3Com SuperStack 3 3812 Implementation Manual
  1. Manuals
  2. Brands
  3. 3Com Manuals
  4. Switch
  5. SuperStack 3 3812
  6. Implementation manual

3Com SuperStack 3 3812 Implementation Manual

3com superstack 3 3812: supplementary guide
Hide thumbs Also See for SuperStack 3 3812:
Table of Contents

Advertisement

Quick Links

SuperStack
Switch 3848
Implementation Guide
3C17401
3C17400
3CR17402-91
http://www.3com.com/
Part No. DUA1740-0BAA02
Published September 2004
3 Switch 3812, Switch 3824 and
®

Advertisement

Table of Contents
loading

Related Manuals for 3Com SuperStack 3 3812

Summary of Contents for 3Com SuperStack 3 3812

  • Page 1 SuperStack Switch 3848 Implementation Guide 3C17401 3C17400 3CR17402-91 http://www.3com.com/ Part No. DUA1740-0BAA02 Published September 2004 3 Switch 3812, Switch 3824 and ®...
  • Page 2 3Com Corporation reserves the right to revise this documentation and to make changes in content from time USA 01752-3064 to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose.

  • Page 3: Table Of Contents

    ONTENTS BOUT UIDE Conventions Related Documentation Documentation Comments WITCH EATURES What is Management Software? Switch Features Explained Aggregated Links Auto-negotiation Configuration Save and Restore Multicast Filtering Rapid Spanning Tree Protocol Switch Database Traffic Prioritization Rate Limiting RMON Broadcast Storm Control VLANs Automatic IP Configuration Port Security...
  • Page 4 Aggregated Links and Your Switch Aggregated Link — Manual Configuration Example Jumbo Frames Implementing Jumbo Frames Jumbo Frames — Simple Network Example SING ULTICAST What is an IP Multicast? Benefits of Multicast Multicast Filtering Multicast Filtering and Your Switch IGMP Multicast Filtering How IGMP Supports IP Multicast Electing the Querier Host Messages...
  • Page 5 SING RAFFIC ANAGEMENT What is Traffic Prioritization? Traffic Prioritization and your Switch How Traffic Prioritization Works 802.1D traffic classification DiffServ traffic classification IP Port traffic classification Traffic Queues Limiting the Rate of a Port Traffic Prioritization and Rate Limiting TATUS ONITORING AND RMON What is RMON?
  • Page 6 Server Support Event Log Entries and Traps AKING Securing Access to the Web Interface Getting a Digital Certificate Securing Access to the Command Line Interface Access Control Lists How Access Control List Rules Work Port Security What is Network Login? How Network Login Works Important Considerations What is Switch Management Login?
  • Page 7 LOSSARY NDEX...

  • Page 9: About This Guide

    Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch or on the 3Com Web site. If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes.
  • Page 10 BOUT UIDE Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: http://www.3com.com/...

  • Page 11: Conventions

    Conventions Table 1 Table 1 Notice Icons Table 2 Text Conventions Convention Screen displays This typeface represents information as it appears on the Syntax Commands The words “enter” and “type” Keyboard key names If you must press two or more keys simultaneously, the key Words in italics Table 2 list conventions that are used throughout this guide.

  • Page 12: Related Documentation

    Web interface and Command Line Interface ■ commands for the Switch. Release Notes These notes provide information about the current software release, including new features, modifications, and known problems. Documentation accompanying 3Com Network Supervisor. This is supplied on the CD-ROM that accompanies the Switch.

  • Page 13: Documentation Comments

    ■ ■ Please note that we can only respond to comments and questions about 3Com product documentation at this e-mail address. Questions related to technical support or sales should be directed in the first instance to your network supplier. Document title...
  • Page 14 BOUT UIDE...

  • Page 15: Switch Features

    This chapter contains introductory information about the Switch management software and supported features. It covers the following topics: ■ ■ For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 16: Switch Features Explained

    1: S HAPTER WITCH EATURES Switch Features The management software provides you with the capability to change the Explained default state of some of the Switch features. This section provides a brief overview of these features — their applications are explained in more detail later in this guide.

