffic.
80-Series QoS Setting Up WFQ Use the set port queue service wfq command to set a port, port range, or module to use weighted fair queueing (WFQ) queue servicing. WFQ is the default queue-servicing algorithm. The syntax of the command is: (configure)# set port queue service {{ | } [...,{ | }] | all-ports} wfq {queue weight | default} Table 25-20.
Chapter 25 Setting Up Strict Priority Queueing CLI Command Use the set port queue service strict-priority command to set a port, port range, or module to use strict priority queue servicing. The syntax of the command is: (configure)# set port queue service {{ | } [...,{ | }] | all-ports} strictpriority Table 25-21. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
80-Series QoS Setting Up CBQ Use the set port queue service cbq command to set a port, port range, or module to use class-based queuing (CBQ) queue servicing. The syntax of the command is: (configure)# set port queue service {{ | } [..., { | }] | all-ports} cbq queue bit-rate Table 25-22. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
Chapter 25 Setting Up CBWFQ Use the set port queue service cbwfq command to set a port, port range, or module to use class-based weighted fair queuing (CBWFQ) queue servicing. The syntax of the command is: (configure)# set port queue service {{ | } [..., { | }] | all-ports} cbwfq queue bit-rate normal-burst [exceed {drop | max-burst [weight ]}] Table 25-23.
80-Series QoS Table 25-23. Keywords, Arguments, and Options Keyword, Argument or Option Definition The maximum size of burst that is guaranteed transfer. Bursts that are smaller than this size are guaranteed transfer. Bursts that are larger than this size are either serviced by WFQ or dropped (whichever action that you specify). The default setting is servicing by WFQ and the default weight for the queues. The normal burst can range from 0 to 15,000 bytes.
Chapter 25 Table 25-23. Keywords, Arguments, and Options Keyword, Argument or Option Definition The maximum size burst that is serviced by WFQ once the normal burst has been exceeded. Bursts that are smaller than this size are serviced by WFQ. Bursts that are larger than this size are dropped. If you set this threshold to the same value as normal burst, the maximum burst capability is disabled. The maximum burst can range from the normal burst size to 15,000.Avaya recommends a value of 6000.
80-Series QoS Displaying the Queue-Service Settings CLI Command Use the show port queue service command to display the settings for queue servicing. The syntax for this command is: > show port queue service { | } [..., { | }] Table 25-24. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
Chapter 25 QoS Statistics You can display QoS statistics for: ■ All ports on a module ■ A port or port range ■ A specific queue on a port, port range, or module Two sets of statistics are displayed for egress queues: port statistics and queue statistics. For ingress queues, only queue statistics are displayed. Table 25-25 lists the statistics that are displayed for ingress queues. Table 25-27 lists the statistics that are displayed for egress ports.
80-Series QoS Table 25-25. Ingress Queue Statistics for 10/100 Modules Statistic Explanation Threshold (% Full) The threshold for queue capacity that determines whether additional frames are counted toward Frames Enqueued Above Threshold or Frames Enqueued Below Threshold. If the number of frames in the queue exceeds this percentage of the queue capacity, the Frames Enqueued Above Threshold count is increased when another frame is added to the queue.
Chapter 25 Table 25-25. Ingress Queue Statistics for 10/100 Modules Statistic Explanation Frames Dequeued The total number of frames that were removed from the queue and forwarded to the egress physical port for transmission. This number is cumulative since the last reset of the statistics. The total number of frames that were forwarded from the queue.
80-Series QoS Table 25-27. Egress Port Statistics for 10/100 Modules Egress Port Statistics for Gigabit Modules Statistic Explanation Frames Arriving Switch Fabric The number of frames that the module received from the switch fabric. This number is cumulative since the last reset of the statistics. Frames Dropped Runt The number of frames that the port range dropped because they were smaller than the minimum frame size of 60 bytes. This number is cumulative since the last reset of the statistics.
