Summary of Contents for 3Com 3C17205-US - Corp SUPERSTACK 3 SWITCH 4400 24PORT
Page 1
SuperStack ® Switch Implementation Guide Generic guide for units in the SuperStack 3 Switch 4400 Series: 3C17203, 3C17204, 3C17205, 3C17206 http://www.3com.com/ Part No. DUA1720-3BAA04 Published January 2003...
Page 2
3Com Corporation reserves the right to revise this documentation and to make changes in content from time California 95052-8145 to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose.
ONTENTS BOUT UIDE Conventions Related Documentation Documentation Comments Product Registration WITCH EATURES VERVIEW What is Management Software? Upgrading the Switch 4400 SE Switch Features Explained Automatic IP Configuration Port Security Power Management Aggregated Links Auto-negotiation Multicast Filtering Resilient Links Spanning Tree Protocol and Rapid Spanning Tree Protocol Switch Database Traffic Prioritization Roving Analysis...
Page 4
Auto-negotiation Smart Auto-sensing Aggregated Links How 802.3ad Link Aggregation Operates Implementing 802.3ad Aggregated Links Aggregated Links and Your Switch Aggregated Link — Manual Configuration Example SING ULTICAST ILTERING What is an IP Multicast? Benefits of Multicast Multicast Filtering Multicast Filtering and Your Switch IGMP Multicast Filtering SING ESILIENCE...
Page 5
How Switch Database Entries Get Added Switch Database Entry States SING RAFFIC RIORITIZATION What is Traffic Prioritization? How Traffic Prioritization Works Traffic Classification Traffic Marking Traffic Re-Marking Traffic Prioritization Traffic Queues Configuring Traffic Prioritization on the Switch Methods of Configuring Traffic Prioritization Important QoS Considerations Default QoS Configurations Example QoS Configurations...
Page 6
Communication Between VLANs Creating New VLANs VLANs: Tagged and Untagged Membership VLAN Configuration Examples Using Untagged Connections Using 802.1Q Tagged Connections SING EBCACHE UPPORT What is Webcache Support? Benefits of Webcache Support How Webcache Support Works Cache Health Checks Webcache Support Example Important Considerations IP C SING...
Page 7
OWER ANAGEMENT AND ONTROL What is Power over Ethernet? Benefits of Power over Ethernet Planning Power Budgets Calculating Power Budgets Implementing a Power Plan Configuring a Guaranteed Power Plan Monitoring Power Usage Monitoring Power Usage LEDs Monitoring Port LEDs Monitoring Power Usage using the Web Interface Problem Solving ONFIGURATION ULES...
Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: http://www.3com.com/...
BOUT UIDE Conventions Table 1 Table 2 list conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device Warning Information that alerts you to potential personal injury...
Documentation accompanying the Advanced Redundant Power system. Documentation accompanying the Expansion Modules. Documentation accompanying 3Com Network Supervisor. This is supplied on the CD-ROM that accompanies the Switch. Documentation Your suggestions are very important to us. They will help make our Comments documentation more useful to you.
3Com product documentation at this e-mail address. Questions related to technical support or sales should be directed in the first instance to your network supplier. Product You can now register your SuperStack 3 Switch on the 3Com Web site: Registration http://www.3com.com/register/...
WITCH EATURES Chapter 1 Switch Features Overview Chapter 2 Optimizing Bandwidth Chapter 3 Using Multicast Filtering Chapter 4 Using Resilience Features Chapter 5 Using the Switch Database Chapter 6 Using Traffic Prioritization Chapter 7 Status Monitoring and Statistics Chapter 8 Setting Up Virtual LANs Chapter 9 Using Webcache Support...
WITCH EATURES VERVIEW ® This chapter contains introductory information about the SuperStack Switch 4400 management software and supported features. It covers the following topics: What is Management Software? Switch Features Explained For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.
Page 16
6 Enter the License Key of the Enhanced Software Upgrade. The License Key is supplied on the cover of the Switch 4400 SE Enhanced Software Upgrade CD. 7 Enter your email address. 3Com uses this address to confirm the details of your Upgrade License. 8 Select Submit.
Switch fails, you do not need to purchase an additional License Key. In order to re-use the License Key, when you raise a Return Materials Authorization (RMA) with 3Com for the failed product, your License Key will be released and you will be able to re-use it against the replacement product.
1: S HAPTER WITCH EATURES VERVIEW Disconnect Unauthorized Device (DUD) — disables a port if an unauthorized device transmits data on it. Switch Management Login — user name and password information is stored in a database on a RADIUS server in your network. Log in attempts to the Switch are remotely authenticated by the RADIUS server.
Switch Features Explained capabilities — these capabilities are by default the parameters that provide the highest performance supported by the port. 1000BASE-SX ports do not support auto-negotiation of port speed. Ports operating at 1000 Mbps only support full duplex mode. For details of the auto-negotiation features supported by your Switch, please refer to the Management Quick Reference Guide that accompanies your Switch.
1: S HAPTER WITCH EATURES VERVIEW endstations in each multicast group to which multicast traffic should be forwarded. For more information about multicast filtering, see Chapter 3 “Using Multicast Filtering”. Resilient Links The resilient link feature enables you to protect critical links and prevent network downtime should those links fail.