  • Page 17: Configuration Save And Restore

    ■ ■ ■ Bandwidth”. 3Com recommends the Switch unit is reset to its factory default settings before you restore a configuration onto it. You can reset the Switch using the system control initialize System > Control > Initialize Web interface operation.

  • Page 18: Multicast Filtering

    1: S HAPTER WITCH EATURES For further information about LACP, see Bandwidth”. ■ For detailed descriptions of the Configuration Save and Restore Web interface operations and Command Line Interface (CLI) commands, please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 19: Switch Database

    RSTP allows you to implement alternative paths for network traffic in the event of path failure and uses a loop-detection process to: ■ ■ ■ ■ RSTP is an enhanced version of STP (Spanning Tree Protocol) and is fully compatible with STP systems. RSTP can restore a network connection quicker than the legacy STP feature.

  • Page 20: Rmon

    1: S HAPTER WITCH EATURES RMON Remote Monitoring (RMON) is an industry standard feature for traffic monitoring and collecting network statistics. The Switch software continually collects statistics about the LAN segments connected to the Switch. If you have a management workstation with an RMON management application, the Switch can transfer these statistics to your workstation on request or when a pre-defined threshold is exceeded.

  • Page 21: Port Security

    Port Security Your Switch supports the following port security modes, which you can set for an individual port or a range of ports: No Security ■ Port security is disabled and all network traffic is forwarded through the port without any restrictions. Learning Off ■...
  • Page 22 1: S HAPTER WITCH EATURES VERVIEW...

  • Page 23: Optimizing Bandwidth

    There are many ways you can optimize the bandwidth on your network and improve network performance. If you utilize certain Switch features you can provide the following benefits to your network and end users: ■ ■ ■ ■ ■ For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 24: Flow Control

    2: O HAPTER PTIMIZING ANDWIDTH To communicate effectively, both devices at either end of a link must use the same duplex mode. If the devices at either end of a link support auto-negotiation, this is done automatically. If the devices at either end of a link do not support auto-negotiation, both ends must be manually set to full duplex or half duplex accordingly.

  • Page 25: Aggregated Links

    Ports at both ends of the link should be set to auto-negotiate. Aggregated Links Aggregated links are connections that allow devices to communicate using two member links in parallel. Aggregated links provide the following benefits: ■ ■ The Switch 3812 and Switch 3824 support a maximum of 12 aggregated links;...
  • Page 26 2: O HAPTER PTIMIZING ANDWIDTH If a member link in an aggregated link fails, the traffic using that link is dynamically reassigned to the remaining member links in the aggregated link. physical links, form an aggregated link. In this example, if link 1 fails, the data flow between X and B is remapped to physical link 2.

  • Page 27: Implementing 802.3Ad Aggregated Links

    Implementing 802.3ad Aggregated Links Aggregated Links and Your Switch LACP can be enabled or disabled on a per port basis. You can implement 802.3ad aggregated links in two ways: Manual Aggregations — You can manually add and remove ports to ■...
  • Page 28 2: O HAPTER PTIMIZING ANDWIDTH When using an aggregated link, note that: ■ ■ ■ ■ Traffic Distribution and Link Failure on Aggregated Links To maximize throughput, all traffic is distributed across the individual links that make up an aggregated link. Therefore, when a packet is made available for transmission down an aggregated link, a hardware-based traffic distribution mechanism determines which particular port in the link should be used.

  • Page 29: Aggregated Link - Manual Configuration Example

    If the link state on any of the ports in an aggregated link becomes inactive due to link failure, then the Switch will automatically redirect the aggregated link traffic to the remaining ports. Aggregated links therefore provide built-in resilience for your network. The Switch also has a mechanism to prevent the possible occurrence of packet re-ordering when a link recovers too soon after a failure.