Chapter 25 Table 25-28. Egress Port Statistics for Gigabit Modules Statistic Explanation Multicast Bytes Enqueued The number of multicast bytes that the port queued. This number is cumulative since the last reset of the statistics. Broadcast Frames Enqueued The number of broadcast frames that the port queued. This number is cumulative since the last reset of the statistics. Broadcast Bytes Enqueued The number of broadcast bytes that the port queued.
80-Series QoS Table 25-29. Buffer Statistics for Egress Queues Statistic Explanation Total Queue Memory (buffers) The total number of buffers that are allocated to all queues on the port. Total Queue Memory (bytes) The total number of bytes that are allocated to all queues on the port. Age Out Interval The maximum number of milliseconds that a queue can store a packet. If the switch does not forward the packet before this time period expires, the queue drops the packet.
Chapter 25 Displaying QoS Statistics Use the show port queue counters to display QoS statistics. The syntax of this command is: > show port queue counters { | } [..., { | }] {ingress | egress | all} [queue ] Table 25-30. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module. If you specify , the switch displays the QoS statistics for all ports on the module that you specify.
80-Series QoS Resetting the QoS Statistics Use the reset port queue counters to reset the queue statistics to 0. The syntax of the command is: >reset port queue counters { | } [..., { | }] {ingress | egress | all} [queue ] Table 25-31. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
Chapter 25 Displaying the Buffer Settings for Egress Queues Use the show port queue buffer command to display the amount of memory that is assigned to each queue. The syntax of the command is: (configure)# show port queue buffer {{ | } [..., { | }] | all-ports} Table 25-32. Keywords, Arguments, and Options Keyword, Argument or Option Definition The slot number of a module.
A Upgrading the Application Software Overview Upgrading the switch software involves the following steps: 1. Backing Up the Current Software 2. Backing Up the Previous Configuration 3. Downloading Application Software 4. Setting the Startup Image 5. Synchronizing the Active and Standby Supervisor Modules 6. Resetting the Active Supervisor 7. Resetting the Standby Supervisor 8. Verifying the Upgrade This appendix contains procedures for each of these steps. CAUTION: Before downgrading the switch from v6.
Appendix A Backing Up the Current Software The Avaya Multiservice switches have two memory locations for storing the embedded switch software: APP1 and APP2. These two memory locations make it possible to store the current software in one APP location and download the new software to the other APP location. Saving the current software in one APP location ensures that you could run this earlier version of software, if you encounter any problem with the new, downloaded software.
Upgrading the Application Software Figure A-1. FEPROM Contents Web page 3. Ensure that APP1 contains the software that you want to back up. When you download the new application software, you must download it to the APP2 memory location. CLI Command To determine the APP location from which the switch loads the previous version of software, use the following command: > show flash This command displays information about the application software that is currently stored in APP1 and APP2.
Appendix A 2. Select File Management. The Configuration File Management Web page is displayed in the content pane (Figure A-2). Figure A-2. Configuration File Management Web page 3. In the Save Running-Config to Startup-Config field, select Save. 4. In the Copy Source field, select Startup-Config. * Note: The Source File name may be left unspecified 5. In the Copy Destination field, select TFTP Server. * Note: You must specify a Destination file name. 6.
Upgrading the Application Software CLI Command To back up the current configuration to a TFTP server, use the following command: # copy startup-config tftp Downloading Application Software You can download new application software from a TFTP server to an APP memory location by using either the Web agent or the CLI. CAUTION: Web Agent Procedure When upgrading the switch from v5.x application software to v6.0 or later, you must download v6.
Appendix A Figure A-3. System TFTP Update Web page 3. In the TFTP Server IP Address field, enter the IP address of the TFTP server on which the new application software is stored. 4. In the File Name field, enter the name of the binary file that you want to download. 5. In the TFTP Target Section field, select the memory location to which you want to download the new application software. 6. In the Perform Update Now field, select Update. 7.
Upgrading the Application Software Setting the Startup Image After you download the new software, you must set the switch to load the new software at startup. You can use either the Web Agent or CLI to perform this task. Web Agent Procedure To set the switch to load the new software at startup: 1. In the navigation pane, expand the System > Memory folders. 2. Select FEPROM. The FEPROM Contents Web page is displayed in the content pane (Figure A-1). 3.