Switch Features Explained For more information about STP and RSTP, see Chapter 4 “Using Resilience Features”. Switch Database The Switch Database is an integral part of the Switch and is used by the Switch to determine if a packet should be forwarded, and which port should transmit the packet if it is to be forwarded.
1: S HAPTER WITCH EATURES VERVIEW RMON Remote Monitoring (RMON) is an industry standard feature for traffic monitoring and collecting network statistics. The Switch software continually collects statistics about the LAN segments connected to the Switch. If you have a management workstation with an RMON management application, the Switch can transfer these statistics to your workstation on request or when a pre-defined threshold is exceeded.
Switch Features Explained traditional network design. As an example, with VLANs you can segment your network according to: Departmental groups Hierarchical groups Usage groups For more information about VLANs, see Chapter 8 “Setting Up Virtual LANs”. Configuration Save The Configuration Save and Restore feature allows the configuration of and Restore your Switch to be saved as a file on a remote server, or to be restored onto the Switch from a remote file.
Page 24
CLI command displays the system summary progress of restore and save operations to all other users. When using the Configuration Save and Restore feature, 3Com recommends that aggregated links are configured as either: Manual aggregations with Link Aggregation Configuration Protocol (LACP) disabled on the ports that are to be manually placed in the aggregated link.
Page 25
Switch Features Explained values using the CLI or Web interface after the Configuration Restore has been completed. For detailed descriptions of the Configuration Save and Restore Web interface operations and Command Line Interface (CLI) commands, please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.
PTIMIZING ANDWIDTH There are many ways you can optimize the bandwidth on your network and improve network performance. If you utilize certain Switch features you can provide the following benefits to your network and end users: Increased bandwidth Quicker connections Faster transfer of data Minimized data errors Reduced network downtime...
2: O HAPTER PTIMIZING ANDWIDTH a link do not support auto-negotiation, both ends must be manually set to full duplex or half duplex accordingly. Ports operating at 1000 Mbps support full duplex mode only. Flow Control All Switch ports support flow control, which is a mechanism that prevents packet loss during periods of congestion on the network.
Aggregated Links 1000BASE-SX ports support auto-negotiation, however, the standard defines that 1000BASE-SX can only operate at 1000 Mbps, full duplex mode, so they can only auto-negotiate flow control. Smart Auto-sensing Smart auto-sensing allows auto-negotiating multi-speed ports, such as 100/1000 Mbps, to monitor and detect a high error rate on a link, or a problem in the “physical”...
800 Mbps. Figure 1 Switch units connected using an aggregated link 3Com recommends that you use IEEE 802.3ad LACP automatic aggregations rather than manual aggregations to ensure maximum resilience on your network. Using manual aggregations to connect to a stack could result in network loops if the cascade fails.
Aggregated Links Figure 2 Dynamic Reassignment of Traffic Flows The key benefits of 802.3ad link aggregation are: Automatic configuration — network management does not need to be used to manually aggregate links. Rapid configuration and reconfiguration — approximately one to three seconds.
Page 32
2: O HAPTER PTIMIZING ANDWIDTH Figure 3 Aggregated Link — Example LACP Pre-Configured Aggregations — If you need to know which aggregated link is associated with which device in your network you can use a LACP pre-configured aggregation. This allows you to manually configure the MAC address of a particular partner device (called the partner ID) against a specified aggregated link.
Aggregated Links Aggregated Links and When any port is assigned to an aggregated link (either manually or Your Switch via LACP) it will adopt the configuration settings of the aggregated link. When a port leaves an aggregated link its original configuration settings are restored.
Page 34
2: O HAPTER PTIMIZING ANDWIDTH When multiple links of different speed connect two devices only the highest speed links will be aggregated. The other links will be held in a standby state until there is a problem with a higher speed link(s). The lower speed link(s) will then become active.
Page 35
Aggregated Links Member links must retain the same groupings at both ends of an aggregated link. For example, the configuration in Figure 5 will not work as Switch A has one aggregated link defined whose member links are then split between two aggregated links defined on Switches B and C.
Page 36
2: O HAPTER PTIMIZING ANDWIDTH To gather statistics about an aggregated link, you must add together the statistics for each port in the aggregated link. If you wish to disable a single member link of an aggregated link, you must first physically remove the connection to ensure that you do not lose any traffic, before you disable both ends of the member link separately.
Aggregated Links The Switch also has a mechanism to prevent the possible occurrence of packet re-ordering when a link recovers too soon after a failure. Aggregated Link — The example shown in Figure 7 illustrates an 800 Mbps aggregated link Manual between two Switch units, (that is, each port is operating at 100 Mbps, Configuration...
Page 38
2: O HAPTER PTIMIZING ANDWIDTH 3 Connect port 2 on the upper Switch to port 2 on the lower Switch. 4 Connect port 4 on the upper Switch to port 4 on the lower Switch. 5 Connect port 6 on the upper Switch to port 6 on the lower Switch. 6 Connect port 8 on the upper Switch to port 8 on the lower Switch.