  • Page 30: Jumbo Frames

    2: O HAPTER PTIMIZING ANDWIDTH 3 Connect port 5 on the core Switch to port 47. 4 Connect port 7 on the core Switch to port 48. Jumbo Frames On a standard Ethernet network, the maximum size of a frame is 1518 bytes (1522 bytes if the frame is VLAN tagged);...
  • Page 31 Figure 4 Simple network with jumbo frames To create the network shown in Figure 4 1 Connect the servers to a jumbo frames compliant switch. In this example a Switch 3812 has been used. 2 Turn on the jumbo frames support for this switch. 3 Configure the servers connected to the switch to use jumbo frames to communicate with each other.
  • Page 32 2: O HAPTER PTIMIZING ANDWIDTH...

  • Page 33: Using Multicast Filtering

    Multicast filtering improves the performance of networks that carry multicast traffic. This chapter explains multicasts, multicast filtering, and how multicast filtering can be implemented on your Switch. It covers the following topics: ■ ■ ■ For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 34: Benefits Of Multicast

    3: U HAPTER SING ULTICAST A multicast packet is identified by the presence of a multicast group address in the destination address field of the packet’s IP header. Benefits of Multicast The benefits of using IP multicast are that it: ■...

  • Page 35: Multicast Filtering And Your Switch

    Multicast Filtering Figure 5 The effect of multicast filtering Multicast Filtering Your Switch provides automatic multicast filtering support using IGMP and Your Switch (Internet Group Management Protocol) Snooping. It also supports IGMP query mode. Snooping Mode Snooping Mode allows your Switch to forward multicast packets only to the appropriate ports.

  • Page 36: Igmp Multicast Filtering

    3: U HAPTER SING ULTICAST IGMP Multicast IGMP is the system that all IP-supporting network devices use to register Filtering endstations with multicast groups. It can be used on all LANs and VLANs that contain a multicast capable IP router and on other network devices that support IP.

  • Page 37: How Igmp Supports Ip Multicast

    How IGMP IGMP provides a way for routers and switches to learn where group Supports IP members exist on a network, and thus provides a critical function in the IP Multicast multicast packet delivery process. Electing the Querier On each subnetwork or broadcast domain (VLAN), the communication between routers, switches, and group members begins with one IGMP-capable device being elected as the querier - that is, the device that asks all hosts to respond with a report of the IP multicast groups that they...

  • Page 38: Role Of Igmp In Ip Multicast Filtering

    3: U HAPTER SING ULTICAST ILTERING Join Message Rather than wait for a query, a host can also send an IGMP report on its own initiative to inform the querier that it wants to begin receiving a transmission for a specific group (perhaps by clicking a Go or Start button on the client interface).

  • Page 39: Using Resilience Features

    SING ESILIENCE EATURES Setting up resilience on your network helps protect critical links against failure, protects against network loops, and reduces network downtime to a minimum. The Switch provides resilient links using the Rapid Spanning Tree Protocol (RSTP). The protocol configures itself automatically based on the surrounding network and is compatible with switches that use either the Spanning Tree Protocol (STP) or RSTP.

  • Page 40: Rapid Spanning Tree Protocol

    4: U HAPTER SING ESILIENCE Rapid Spanning The Rapid Spanning Tree Protocol makes your network more resilient to Tree Protocol link failure and also provides a protection from loops — one of the major causes of broadcast storms. RSTP is enabled by default on your Switch. To be fully effective, RSTP or STP must be enabled on all Switches in your network.

  • Page 41: What Is Stp

    What is STP? STP (802.1D) is a bridge-based system that allows you to implement parallel paths for network traffic and uses a loop-detection process to: ■ ■ RSTP provides the same functionality as STP. For details on how the two systems differ, see As an example, separated by three bridges.
  • Page 42 4: U HAPTER SING ESILIENCE EATURES Figure 7 Traffic flowing through Bridges C and A If a link failure is detected, as shown in Figure 8, the STP process reconfigures the network so that traffic from LAN segment 2 flows through Bridge B.