Appendix A If any of these settings changed during the synchronization, the standby supervisor module automatically resets so that it is failover-ready. In earlier versions of software, you had to manually reset the standby supervisor, if these settings changed. *Important: If you are updating the boot code, you must manually reset the standby supervisor after synchronizing it with the active supervisor.
Upgrading the Application Software Figure A-4. System Reset Web Page 3. Select Yes in response to the question, Do you want to reset the switch? The switch resets and loads the new application software.
Appendix A CLI Command To reset the switch after downloading new application software, use the following CLI command: (configure)# reset Verifying the Upgrade To verify that the old Active supervisor is now the Standby supervisor, the LED display window (marquee) should scroll Standby and the software version.
B Boot Mode Boot Mode is a special mode for the Avaya P580 and P882 Multiservice switch. Boot mode is used to: ■ Recover your password ■ Download new operational code This appendix contains the following sections: ■ Accessing BOOT Mode ■ Password Recovery ■ Downloading New Operational Code Accessing BOOT Mode You can access BOOT mode during Power Up or when both operational images in APP1 and APP2 are corrupted. Accessing BOOT Mode During Power Up To access BOOT mode during power up: 1.
Appendix B Accessing BOOT Mode with Corrupted Operational Images The Avaya P580 and P882 Multiservice switch will automatically come up in BOOT mode if both operational images are corrupted. You will see the following output on your console: Starting the boot system, please wait. Initializing the event subsystem ... done Initializing the platform ... done Starting up threads ...
Boot Mode Downloading New Operational Code To download new operational code in BOOT mode into APP1 or APP2. * Note: The Avaya P580 and P882 Multiservice switches do not have an IP address assigned to the console ethernet port when it comes up in BOOT mode. Therefore, a user must assign an IP address (and default gateway) to the ethernet console port prior to attempting the TFTP download of a new operational image. 1. Ensure the ethernet console port is connected to the network for a TFTP transfer. 2.
Appendix B B-4 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
C Supported MIB Groups This appendix lists, by protocol, public and private MIBs that are supported by the Avaya P580 and P882 Multiservice switches. MIBs are categorized as follows: ■ AppleTalk ■ Application Software Management ■ ATM Uplink ■ Bridging ■ DVMRP ■ General Private MIBs ■ IGMP ■ IP ■ IPX ■ Monitoring ■ SNMP AppleTalk Standard MIB rfc1243.mib, AppleTalk MIB. Private MIB cjnatalk.mib, AppleTalk routing MIB. Application Software Management Private MIB Load.
Appendix C ATM Uplink Standard MIB lecmib.mib, MIB for LAN Emulation Client Management, as defined by the ATM Forum. Private MIB avaya1483.mib, MIB for multi-protocol over ATM encapsulation, as defined in RFC1483. Bridging Standard MIBs ■ rfc1493.mib, Bridge MIB. ■ draft-ietf-bridge-rstp-mib-03.mib, MIB for IEEE 802.1w Rapid Spanning Tree Protocol. DVMRP Private MIB cjndvmrp.mib, DVMRP MIB. General Private MIBs ■ avayagen.mib, Avaya top-level MIB definitions. ■ aveisprod.
Supported MIB Groups IP Standard MIBs Private MIBs ■ rfc2096.mib, IP Forwarding Table MIB. ■ rfc2863.mib, Interface MIB. ■ ianaiftype.mib, MIB for different interface types. ■ rfc1213.mib, MIB II. ■ rfc2011.mib, SNMPv2 MIB for IP. ■ rfc2012.mib, SNMPv2 MIB for TCP. ■ rfc2013.mib, SNMPv2 MIB for UDP. ■ rfc1850.mib, OSPF MIB. ■ rfc1724.mib, RIP-2 MIB extension. ■ draft-ietf-vrrp-mib-04.mib, VRRP Version 2 Protocol. ■ l3fwd.mib, Layer 3 switching group added to Prominet.txt.