SING ULTICAST ILTERING Multicast filtering improves the performance of networks that carry multicast traffic. This chapter explains multicasts, multicast filtering, and how multicast filtering can be implemented on your Switch. It covers the following topics: What is an IP Multicast? Multicast Filtering IGMP Multicast Filtering For detailed descriptions of the Web interface operations and the...
3: U HAPTER SING ULTICAST ILTERING A multicast packet is identified by the presence of a multicast group address in the destination address field of the packet’s IP header. Benefits of Multicast The benefits of using IP multicast are that it: Enables the simultaneous delivery of information to many receivers in the most efficient, logical way.
Multicast Filtering Figure 8 The effect of multicast filtering Multicast Filtering Your Switch provides automatic multicast filtering support using IGMP and Your Switch (Internet Group Management Protocol) Snooping. It also supports IGMP query mode. Snooping Mode Snooping Mode allows your Switch to forward multicast packets only to the appropriate ports.
3: U HAPTER SING ULTICAST ILTERING command will configure the Switch 4400 Series to automatically negotiate with compatible devices on VLAN 1 to become the querier. The Switch 4400 Series is compatible with any device that conforms to the IGMP v2 protocol. The Switch 4400 Series does not support IGMP v3. If you have an IGMP v3 network, you should disable IGMP snooping for all Switch units in the stack using the snoopMode command on the Command Line Interface IGMP menu.
Page 43
IGMP Multicast Filtering Enabling IGMP Multicast Learning You can enable or disable multicast learning and IGMP querying using the snoopMode command on the CLI or the Web interface. For more information about enabling IGMP multicast learning, please refer to the Management Interface Reference Guide supplied on your Switch CD-ROM.
SING ESILIENCE EATURES Setting up resilience on your network helps protect critical links against failure, protects against network loops, and reduces network downtime to a minimum. This chapter explains the features supported by the Switch that provide resilience for your network. It covers the following topics: Resilient Links Spanning Tree Protocol (STP) Rapid Spanning Tree Protocol (RSTP)
3Com recommends that you use the Rapid Spanning Tree Protocol feature (default enabled) to provide optimum performance for your network and ease of use. The Switch also supports aggregated links which increase bandwidth and also provide resilience against individual link failure.
Spanning Tree Protocol (STP) Symmetric (default) — the standby link remains as the active link even if the main link resumes normal operation. Switchback — the standby link continues as the active link until the main link resumes normal operation. The active link then switches back from the standby link to the main link.
4: U HAPTER SING ESILIENCE EATURES The protocol is a part of the IEEE Std 802.1D, 1998 Edition bridge specification. To explain STP more effectively, your Switch will be referred to as a bridge. Rapid Spanning Tree The Rapid Spanning Tree (RSTP) is an enhanced Spanning Tree feature. Protocol (RSTP) RSTP implements the Spanning Tree Algorithm and Protocol, as defined in the IEEE Std 802.1w-2001.
Page 49
What is STP? RSTP provides the same functionality as STP. For details on how the two systems differ, see “How RSTP Differs to STP” page As an example, Figure 9 shows a network containing three LAN segments separated by three bridges. With this configuration, each segment can communicate with the others using two paths.
4: U HAPTER SING ESILIENCE EATURES If a link failure is detected, as shown in Figure 11, the STP process reconfigures the network so that traffic from LAN segment 2 flows through Bridge B. Figure 11 Traffic flowing through Bridge B STP determines which is the most efficient path between each bridged segment and a specifically assigned reference point on the network.
How STP Works Each port to have a cost. This specifies the efficiency of each link, usually determined by the bandwidth of the link — the higher the cost, the less efficient the link. Table 4 shows the default port costs for a Switch.
4: U HAPTER SING ESILIENCE EATURES All traffic destined to pass in the direction of the Root Bridge flows through the Designated Bridge. The port on this bridge that connects to the segment is called the Designated Bridge Port. STP Configuration After all the bridges on the network have agreed on the identity of the Root Bridge, and have established the other relevant parameters, each bridge is configured to forward traffic only between its Root Port and the...
Page 53
How STP Works Figure 12 Port costs in a network Bridge A has the lowest Bridge Identifier in the network, and has therefore been selected as the Root Bridge. Because Bridge A is the Root Bridge, it is also the Designated Bridge for LAN segment 1.
4: U HAPTER SING ESILIENCE EATURES Bridge C has been selected as the Designated Bridge for LAN segment 3, because it offers the lowest Root Path Cost for LAN Segment 3: the route through Bridges C and B costs 200 (C to B=100, B to A=100) the route through Bridges Y and B costs 300 (Y to B=200, B to A=100).
Page 55
How STP Works Figure 13 STP configurations...
4: U HAPTER SING ESILIENCE EATURES Default Behavior This section contains important information to note when using the RSTP and Fast Start features, particularly if you already have existing Switch 4400 units in your network with an older version of software. RSTP Default When using the RSTP feature on version 2.0 or later software, note the Behavior...