  • Page 43: How Stp Works

    How STP Works When enabled, STP determines the most appropriate path for traffic through a network. It does this as outlined in the sections below. STP Requirements Before it can configure the network, the STP system requires: ■ ■ ■ Table 3 Default port costs STP Calculation The first stage in the STP process is the calculation stage.

  • Page 44: Stp Configuration

    4: U HAPTER SING ESILIENCE ■ ■ STP Configuration After all the bridges on the network have agreed on the identity of the Root Bridge, and have established the other relevant parameters, each bridge is configured to forward traffic only between its Root Port and the Designated Bridge Ports for the respective network segments.

  • Page 45: How Rstp Differs To Stp

    How RSTP Differs to RSTP works in a similar way to STP, but it includes additional information in the BPDUs. This information allows each bridge to confirm that it has taken action to prevent loops from forming when it wants to enable a link to a neighbouring bridge.

  • Page 46: Stp Configurations

    4: U HAPTER SING ESILIENCE ■ ■ ■ ■ STP Configurations Figure 10 Switch units. ■ ■ ■ EATURES Because Bridge A is the Root Bridge, it is also the Designated Bridge for LAN segment 1. Port 1 on Bridge A is therefore selected as the Designated Bridge Port for LAN Segment 1.
  • Page 47 How STP Works Figure 10 STP configurations Switch Block Switch Switch Switch Block Switch Block Block 10Mbps Hub...

  • Page 48: Using Stp On A Network With Multiple Vlans

    4: U HAPTER SING ESILIENCE Using STP on a The IEEE Std 802.1D, 1998 Edition does not take into account VLANs Network with when it calculates STP information — the calculations are only performed Multiple VLANs on the basis of physical connections. For this reason, some network configurations can result in VLANs being subdivided into a number of isolated sections by the STP system.

  • Page 49: Using The

    What is the Switch The Switch Database is used by the Switch to determine where a packet Database? should be forwarded to, and which port should transmit the packet if it is to be forwarded. The database contains a list of entries — each entry contains three items: ■...

  • Page 50: Switch Database Entry States

    5: U HAPTER SING THE WITCH Switch Database Databases entries can have three states: Entry States ■ ■ ■ ATABASE Learned — The Switch has placed the entry into the Switch Database when a packet was received from an endstation. Note that: Learned entries are removed (aged out) from the Switch Database ■...

  • Page 51: Using Traffic Management

    Using the traffic management capabilities of your Switch allows your network traffic to be controlled and prioritized to ensure that high priority data is transmitted with minimum delay. Your Switch has two features that allow you to manage the traffic on your network: ■...

  • Page 52: Traffic Prioritization And Your Switch

    When a packet comes in with both 802.1D and DSCP priority markings, the higher of the priorities will be used. Configuring traffic prioritization for CoS Switch QoS can be configured on your Switch using the 3Com Network Supervisor or via the Command Line Interface (CLI). ANAGEMENT Financial applications —...

  • Page 53: How Traffic Prioritization Works

    The 3Com Network Supervisor application supplied on the CD-ROM accompanying your Switch is the main tool for configuring QoS, and 3Com recommends that you use this application to configure QoS. You can also configure QoS via the command line interface (CLI), for a...

  • Page 54: D Traffic Classification

    6: U HAPTER SING RAFFIC ■ ■ ■ These methods can be used together. If a packet is prioritized differently by the two methods then it will be tagged with the higher priority. 802.1D traffic At layer 2, a traffic service class is defined in 802.1Q frame, which is able classification to carry VLAN identification and user priority information.

  • Page 55: Diffserv Traffic Classification

    Figure 12 IEEE 802.1D traffic types Ingress Port Figure 12 levels and how they are mapped to the eight supported traffic queues. DiffServ traffic DiffServ is an alternative method of classifying traffic so that different classification levels of service can be applied to it on a network. DiffServ is a layer 3 function;...

  • Page 56: Ip Port Traffic Classification

    6: U HAPTER SING RAFFIC Figure 13 DSCP Service Level Mapping Figure 13 mapped to the eight Traffic Queues. IP Port traffic The Switch supports classification of traffic from legacy devices by classification classifying traffic by its IP port number. When an IP packet is transmitted it is always tagged with an IP port number.