Appendix C Monitoring Standard MIBs Private MIBs ■ rfc1757.mib, Remote network monitoring MIB. ■ rfc1513.mib, Token Ring RMON MIB. ■ rfc2856.mib, MIB for HCRMON. ■ draft-ietf-rmonmib-hcrmon-10.mib, Internet Draft RMON for High Capacity Networks. ■ rfc2021.mib for the Trap Destination Table, SNMPv2 MIB for RMON2. ■ rfc2613.mib, Module for managing remote monitoring device implementations for switched networks. ■ rfc1398.mib, Ethernet-like MIB. ■ cjnportcopyext.mib, Port Copy Extensions MIB.
D FCC Notice FCC Notice — Class A Computing Device: This equipment generates, uses, and may emit radio frequency energy. The equipment has been type tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of FCC rules, which are designed to provide reasonable protection against such radio frequency interference.
Appendix D Avertissement! Cet appareil est un appareil de Classe A. Dans un environnement résidentiel cet appareil peut provoquer des brouillages radioélectriques. Dans ce cas, il peut être demandé à l'utilisateur de prendre les mesures appropriées. D-2 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.
Index Numerics 10/100 port auto negotiation speed/duplex advertisement, 8-26, 8-27 10/100 port parameter auto-negotiation mode, 8-26 category, 8-26 duplex mode, 8-26 flow control mode, 8-26 name, 8-26 port PACE priority, 8-27 rate limit burst size, 8-27 rate limit mode, 8-27 rate limit rate, 8-27 speed mode, 8-26 10Base-T crossover patch cables, 2-5 10-port 100BASE-FX, 1-11 12-port 10/100BASE-TX, 1-11 3Com mapping table switch port configuration parameters, 8-33 A AARP invalid PDU AppleTalk global statist
Index delete all learned entries, 9-13 delete invalid learned entries, 9-13 address table instance entry type learned, 9-12 management, 9-12 multicast, 9-12 self, 9-12 address table instance hash table auto increment, 9-12 size, 9-12 address table instance parameters bucket info, 9-12 entry type, 9-12 entry validity, 9-12 hash table, 9-12 total number of entries, 9-11 VLAN association, 9-11 address table sizes controlling reconfiguration, 9-13 address table, age timer configuring, 9-9 address table, super
Index RTMP Rq Rx, 19-25 RTMP Rq Tx, 19-25 RTMP Rsp Rx, 19-25 RTMP Rsp Tx, 19-25 Short PDU in error, 19-24 too long, 19-24 too short, 19-24 TTL expired, 19-24 viewing, 19-23, 19-25 Zip Ext Reply Rx, 19-25 Zip Ext Reply Tx, 19-25 Zip GNI Rq Rx, 19-25 Zip GNI Rq Tx, 19-25 Zip GNI Rsp Rx, 19-25 Zip GNI Rsp Tx, 19-25 Zip Query Rx, 19-25 Zip Query Tx, 19-25 Zip Reply Rx, 19-25 Zip Reply Tx, 19-25 AppleTalk interface deleting, 19-9 AppleTalk interface parameters admin state, 19-6 encapsulation type, 19-5 interfac
Index router port display parameters, 20-9 area LSA detail, 15-27 OSPF interface parameters, 15-10 OSPF summaries parameters, 15-17 OSPF virtual link parameters, 15-14 area ID OSPF area parameters, 15-6 OSPF link parameters, 15-21 OSPF link state database parameter, 15-26 OSPF link state database search parameters, automatic router pruning automatic router pruning, 20-7 automatic session pruning automatic session pruning, 20-7 automatic VLAN creation, 6-4, 6-7 Cisco Catalyst 5000 parameters, 8-35 switch p
Index IP global configuration parameters, 12-12 border Rtrs OSPF statistical parameters, 15-20 bridge forward delay spanning tree bridge level parameters, 7-12 bridge hello time spanning tree bridge level parameters, 7-12 bridge max age spanning tree bridge level parameters, 7-12 bridge port spanning tree bridge port parameters, 7-15 bridge port parameters bridge port, 7-15 designated bridge, 7-16 designated cost, 7-16 designated port, 7-16 designated root, 7-16 forward transitions, 7-16 name, 7-15 port, 7