Using STP on a Network with Multiple VLANs Using STP on a The IEEE Std 802.1D, 1998 Edition does not take into account VLANs Network with when it calculates STP information — the calculations are only performed Multiple VLANs on the basis of physical connections. For this reason, some network configurations can result in VLANs being subdivided into a number of isolated sections by the STP system.
ID, and the port identifier on which the packet is received. You can enter and update entries using the management interface via CLI command, the bridge addressDatabase Bridge > Address Database Web interface operation, or an SNMP Network Manager, for example 3Com Network Supervisor.
5: U HAPTER SING THE WITCH ATABASE Switch Database Databases entries can have three states: Entry States Learned — The Switch has placed the entry into the Switch Database when a packet was received from an endstation. Note that: Learned entries are removed (aged out) from the Switch Database if the Switch does not receive further packets from that endstation within a certain period of time (the aging time).
SING RAFFIC RIORITIZATION Using the traffic prioritization capabilities of your Switch provides Quality of Service (QoS) to your network through increased reliability of data delivery. You can prioritize traffic on your network to ensure that high priority data is transmitted with minimum delay. Traffic can be controlled by a set of rules to obtain the required Quality of Service for your network.
You can provide predictable throughput for multimedia applications such as video conferencing or voice over IP platforms like the 3Com NBX, as well as minimizing traffic delay and jitter. You can improve network performance as the amount of traffic grows, which also reduces the need to constantly add bandwidth to the network, therefore saving cost.
How Traffic Prioritization Works For a look at a 3Com white paper on how to gain control of the network, please refer to the PDF format article at this link: http://www.3com.com/other/pdfs/products/en_US/getcontrolofth enetwork.pdf (correct at time of publication) How Traffic Traffic prioritization uses the four traffic queues that are present in your...
6: U HAPTER SING RAFFIC RIORITIZATION Traffic Remarking — if a traffic packet enters the Switch with a priority marking requesting an unacceptable level of service, the Switch can Re-mark it with a different priority value to downgrade its level of service. Traffic Prioritization —...
How Traffic Prioritization Works OSI Layer and Protocols Summary of Protocols Layer 4 Many applications use certain TCP or UDP sockets to communicate. By examining the UDP / TCP Source and socket number in the IP packet, the intelligent Destination ports for IP network can determine what type of application applications generated the packet.
Page 66
6: U HAPTER SING RAFFIC RIORITIZATION IEEE 802.1p IEEE 802.1D Priority Level Traffic Type Video (interactive media), less than 100 milliseconds latency and jitter Voice (interactive voice), less than 10 milliseconds latency and jitter Network Control Reserved traffic The traffic marking and prioritization supported by the Switch using layer 2 information is compatible with the relevant sections of the IEEE Std 802.1D, 1998 Edition (incorporating IEEE 802.1p).
How Traffic Prioritization Works DSCP is backward compatible with IPV4 TOS, which allows operation with any existing devices with layer 3 TOS enabled prioritization scheme in use. Traffic Re-Marking Traffic entering the Switch may get downgraded or discarded depending on the network policies and Service Level Agreements (SLA) pre-defined by the network administrator.
Page 68
6: U HAPTER SING RAFFIC RIORITIZATION not the egress port is tagged for that VLAN. If it is, then the new 802.1p tag is used in the extended 802.1D header. By default, the SuperStack 3 Switch 4400 SE supports a basic level of QoS.
Page 69
How Traffic Prioritization Works Figure 15 shows how traffic prioritization works at layer 2. The Switch will check a packet received at the ingress port for IEEE 802.1D traffic classification, and then prioritize it based upon the IEEE 802.1p value (service levels) in that tag.
Page 70
6: U HAPTER SING RAFFIC RIORITIZATION Figure 16 Advanced traffic prioritization and marking Switch 4400 Mapping is predefined and not configurable Configured Marking and Service Levels Remarking 802.1p Priority Service Level DSCP 802.1D Traffic Queues Classification Service Level DSCP 802.1D Queue 1 is lowest priority Queue 4 is highest priority DSCP...
Configuring Traffic Prioritization on the Switch Otherwise, if there are no other classifiers except the 802.1p tag, then the packet will pass through the Switch with the original 802.1p priority tag. Otherwise, if the received packet does not have an 802.1p tag, then a default 802.1p tag (which is usually 0) is assigned to it.
QoS configuration defined in the profile will immediately become active. Methods of QoS can be configured on your Switch using 3Com Network Supervisor Configuring Traffic or via the Command Line Interface (CLI). Prioritization...
Page 73
Use a comprehensive QoS management package, such as 3Com Network Supervisor, that will configure all devices in the network simultaneously and check for errors. Only use Switches or hardware-based routers in the LAN. Hubs cannot prioritize traffic, and software-based routers can cause bottlenecks.
1.SNMP (Management) - Network Critical 2. Videostream- Video application service level 3. Email - Best Effort 4. 3Com NBX Voice Over IP - Prioritize to Voice service level “Utilizing the Traffic Prioritization Features of Your Network” page 133 for a further network example.
(correct at time of publication) For additional troubleshooting information and technical solutions visit the 3Com Knowledgebase. The Knowledgebase has solutions addressing the blocking of network games and the prioritization of video traffic among its topics. To find these articles visit the Knowledgebase at: http://knowledgebase.3com.com/...