  • Page 57: Limiting The Rate Of A Port

    The Switch uses the following queuing mechanisms: ■ ■ Traffic queues cannot be enabled on a per-port basis on the Switch. Limiting the Rate of Limiting the rate at which a port can receive or send traffic can be used to a Port ease congestion on bottlenecks in your network and provide simple prioritization when the network is busy.
  • Page 58 6: U HAPTER SING RAFFIC ANAGEMENT Traffic prioritization and rate limiting are best used together if the egress rate rather than the ingress rate is limited on a port; the traffic rate leaving the Switch is limited rather than the traffic arriving at the Switch. This ensures that the traffic is prioritized before rate limiting is applied and the lowest priority packets are dropped first.

  • Page 59: Status Monitoring And Statistics

    This chapter contains details of the Remote Monitoring (RMON) feature that assists you with status monitoring and statistics. For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 60: The Rmon Groups

    7: S HAPTER TATUS ONITORING AND TATISTICS The RMON Groups The IETF define groups of Ethernet RMON statistics. This section describes the four groups supported by the Switch, and details how you can use them. Statistics The Statistics group provides traffic and error statistics showing packets, bytes, broadcasts, multicasts and errors on a LAN segment or VLAN.

  • Page 61: Benefits Of Rmon

    Benefits of RMON Using the RMON features of your Switch has three main advantages: ■ ■ ■ RMON and the The RMON support provided by your Switch is detailed in Switch Table 4 RMON support supplied by the Switch It improves your efficiency Using RMON allows you to remain at one workstation and collect information from widely dispersed LAN segments or VLANs.

  • Page 62: Alarm Events

    7: S HAPTER TATUS ONITORING AND Table 4 RMON support supplied by the Switch RMON group Alarms Events When using the RMON features of the Switch, note the following: ■ Alarm Events You can define alarms for the Switch. The events that you can define for each alarm and their resulting actions are listed in Table 5 Alarm Events Event...

  • Page 63: Setting U P Virtual Lans

    Setting up Virtual LANs (VLANs) on your Switch increases the efficiency of your network by dividing the LAN into logical, rather than physical, segments which are easier to manage. This chapter explains more about the concept of VLANs and explains how they can be implemented on your Switch.

  • Page 64: Benefits Of Vlans

    8: S HAPTER ETTING IRTUAL Figure 14 A network setup showing three VLANs Benefits of VLANs The main benefit of VLANs is that they provide a network segmentation system that is far more flexible than any traditional network. Using VLANs also provides you with three other benefits: ■...

  • Page 65: Vlans And Your Switch

    ■ VLANs and Your Your Switch provides support for VLANs using the IEEE Std 802.1Q-1998. Switch This standard allows traffic from multiple VLANs to be carried across one physical link. The IEEE Std 802.1Q-1998 allows each port on your Switch to be placed ■...

  • Page 66: Communication Between Vlans

    8: S HAPTER ETTING IRTUAL Communication If the devices placed in a VLAN need to communicate to devices in a Between VLANs different VLAN, a router or Layer 3 switching device with connections to both VLANs needs to be installed. Communication between VLANs can only take place if they are all connected to a routing or Layer 3 switching device.

  • Page 67: Vlan Configuration Examples

    The IEEE Std 802.1Q-1998 defines how VLANs operate within an open packet-switched network. An 802.1Q compliant packet carries additional information that allows a Switch to determine to which VLAN the port belongs. If a frame is carrying the additional information, it is known as tagged.