Index VTP snooping parameters, 6-31 configure, 20-9, 20-10 configure ports gigabit module, 8-12, 8-16, 8-21, 8-27 configure source port mirroring information parameters, 23-9 configure static router ports static router ports, 20-9, 20-10 configuring switch port, 8-29 configuring a DNS client, 11-1 configuring a Fast Ethernet module, 8-21 configuring a redundant CPU, 10-10 configuring a redundant element, 10-9 configuring all VLAN ports, 6-10 configuring an IPX router, 16-4, 16-5 configuring AppleTalk routi
Index create a Custom Access Type, 2-13 creating, 12-19 Creating 3Com Mapping Tables Using the Web Agent, 6-13 creating a BOOTP/DHCP server entry, 12-24, 12-25 creating a multinet interface, 12-15 creating a static client port, 20-18, 20-19 creating a VRRP router, 12-74 creating access rules for filtering traffic between subnets, 13-14 creating an AppleTalk interface, 19-4, 19-7 creating an AppleTalk static route, 19-10 creating an AppleTalk zone filter, 19-19 creating an IP interface, 12-4, 12-10 creating
Index forwarding interface, 12-66 designated port spanning tree bridge port parameters, 7-16 designated root spanning tree bridge port parameters, 7-16 destination address Layer 3 route cache search parameters, 22-8 destination filename configuration file management, 2-43 destination group address DVMRP downstream link parameters, 12-70 DVMRP multicast forwarding cache parameters, 12-68 DVMRP upstream source parameters, 12-71 IGMP local multicast forwarding cache parameters, 12-57 upstream prune informati
Index DVMRP downstream dependent router DVMRP supported major/minor version, 12-67 found on interface, 12-67 router is SNMP manageable, 12-67 router network address, 12-67 router received probe from this router, 12-67 router supports generation ID function, 12-67 router supports prune function, 12-67 DVMRP downstream interface DVMRP downstream link parameters, 12-70 DVMRP downstream link parameters destination group address, 12-70 DVMRP downstream interface, 12-70 interface is pruned, 12-71 interface type,
Index router cost to source network, 12-65 router network address, 12-65 viewing, 12-65 DVMRP upstream source parameters destination group address, 12-71 destination port number, 12-71 flow source address, 12-71 flow upstream interface, 12-71 payload protocol type, 12-71 source port number, 12-71 DVMRP upstream sources, 12-71 E echo reply rx AppleTalk global statistics, 19-24 echo req rx AppleTalk global statistics, 19-24 echo req tx AppleTalk global statistics, 19-24 editing an AppleTalk static route, 19
Index event configuration accessing, 21-4, 21-10 event ID event and shutdown log entries, 21-12 event log (switch event) definition, 21-3 event log wraps event statistics, 21-14 event notification configuring, 21-4 event statistics event log wraps, 21-14 events dropped due to event system queue full, 21-14 events dropped due to overload of event system, 21-14 viewing, 21-7, 21-10, 21-13 events dropped due to event system queue full event statistics, 21-14 events dropped due to overload of event system ev
Index type, 22-11 forwarding cache statistics monitoring, 22-4 forwarding interface designated forwarder(s) table parameters, 12-66 forwarding rules VLAN, 6-5 forwarding state (spanning tree bridge port), 7-16 found on interface DVMRP downstream dependent router, 12-67 DVMRP neighbor routers, 12-62 DVMRP upstream routers, 12-65 fragments Ethernet interface statistical parameters, 23-6 Frame Classification, 1-17 frame format VLAN switch port table parameters, 6-12 frame forwarding cache displaying statistic
Index group multicast protocol IGMP group membership table parameters, 12-56 group reporter address IGMP group membership table parameters, 12-56 group reports received IGMP interface statistical parameters, 12-54 H hardware requirements for routing, 12-3, 16-4 hash mode Layer 3 cache configuration, 22-3 hash table address table instance parameters, 9-12 hello interval OSPF interface parameters, 15-10 OSPF virtual link parameters, 15-14 hello time spanning tree bridge level parameters, 7-12 high and norma
Index IEEE 802.3X PAUSE, 24-2 IEEE802.