TATUS ONITORING AND TATISTICS This chapter contains details of the features that assist you with status monitoring and statistics. It covers the following topics: Roving Analysis Port RMON For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.
7: S HAPTER TATUS ONITORING AND TATISTICS Roving analysis is not supported: across a stack of Switch 4400 units. in a single Switch 4400 (48-port) unit within a stack of Switch 4400 units, or across a stack of Switch 4400 units. RMON Using the RMON capabilities of a Switch allows you to improve your network efficiency and reduce the load on your network.
Benefits of RMON The group is useful for analyzing the traffic patterns and trends on a LAN segment or VLAN, and for establishing the normal operating parameters of your network. Alarms The Alarms group provides a mechanism for setting thresholds and sampling intervals to generate events on any RMON variable.
7: S HAPTER TATUS ONITORING AND TATISTICS It reduces the load on the network and the management workstation Traditional network management involves a management workstation polling network devices at regular intervals to gather statistics and identify problems or trends. As network sizes and traffic levels grow, this approach places a strain on the management workstation and also generates large amounts of traffic.
RMON and the Switch When using the RMON features of the Switch, note the following: After the default sessions are created, they have no special status. You can delete or change them as required. The greater the number of RMON sessions, the greater the burden on the management resources of the Switch.
7: S HAPTER TATUS ONITORING AND TATISTICS Table 12 Values for the default alarm Low Threshold Statistic High Threshold Recovery Period Number of errors Value: 8 errors per 10 Value: 8 errors per 10 10 secs over 10 seconds seconds seconds Action: Smart Action: None.
Page 83
RMON and the Switch You can configure the email address to which you wish the notifications to be sent. However, you cannot change the factory default notification messages for event emails. RMON traps continue to be sent, in addition to any email notifications you may receive.
Page 84
7: S HAPTER TATUS ONITORING AND TATISTICS...
ETTING IRTUAL Setting up Virtual LANs (VLANs) on your Switch increases the efficiency of your network by dividing the LAN into logical, rather than physical, segments which are easier to manage. This chapter explains more about the concept of VLANs and explains how they can be implemented on your Switch.
8: S HAPTER ETTING IRTUAL Figure 18 A network setup showing three VLANs Backbone connecting multiple switches Switch B Switch A Development Department VLAN 3 Marketing Department Finance Department VLAN 1 VLAN 2 Benefits of VLANs The main benefit of VLANs is that they provide a network segmentation system that is far more flexible than any traditional network.
VLANs and Your Switch VLANs help to control traffic With traditional networks, congestion can be caused by broadcast traffic that is directed to all network devices whether they require it or not. VLANs increase the efficiency of your network because each VLAN can be set up to contain only those devices that need to communicate with each other.
8: S HAPTER ETTING IRTUAL Figure 19 Two VLANs connected via a router Creating New VLANs If you want to move a port from the Default VLAN to another VLAN, you must first define information about the new VLAN on your Switch. VLANs: Tagged and Your Switch supports 802.1Q VLAN tagging, a system that allows traffic Untagged...
VLAN Configuration Examples identify which packets belong in which VLANs. To communicate between VLANs a router must be used. VLAN This section contains examples of VLAN configurations. It describes how Configuration to set up your Switch to support simple untagged and tagged Examples connections.
8: S HAPTER ETTING IRTUAL To set up the configuration shown in Figure 1 Configure the VLANs Define VLAN 2 on the Switch. VLAN 1 is the default VLAN and already exists. 2 Add ports to the VLANs Add ports 10, 11 and 12 of the Switch as untagged members to VLAN 2. Using 802.1Q Tagged In a network where the VLANs are distributed amongst more than one Connections...
Page 91
VLAN Configuration Examples To set up the configuration shown in Figure 1 Configure the VLANs on Switch 1 Define VLAN 2. VLAN 1 is the default VLAN and already exists. 2 Add endstation ports on Switch 1 to the VLANs Place the endstation ports in the appropriate VLANs as untagged members.
SING EBCACHE UPPORT This chapter outlines the Webcache support feature, explains the key benefits of using this feature, and gives examples of how and why you would use it in your network. To make Webcache support available on the SuperStack 3 Switch 4400 SE, upgrade the product to the Switch 4400 SE Enhanced Software Upgrade (3C17207).
9: U HAPTER SING EBCACHE UPPORT latency is reduced as the Webcache is able to deliver web content faster than the time required to retrieve information over a WAN connection. Because the redirection decision is based upon the destination TCP port, the solution is transparent to end users and requires no manual configuration of web clients.
What is Webcache Support? The redirected TCP port number can be changed through the CLI using the feature cacheConfig changePort command, or via the Web interface by selecting System > Cache Config > Change TCP Port. If your Switch is configured to generate SNMP traps, you may see a trap containing the message No TCP port specified to be redirected when you change the port number.
9: U HAPTER SING EBCACHE UPPORT Webcache Support Figure 22 shows a Switch 4400 in a network with a Webcache connected Example to the network and enabled. The Switch identifies all HTTP traffic flowing through it and redirects all HTTP traffic to the Webcache. Figure 22 Example of a network with Webcache Support enabled Figure 22 the flow of HTTP traffic between a PC browsing the World...