  • Page 68: Using 802.1Q Tagged Connections

    8: S HAPTER ETTING IRTUAL Figure 16 VLAN configuration example: Using untagged connections To set up the configuration shown in 1 Configure the VLANs Define VLAN 2 on the Switch. VLAN 1 is the default VLAN and already exists. 2 Add ports to the VLANs Add ports 10, 11 and 12 of the Switch as untagged members to VLAN 2.
  • Page 69 Figure 17 VLAN configuration example: 802.1Q tagged connections Endstation in VLAN 1(untagged) Endstation in VLAN 2 (untagged) Switch 1 Port 12 VLANs 1 and 2 (802.1Q tagged) Server in VLAN1 (untagged) To set up the configuration shown in 1 Configure the VLANs on Switch 1 Define VLAN 2.
  • Page 70 8: S HAPTER ETTING IRTUAL 7 Check the VLAN membership for both Switches The relevant ports should be listed in the VLAN members summary. 8 Connect the Switches Connect port 12 on Switch 1 to port 11 on Switch 2. The VLANs are now configured and operational and the endstations in both VLANs can communicate with their relevant servers.

  • Page 71: Using Automatic Ip Configuration

    SING ONFIGURATION This chapter explains more about IP addresses and how the automatic configuration option works. It covers the following topics: How Your Switch Obtains IP Information ■ How Automatic IP Configuration Works ■ Important Considerations ■ For detailed information on setting up your Switch for management, see the Getting Started Guide that accompanies your Switch.

  • Page 72: How Your Switch Obtains Ip Information

    9: U HAPTER SING UTOMATIC How Your Switch Your Switch has two ways to obtain its IP address information: Obtains IP Information ■ ■ If you select an option for no IP configuration the Switch will not be accessible from a remote management workstation on the LAN. In addition, the Switch will not be able to respond to SNMP requests.

  • Page 73: Important Considerations

    Important This section contains some important points to note when using the Considerations automatic IP configuration feature. The dynamic nature of automatically configured IP information means that a Switch may change its IP address whilst in use. Server Support Your Switch has been tested to interoperate with DHCP servers that use the following operating systems: ■...
  • Page 74 9: U IP C HAPTER SING UTOMATIC ONFIGURATION...

  • Page 75: Making Your Network Secure

    This chapter outlines the Port Security and Switch Management Login features, explains the key benefits of using these features, and gives examples of how and why you would use them in your network. For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.

  • Page 76: Getting A Digital Certificate

    10: M HAPTER AKING Once you have set up your Switch to support HTTPS, you can optionally stop unencrypted administration by redirecting HTTP accesses (port 80) to port 443 (the port used by HTTPS). The Switch can be configured to redirect all attempts to administer the Web interface.

  • Page 77: Access Control Lists

    Access Control Lists Access Control Lists are a set of instructions that can be applied to filter traffic on VLANs. They can be used to limit access to certain segments of the network and therefore, are useful for network security. Access Control Lists can be used to: ■...

  • Page 78: Port Security

    10: M HAPTER AKING As a result of the above rule, the packet matches the parameters of the rule and will be blocked. A destination mask of 0.0.0.0 will match all packets. Port Security Your Switch supports the following port security modes, which you can set for an individual port or a range of ports: ■...

  • Page 79: How Network Login Works

    What is Network Login? remote RADIUS server in the network for authentication. This information must be successfully authenticated and authorized before the client device is granted access to the network. For further information about RADIUS, see “What is RADIUS?” page The client device must be directly connected to the Switch port (no intervening switch or hub) as the Switch uses the link status to determine if an authorized client device is connected.

  • Page 80: Important Considerations

    10: M HAPTER AKING Figure 18 Network Login Operation Network Access Client When the client device and RADIUS server have exchanged authentication information, the Switch receives either an authentication succeeded or failed message from the server, and then configures the port to forward or filter traffic as appropriate.

  • Page 81: What Is Switch Management Login

    ■ ■ ■ ■ What is Switch If you intend to manage the Switch using the Web interface or the Management Command Line Interface, you need to log in with a valid user name and Login? password. For further information on managing the Switch, see the “Setting Up For Management”...

  • Page 82: Benefits Of Radius Authentication

    10: M HAPTER AKING Benefits of RADIUS Day-to-day network maintenance can become a substantial overhead. Authentication For example, regularly changing the administrative password on a manageable network device is a commonplace security measure. If the local Switch database is enabled, the network administrator must have local access to each Switch to securely change user name and password information.