Index LGMP server display per VLAN parameters, 20-27 intelligent multicasting, 20-5, 20-9, 20-10 interface add IP interface parameters, 12-8 AppleTalk ARP cache table statistics, 19-30 AppleTalk interface parameters, 19-5 AppleTalk interface statistics, 19-26 AppleTalk NBP filter parameters, 19-16 AppleTalk NBP table parameters, 19-33 AppleTalk route table statistics, 19-28 AppleTalk zone filter parameters, 19-20 creating a VRRP virtual router, 12-74, 12-78 DVMRP interface parameters, 12-38 DVMRP interfac
Index filtering Web traffic example, 13-13 IP address ARP cache search parameters, 12-50 DVMRP interface parameters, 12-38 IGMP interface parameters, 12-33 IGMP interface statistical parameters, 12-53 IP routing table search parameters, 12-47 IP static ARP parameters, 12-23 OSPF interface parameters, 15-10 OSPF link parameters, 15-21 OSPF neighbors parameters, 15-23 RIP statistical parameters, 14-9, 14-11 static multicast session configuration parameters, 20-16 static multicast session parameters, 20-18 V
Index IP routing global statistics, 12-43 IP routing global statistics BOOTP/DHCP in discards, 12-46 BOOTP/DHCP in hops exceeded, 12-46 BOOTP/DHCP in requests, 12-45 BOOTP/DHCP in responses, 12-46 BOOTP/DHCP out requests, 12-46 BOOTP/DHCP out responses, 12-46 ICMP in address mask reply, 12-44 ICMP in address mask requests, 12-44 ICMP in destination unreachable, 12-44 ICMP in echo replies, 12-44 ICMP in echo requests, 12-44 ICMP in errors, 12-44 ICMP in messages, 12-43 ICMP in parameter problems, 12-44 ICMP
Index node number, 16-1 RIP interfaces, 17-1 routing table statistics, 16-20 searching the route table, 16-18 searching the service table, 16-21 socket number, 16-1 IPX datagram fields checksum, 16-2 destination network, 16-3 destination node, 16-3 destination socket, 16-3 packet length, 16-2 packet type, 16-3 source network, 16-3 source node, 16-3 source socket, 16-3 transport control, 16-2 IPX datagram structure, 16-2 IPX forward datagrams IPX global parameters, 16-17 IPX global parameters, 16-5, 16-9 in
Index ticks, 16-20 TTL, 16-20 IPX route table search, 16-18 IPX route table statistics examining, 16-20 IPX router configuring, 16-4, 16-5 IPX routing IPX routing, 16-5 IPX routing global statistics, displaying, 16-16, 16-18 IPX routing table search parameters interface, 16-19 network number, 16-19 source, 16-19 IPX routing table statistics current number of routes, 16-21 peak number of routes, 16-21 route add failures, 16-21 IPX SAP filter parameters direction, 18-5 filter/suppress, 18-6 hops, 18-6 interf
Index service name, 16-14 socket, 16-14 type, 16-14 IPX static service parameters, 16-13 IPX static services creating, 16-12, 16-15 IPX syntax example, 16-1 IRDP, 12-83 enabling on an interface, 12-83 IRDP overview, 12-83 IRDP parameters adv. address, 12-84 advertisement life time, 12-84 interface, 12-84 IRDP state, 12-84 max.