Webcache Support Example Important This section contains some important considerations when using Considerations Webcache support on the Switch 4400. The Switch 4400 supports the SuperStack 3 Webcache 1000/3000. The Webcache must be connected directly to the Switch 4400 — there must be no intervening Switches or Hubs. The Switch 4400 can only support one Webcache for a single unit or a stack.
SING UTOMATIC ONFIGURATION This chapter explains more about IP addresses and how the automatic configuration option works. It covers the following topics: How Your Switch Obtains IP Information How Automatic IP Configuration Works Important Considerations For detailed information on setting up your Switch for management, see the Getting Started Guide that accompanies your Switch.
10: U IP C HAPTER SING UTOMATIC ONFIGURATION How Your Switch Your Switch has two ways to obtain its IP address information: Obtains IP Automatic IP Configuration (default) — the Switch attempts to Information configure itself by communicating with address allocation servers on the network or by selecting from a pool of addresses.
How Automatic IP Configuration Works Automatic Process To detect its IP information using the automatic configuration process, the Switch goes through the following sequence of steps: 1 The DHCP client that resides in the Switch makes up to four attempts to contact a DHCP server on the network requesting IP information from the server.
10: U IP C HAPTER SING UTOMATIC ONFIGURATION Important This section contains some important points to note when using the Considerations automatic IP configuration feature. The dynamic nature of automatically configured IP information means that a Switch may change its IP address whilst in use. Server Support Your Switch has been tested to interoperate with DHCP and BOOTP servers that use the following operating systems:...
AKING ETWORK ECURE This chapter outlines the Port Security and Switch Management Login features, explains the key benefits of using these features, and gives examples of how and why you would use them in your network. For detailed descriptions of the Web interface operations and the Command Line Interface (CLI) commands that you require to manage the Switch please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.
11: M HAPTER AKING ETWORK ECURE Port Security The Switch 4400 supports the following port security modes, which you can set for an individual port or a range of ports: No Security Port security is disabled and all network traffic is forwarded through the port without any restrictions.
What is Network Login? NBX mode offers a reduced level of network security because the Switch port is accessible at all times to allow NBX phone traffic to be automatically forwarded. When the port is configured in the Network Login with NBX operational mode and the client device is removed, the Switch does not receive a link down event and the port will continue to be authorized.
11: M HAPTER AKING ETWORK ECURE To make Network Login available on the SuperStack 3 Switch 4400 SE, upgrade the product to the Switch 4400 SE Enhanced Software Upgrade (3C17207). Network Login When Network Login is enabled the Switch acts as a relay agent between Works the client device that is requesting access to the network and the RADIUS server.
What is Disconnect Unauthorized Device (DUD)? For further information about RADIUS, see “What is RADIUS?” page 112. Important This section contains some important considerations when using Network Considerations Login on the Switch 4400. Before you enable Network Login you must ensure that: RADIUS has been configured on the Switch.
11: M HAPTER AKING ETWORK ECURE You can configure DUD to perform one of the following actions if an unauthorized client device transmits data on the port: Permanently disable the port The port is disabled and data from the unauthorized client device is not transmitted.
What is Switch Management Login? To make RADIUS authentication of Switch Management Login available on the SuperStack 3 Switch 4400 SE, upgrade the product to the Switch 4400 SE Enhanced Software Upgrade (3C17207). Benefits of RADIUS Day-to-day network maintenance can become a substantial overhead. Authentication For example, regularly changing the administrative password on a manageable network device is a commonplace security measure.
Page 110
The default user levels on the Switch (monitor, manager, admin) are supported by a 3Com Vendor Specific Attribute (VSA). The Vendor-ID for 3Com is 43. You must configure the RADIUS server to send this attribute in the Access-Accept message in order to specify the access level required for each user account.
| Type=26 | Length=12 | Vendor-Id = 3Com (43) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Vendor-Id (cont) | 3Com type = 1 | Length = 6 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | User-Access-Level +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ For further information about configuring the Switch for Switch Management Login and RADIUS authentication, please refer to the Management Interface Reference Guide supplied in HTML format on the CD-ROM that accompanies your Switch.
11: M HAPTER AKING ETWORK ECURE What is RADIUS? Remote Authentication Dial-In User Service (RADIUS) is an industry standard protocol for carrying authentication, authorization and configuration information between a network device and a shared authentication server. Transactions between each network device and the server are authenticated by the use of a shared secret.
A Power over Ethernet (802.3af) compliant device which has its power supplied over its Ethernet cable no longer requires a separate power supply. If, for example, the Switch is used to connect the 3Com 11 Mbps Wireless LAN Access Point 8500 to the network then only a network cable is required to provide both power and network connectivity.
To calculate the power budget for the Switch, add together the power requirements of the devices that will be connected at any one time. The power requirements of 3Com Power over Ethernet compliant devices can be displayed by logging on to the Web interface of the Switch and selecting Physical Interface >...