  • Page 83: Important Considerations

    Important This section contains some important considerations when using RADIUS Considerations authentication of Switch Management Login on the Switch. ■ ■ ■ What is RADIUS? Remote Authentication Dial-In User Service (RADIUS) is an industry standard protocol for carrying authentication, authorization and configuration information between a network device and a shared authentication server.
  • Page 84 10: M HAPTER AKING ETWORK ECURE...

  • Page 85: Configuration Rules

    Configuration Rules Gigabit Ethernet is designed to run over several media: for Gigabit ■ Ethernet ■ ■ The different types of Gigabit Ethernet media and their specifications are detailed in Table 6 Gigabit Ethernet cabling ONFIGURATION Single-mode fiber optic cable, with connections up to 5 km (3.1 miles).

  • Page 86: Configuration Rules For Fast Ethernet

    A: C PPENDIX ONFIGURATION Configuration Rules The topology rules for 100 Mbps Fast Ethernet are slightly different to for Fast Ethernet those for 10 Mbps Ethernet. and provides examples of how they allow for large-scale Fast Ethernet networks. Figure 20 Fast Ethernet configuration rules The key topology rules are: ■...

  • Page 87: Configuration Rules With Full Duplex

    ■ Configuration Rules The Switch provides full duplex support for all its ports. Full duplex allows with Full Duplex packets to be transmitted and received simultaneously and, in effect, doubles the potential throughput of a link. With full duplex, the Ethernet topology rules are the same, but the Fast Ethernet rules are: ■...
  • Page 88 A: C PPENDIX ONFIGURATION ULES...

  • Page 89: Network Configuration Examples

    ETWORK XAMPLES This chapter contains the following section: Simple Network Configuration Examples ■ ■ ONFIGURATION Desktop Switch Example...

  • Page 90: Simple Network Configuration Examples

    B: N PPENDIX ETWORK ONFIGURATION Simple Network The following illustrations show some simple examples of how the Configuration Switch 3812, Switch 3824, or Switch 3848 can be used in your network. Examples Desktop Switch The example in Example can be used for a group of users that require dedicated 10 Mbps, 100 Mbps, or 1000 Mbps connections to the desktop.

  • Page 91: Ip Addressing

    IP A This chapter provides some background detail on the IP information that needs to be assigned to your Switch to enable you to manage it across a network. The topics covered are: ■ ■ ■ IP addressing is a vast topic and there are white papers on the World Wide Web and publications available if you wish to learn more about IP addressing.

  • Page 92: Advanced Overview

    DDRESSING If your network is internal to your organization only, you may use any arbitrary IP address. 3Com suggests you use addresses in the series 192.168.100.X (where X is a number between 1 and 254) with a subnet mask 255.255.255.0.
  • Page 93 Dotted Decimal Notation The actual IP address is a 32-bit number that is stored in binary format. These 32 bits are segmented into 4 groups of 8 bits — each group is referred to as a field or an octet. Decimal notation converts the value of each field into a decimal number, and the fields are separated by dots.

  • Page 94: Subnets And Subnet Masks

    C: IP A PPENDIX DDRESSING Subnets and Subnet You can divide your IP network into sub-networks also known as subnets. Masks Support for subnets is important because the number of bits assigned to the device part of an IP address limits the number of devices that may be addressed on any given network.
  • Page 95 Subnets and Subnet Masks As shown in this example, the 32 bits of an IP address and subnet mask are usually written using an integer shorthand. This notation translates four consecutive 8-bit groups (octets) into four integers that range from 0 through 255.