Index settings, 12-86 LDAP configuration parameters primary server IP address, 12-87 primary server port, 12-87 search base, 12-88 secondary server IP address, 12-87 secondary server port, 12-88 LDAP statistics consumer signal, 12-90 last change, 12-89 producer signal, 12-89 learned entries delete invalid learned entries, 9-13 learning state (spanning tree bridge port), 7-16 LEDs port (10/100 module), 21-2 LGMP client configuration parameters enable state, 20-29 intelligent multicast session statistics, 20
Index type, 15-27 LSAs OSPF statistical parameters, 15-20 M MAC Address search, 9-14, 9-15 MAC address address forwarding table parameters, 9-17 AppleTalk ARP cache table statistics, 19-30 filtering, 9-14, 9-15 IP static ARP parameters, 12-23 multicast session parameters, 20-12 static multicast session configuration parameters, 20-17 static multicast session parameters, 20-18 switch port parameter, 8-41 MAC address value adding, 9-19 MAC format add IP interface parameters, 12-9 managing buffers and queue
Index Modifying the DVMRP Global Configuration Using the CLI, 12-39 module features, 1-10 modules & ports, 6-30, 8-12, 8-16, 8-21, 8-28, 8-29, 8-39 monitoring switch performance IP routing statistics, 12-40 OSPF, 15-18 Monitoring the Forwarding Cache Statistics, 22-4 month summer time hours configuration, 3-9 multicast forwarding description, 12-30 multicast forwarding cache displaying, 12-68 multicast packets Ethernet interface statistical parameters, 23-5 multicast protocol add IP interface parameters, 1
Index AppleTalk static route, 19-11 network range start AppleTalk interface parameters, 19-6 AppleTalk static route, 19-11 new client ports added IGMP snooping, 20-21 new router ports added IGMP snooping, 20-21 new sessions created IGMP snooping, 20-21 next hop AppleTalk route table statistics, 19-28 next probe message in sec DVMRP interface statistical parameters, 12-60 next pruned downstream interface to timeout DVMRP multicast forwarding cache parameters, 12-69 next query request in sec IGMP interface
Index static ext type, 15-5 static low ext type, 15-5 OSPF inter-area routes IP global configuration parameters, 12-13 OSPF interface parameters area, 15-10 authentication, 15-11 cost, 15-11 dead interval, 15-11 DR priority, 15-10 hello interval, 15-10 interface, 15-10 IP address, 15-10 key, 15-11 MD5 key ID, 15-11 poll interval, 15-11 retransmit interval, 15-10 transit delay, 15-10 OSPF interfaces modifying, 15-9 OSPF link parameters area ID, 15-21 BDR address, 15-21 DR address, 15-21 DR router ID, 15-21
Index owner AppleTalk route table statistics, 19-28 P packet length IPX datagram fields, 16-2 packet tracing enabling, 21-8, 21-10 packet type IPX datagram fields, 16-3 packets Ethernet interface statistical parameters, 23-4 packets forwarded through cache entry DVMRP multicast forwarding cache parameters, 12-69 IGMP local multicast forwarding cache parameters, 12-57 parity console serial port settings, 2-28 path cost spanning tree bridge port information parameters, 7-18 payload protocol type DVMRP upst
Index PPP console settings baud rate, 2-28 flow control, 2-28 PPP console static route configuring, 12-90 PPP serial port console, 2-34 regaining access to the CLI, 2-32 PRE forwarding cache (FE) parameters, 22-11 Layer 3 route cache search parameters, 22-8 precedence IPX RIP filter parameters, 17-5 IPX SAP filter parameters, 18-5 IPX SAP network filter parameters, 18-8 preference IP static route parameters, 12-20 preferences IRDP parameters, 12-84 primary controller replacing, 10-8 primary server RADIUS c
Index rate limit burst size 10/100 port parameter, 8-27 rate limit mode 10/100 port parameter, 8-27 rate limit rate 10/100 port parameter, 8-27 realm RADIUS configuration parameters, 4-27 receive new LSA count OSPF statistical parameters, 15-20 receive version RIP interface parameters, 14-4 recurring summer time hours configuration, 3-8 redundant CPU configuring, 10-10 redundant element, 10-4 configuring, 10-9 Related Documentation, 0-xx Related documents, 0-xx Remote Authentication Dial-In User Service (R