Planning Power Budgets have not had their power guaranteed. See “Configuring a Guaranteed Power Plan” page 116. 2 Any device connected to a lower port number will take priority over a device connected to a higher port number. If the Switch needs to remove power from a device it will remove power from the highest numbered port that has not been guaranteed power.
Plan 3Com Power over Ethernet products. Configuring a port for a 3Com Power over Ethernet device is as simple as selecting the profile for that device. If you add a device to your Switch that does not have a profile, for example a future 3Com device or a device from another supplier, you can also guarantee power by specifying the maximum power required by the device.
Monitoring Power Usage Monitoring Power The Switch has four Power Utilization LEDs that show the current level of Usage LEDs power supplied by the unit as shown in Table Table 13 Power Usage LEDs 25% LED 50% LED 75% LED 90% LED Power Consumption 0–24%...
12: P HAPTER OWER ANAGEMENT AND ONTROL Table 14 Port Status and Port Packet LEDs (Power over Ethernet information) LED Status Meaning Port Status LED No Power over Ethernet device is present. Green Power is being supplied from this port. Flashing Green The power budget for Switch or port has been exceeded.
Problem Solving 4 Click Reset Meters if you want to reset the Average Power and Peak Power. 5 Click OK when you have finished. Displaying a Graphical Summary The Switch can also display a graphical summary of the state of ports and the power they supply.
Page 120
12: P HAPTER OWER ANAGEMENT AND ONTROL...
Page 121
PPENDICES AND NDEX Appendix A Configuration Rules Appendix B Network Configuration Examples Appendix C IP Addressing Glossary Index...
ONFIGURATION ULES Configuration Rules Gigabit Ethernet is designed to run over several media: for Gigabit Single-mode fiber optic cable, with connections up to 5 km Ethernet (3.1 miles). Support for distances over 5 km is supported depending on the module specification. Multimode fiber optic cable, with connections up to 550 m (1804 ft).
A: C PPENDIX ONFIGURATION ULES Configuration Rules The topology rules for 100 Mbps Fast Ethernet are slightly different to for Fast Ethernet those for 10 Mbps Ethernet. Figure 26 illustrates the key topology rules and provides examples of how they allow for large-scale Fast Ethernet networks.
Configuration Rules for Fast Ethernet A total network span of 325 m (1066 ft) is allowed in single-repeater topologies (one hub stack per wiring closet with a fiber link to the collapsed backbone). For example, a 225 m (738 ft) fiber link from a repeater to a router or switch, plus a 100 m (328 ft) UTP link from a repeater out to the endstations.
ETWORK ONFIGURATION XAMPLES This chapter contains the following sections: Simple Network Configuration Examples Segmentation Switch Example Collapsed Backbone Switch Example Desktop Switch Example Advanced Network Configuration Examples Improving the Resilience of Your Network Enhancing the Performance of Your Network Utilizing the Traffic Prioritization Features of Your Network...
B: N PPENDIX ETWORK ONFIGURATION XAMPLES Simple Network The following illustrations show some simple examples of how the Switch Configuration 4400 family and 4900 family can be used in your network. Examples Segmentation Switch The example in Figure 27 shows how a 10/100 Switch such as the Switch Example 4400 stack can segment a network of shared 10 Mbps and 100 Mbps connections.
Simple Network Configuration Examples Collapsed Backbone The example in Figure 28 shows how a Switch 4400 stack can act as a Switch Example backbone for both shared and switched network segments. Figure 28 Using the Switch 4400 as a collapsed backbone...
B: N PPENDIX ETWORK ONFIGURATION XAMPLES Desktop Switch The example in Figure 29 shows how a Switch 4400 can be used for a Example group of users that require dedicated 10 Mbps or 100 Mbps connections to the desktop. The Switch 4400 stack has a 1000BASE-T Module fitted that allows it to provide a Gigabit Ethernet link to a Switch 4900 in the basement.
Advanced Network Configuration Examples Advanced Network This section shows some network examples that illustrate how you can Configuration set up your network for optimum performance using some of the Examples features supported by your Switch. Improving the Figure 30 shows how you can set up your network to improve its Resilience of Your resilience using resilient links.
B: N PPENDIX ETWORK ONFIGURATION XAMPLES Enhancing the Figure 31 shows how you can set your network up to enhance its Performance of Your performance. Network All ports are auto-negotiating and smart auto-sensing and will therefore pass data across the network at the optimum available speed and duplex mode.
Advanced Network Configuration Examples Utilizing the Traffic The example in Figure 32 shows a network configuration that Prioritization demonstrates how you can utilize the different types of Quality of Service Features of Your (QoS profiles) to ensure a high level of service and prioritization across the Network network for certain applications, users, or locations.
Page 134
B: N PPENDIX ETWORK ONFIGURATION XAMPLES...
The second part, called the host part, (‘100.8’ in the example) identifies the device within the network. If your network is internal to your organization only, you may use any arbitrary IP address. 3Com suggests you use addresses in the series...
C: IP A PPENDIX DDRESSING 192.168.100.X (where X is a number between 1 and 254) with a subnet mask 255.255.255.0. If you are using SLIP, use the default SLIP address of 192.168.101.1 with a subnet mask of 255.255.255.0. These suggested IP addresses are part of a group of IP addresses that have been set aside specially for use “in house”...