  • Page 96: Default Gateways

    C: IP A PPENDIX DDRESSING Table 8 Subnet Mask Notation The subnet mask 255.255.255.255 is reserved as the default broadcast address. Default Gateways A gateway is a device on your network which is used to forward IP packets to a remote destination. An alternative name for a gateway is a Router.
  • Page 97 LOSSARY 3Com Network The 3Com network management application used to manage 3Com’s Supervisor networking solutions. 10BASE-T The IEEE specification for 10 Mbps Ethernet over Category 3, 4 or 5 twisted pair cable. 100BASE-FX The IEEE specification for 100 Mbps Fast Ethernet over fiber-optic cable.
  • Page 98 LOSSARY Fast Ethernet is 100 Mbps, and the bandwidth of Gigabit Ethernet is 1000 Mbps. baud The signalling rate of a line, that is, the number of transitions (voltage or frequency changes) made per second. Also known as line speed. bridge A device that interconnects two LANs of a different type to form a single logical network that comprises of two network segments.
  • Page 99 Digital Certificate Digital Certificates are blocks of data that are used to identify users and systems and encrypt their data. Digital Certificates used by SSL adhere to the X.509 standard. Domain Name System. This system maps a numerical Internet Protocol (IP) address to a more meaningful and easy-to-remember name.
  • Page 100 LOSSARY half duplex A system that allows packets to transmitted and received, but not at the same time. Contrast with full duplex. A device that regenerates LAN traffic so that the transmission distance of that signal can be extended. Hubs are similar to repeaters, in that they connect LANs of the same type;...
  • Page 101 IGMP snooping A mechanism performed by an intermediate device, such as a Layer 2 Switch, that optimizes the flow of multicast traffic. The device listens for IGMP messages and build mapping tables and associated forwarding filters, in addition to reducing the IGMP protocol traffic. Internet Group Internet Group Management Protocol (IGMP) is a protocol that runs Management...
  • Page 102 LOSSARY Logical Link Control. A sublayer of the IEEE data link layer that is located above the MAC sublayer. The LLC sublayer is responsible for MAC sublayer addressing, flow control, error control, and framing. latency The delay between the time a device receives a packet and the time the packet is forwarded out of the destination port.
  • Page 103 Network Interface Card. A circuit board installed in an endstation that allows it to be connected to a network. POST Power On Self Test. An internal test that a Switch carries out when it is powered-up. protocol A set of rules for communication between devices on a network. The rules dictate format, timing, sequencing and error control.
  • Page 104 LOSSARY server A computer in a network that is shared by multiple endstations. Servers provide endstations with access to shared network services such as computer files and printer queues. SMTP Simple Mail Transfer Protocol. An IETF standard protocol used for transferring mail across a network reliably and efficiently (as defined in RFC 821).
  • Page 105 interconnection of networks. Originally a UNIX standard, TCP/IP is now supported on almost all platforms, and is the protocol of the Internet. TCP relates to the content of the data travelling through a network — ensuring that the information sent arrives in one piece when it reaches its destination.
  • Page 106 LOSSARY...
  • Page 107 NDEX Numbers 802.1D priority levels 54 traffic classification 54 Access Control Lists 77 addresses classes 93 IP 91 aggregated links 16, 25 aging time, definition 50 alarm events 62 Alarms (RMON group) 60, 61 automatic IP configuration 72 auto-negotiation 16, 24 Backup 17 bandwidth 23 BPDUs.
  • Page 108 NDEX IP multicast addressing 33 IP routing address classes 93 jumbo frames 30 learned SDB entries 50 MAC (Media Access Control) addresses IP address 92 manual configuration 72 masks subnet 94 Matrix (RMON group) 61 Max Age 44 multicast filtering 33 IGMP 36 multicasts, description 33 network...
  • Page 109 subnet mask 94 sub-networks. See subnets Switch Database 49 switch management login 75 topology rules for Fast Ethernet 86 topology rules with full duplex 87 traffic classification 802.1D 54 traffic prioritization 19, 51 802.1D 54 queues 56 VLANs 63 benefits 64 Default 65 defining the information for 66 IEEE Std 802.1Q-1998 65...
  • Page 110 NDEX...

This manual is also suitable for:

Superstack 3 38483848 - superstack 3 switch3c17401Superstack 3 38243c174003cr17402-91

Table of Contents