Index route add failures IPX routing table statistic, 16-21 route metric DVMRP route table parameters, 12-64 route preference by protocol IP global configuration parameters, 12-13 router cost to source network DVMRP upstream routers, 12-65 router ID LSA detail, 15-27 OSPF global configuration parameters, 15-4 OSPF link state database parameter, 15-26 OSPF link state database search parameters, 15-25 OSPF neighbors parameters, 15-23 OSPF statistical parameters, 15-20 OSPF virtual link parameters, 15-14 rou
Index LGMP server configuration parameters, 20-24 service name IPX service table search parameter, 16-23 IPX static service parameter, 16-14 service port status event class parameters, 21-6 service ratio (queues), 1-20, 24-2 service type IPX service table search parameter, 16-23 session ID multicast session parameters, 20-12 session pruning timer session pruning timer, 20-7 session search intelligent multicast, 20-10, 20-13 sessions destroyed IGMP snooping, 20-21 set recurring summer time hours, 3-5, 3-9 s
Index name, 7-15 port, 7-15 state, 7-16 spanning tree mode switch port configuration parameters, 8-32 speed mode 10/100 port parameter, 8-26 SPF hold time OSPF global configuration parameters, 15-4 SPF runs OSPF statistical parameters, 15-20 SPF suspend OSPF global configuration parameters, 15-4 split horizon RIP interface parameters, 14-4 stale drops buffer management table parameters, 24-6 STAP mode switch port parameter, 8-41 start event class parameters, 21-6 one-time summer time hours configuration, 3
Index managing, 2-40 switch description, 1-1 switch fabric event class parameters, 21-6 switch features crossbar switch fabric, overview, 1-4, 1-6 switch port configuring, 8-29 switch port configuration parameters 3Com mapping table, 8-33 allow learning, 8-32 automatic VLAN creation, 8-31 frame tags, 8-31 hunt group, 8-32 known mode, 8-32, 8-33 mirror port, 8-33 port VLAN, 8-31 spanning tree mode, 8-32 trunk mode, 8-31 VLAN binding, 8-31 VTP snooping, 8-31 switch port parameters hunt group, 8-41 links, 8-4
Index IPX datagram fields, 16-2 triggered updates IPX SAP interface parameters, 18-3 RIP global configuration parameters, 14-3 triggered updates sent IPX SAP interface statistical parameters, 17-9, 18-12 RIP statistical parameters, 14-11 trunk mode Cisco Catalyst 5000, parameters, 8-34 switch port configuration parameters, 8-31 switch port parameter, 8-41 TTL AppleTalk ARP cache table statistics, 19-30 IPX route table parameter, 16-20 IPX service table parameter, 16-24 purge, 14-2 TTL expired AppleTalk gl
Index upstream router DVMRP route table parameters, 12-64 upstream source IGMP local multicast forwarding cache parameters, 12-57 upstream sources, 12-71 DVMRP multicast forwarding cache parameters, viewing, 12-69 use default route use default route, 16-5 use default route for proxy ARP IP global configuration parameters, 12-12 use interpacket gap IPX SAP interface parameters, 18-2 use max packet size IPX SAP interface parameters, 18-2 user accounts setting up, 2-19 user port status event class paramete
Index auto increment HT size, 6-10 initial hash table size, 6-10 VLAN considerations, 6-7 VLAN exchange parameters updater timestamp, 6-31 VLAN operation ingress rules, 6-4 VLAN Operational Rules, 8-7 VLAN spanning tree bridge level parameters bridge forward delay, 7-12 bridge hello time, 7-12 bridge max age, 7-12 forward delay, 7-12 hello time, 7-12 max age, 7-12 mode, 7-11 priority, 7-12 VLAN switch port table parameters binding type, 6-12 frame format, 6-12 port, 6-11 port name, 6-11 VLAN trunking, defi
Index AppleTalk interface parameters, 19-6 AppleTalk NBP table parameters, 19-33 AppleTalk static route, 19-11 zone filter adding interfaces, 19-21, 19-22 creating, 19-19 deleting interfaces, 19-21, 19-22 editing, 19-20 zones AppleTalk route table statistics, 19-28 IN-36 User Guide for the Avaya P580 and P882 Multiservice Switches, v6.