Page 137
IP Addresses Dotted Decimal Notation The actual IP address is a 32-bit number that is stored in binary format. These 32 bits are segmented into 4 groups of 8 bits — each group is referred to as a field or an octet. Decimal notation converts the value of each field into a decimal number, and the fields are separated by dots.
C: IP A PPENDIX DDRESSING Subnets and Subnet You can divide your IP network into sub-networks also known as subnets. Masks Support for subnets is important because the number of bits assigned to the device part of an IP address limits the number of devices that may be addressed on any given network.
Page 139
Subnets and Subnet Masks As shown in this example, the 32 bits of an IP address and subnet mask are usually written using an integer shorthand. This notation translates four consecutive 8-bit groups (octets) into four integers that range from 0 through 255.
C: IP A PPENDIX DDRESSING Table 17 Subnet Mask Notation Standard Mask Notation Network Prefix Notation 100.100.100.100 (255.0.0.0) 100.100.100.100/8 100.100.100.100 (255.255.0.0) 100.100.100.100/16 100.100.100.100 (255.255.255.0) 100.100.100.100/24 The subnet mask 255.255.255.255 is reserved as the default broadcast address. Default Gateways A gateway is a device on your network which is used to forward IP packets to a remote destination.
Page 141
LOSSARY 3Com Network The 3Com network management application used to manage 3Com’s Supervisor networking solutions. 10BASE-T The IEEE specification for 10 Mbps Ethernet over Category 3, 4 or 5 twisted pair cable. 100BASE-FX The IEEE specification for 100 Mbps Fast Ethernet over fiber-optic cable.
Page 142
LOSSARY bandwidth The information capacity, measured in bits per second, that a channel can transmit. The bandwidth of Ethernet is 10 Mbps, the bandwidth of Fast Ethernet is 100 Mbps, and the bandwidth of Gigabit Ethernet is 1000 Mbps. baud The signalling rate of a line, that is, the number of transitions (voltage or frequency changes) made per second.
Page 143
Domain Name System. This system maps a numerical Internet Protocol (IP) address to a more meaningful and easy-to-remember name. When you need to access another device on your network, you enter the name of the device, instead of its IP address. Disconnect Unauthorized Device.
Page 144
LOSSARY half duplex A system that allows packets to transmitted and received, but not at the same time. Contrast with full duplex. A device that regenerates LAN traffic so that the transmission distance of that signal can be extended. Hubs are similar to repeaters, in that they connect LANs of the same type;...
Page 145
Internet Group Internet Group Management Protocol (IGMP) is a protocol that runs Management between hosts and their immediate neighboring multicast routers. The Protocol protocol allows a host to inform its local router that it wishes to receive transmissions addressed to a specific multicast group. Based on group membership information learned from the IGMP, a router is able to determine which if any multicast traffic needs to be forwarded to each of its subnetworks.
Page 146
LOSSARY loop An event that occurs when two network devices are connected by more than one path, thereby causing packets to repeatedly cycle around the network and not reach their destination. Media Access Control. A protocol specified by the IEEE for determining which devices have access to a network at any one time.
Page 147
Power over Ethernet Power supplied using either the spare pairs or signal pairs of an Ethernet cable using the IEEE 802.3af standard. protocol A set of rules for communication between devices on a network. The rules dictate format, timing, sequencing and error control. RADIUS Remote Authentication Dial-In User Service.
Page 148
LOSSARY server A computer in a network that is shared by multiple endstations. Servers provide endstations with access to shared network services such as computer files and printer queues. SLIP Serial Line Internet Protocol. A protocol that allows IP to run over a serial line (console port) connection.
Page 149
TCP relates to the content of the data travelling through a network — ensuring that the information sent arrives in one piece when it reaches its destination. IP relates to the address of the endstation to which data is being sent, as well as the address of the destination network. Telnet A TCP/IP application protocol that provides a virtual terminal service, letting a user log into another computer system and access a device as...
Page 151
NDEX default gateway 140 NDEX Default VLAN 87 Designated Bridge 51 Designated Bridge Port 52 DHCP 100 Disconnect Unauthorized Device (DUD) 18, 107 event notification 22, 82 Events (RMON group) 79, 80 addresses extended network prefix 139 classes 137 IP 135 advantages of Power over Ethernet 113 aggregated links 18, 29 Fast Ethernet configuration rules 124...
Page 152
NDEX obtaining 136 power budgets 114 subnet mask 138 power LEDs 117 subnetwork portion 138 power management 18 IP multicast Power over Ethernet 113 addressing 39 advantages 113 IP routing power plan 116 address classes 137 power usage 116 monitoring 118 priority in STP 50 learned SDB entries 60 LEDs...
Page 153
NDEX Designated Bridge Port 52 Webcache support 22, 93 example 52 Hello BPDUs 52 Max Age 52 priority 50 Root Bridge 50 Root Path Cost 51 Root Port 51 using on a network with multiple VLANs 57 subnet mask 138 defined 138 example 138 numbering 139...