Page 1 CoreBuilder 3500 ® Implementation Guide ® Release 3.0 http://www.3com.com/ Part No. 10013506 Published November 1999...
Page 2 3Com Corporation reserves the right to revise this documentation and to make changes in content from time 95052-8145 to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms, or conditions of merchantability, satisfactory quality, and fitness for a particular purpose.
Page 3: Table Of Contents
ONTENTS BOUT UIDE Conventions CoreBuilder 3500 Documentation Paper Documents Software and Documents on CD-ROM Documentation Comments Year 2000 Compliance ONFIGURATION VERVIEW System Configuration Procedure Procedure Summary Configuration Procedure ANAGEMENT CCESS Management Access Overview Administration Console Overview SNMP-Based Network Management Overview...
Page 4 YSTEM ARAMETERS System Parameters Overview Features Benefits Key Concepts Key Guidelines for Implementation File Transfer Implementing FTP Implementing TFTP Security Security Options Important Considerations Software Update Important Considerations nvData Operations Saving nvData Restoring nvData Resetting nvData Viewing nvData Simple Network Time Protocol (SNTP) SNTP Overview Implementing SNTP Standards, Protocols, and Related Reading...
Page 5 Effects of Replacing Modules Replacing Modules of the Same Type or Same Number of Ports Replacing Modules of Different Types THERNET Ethernet Overview Features Benefits Key Concepts Ethernet Frame Processing Key Guidelines for Implementation Link Bandwidths Trunks Port Enable and Disable (Port State) Important Considerations Port Labels Labeling Ports...
Page 6 (FDDI) IBER ISTRIBUTED NTERFACE FDDI Overview Features Benefits Key Concepts Related Standards FDDI Network Topologies Nodes and Attachments Dual Homing FDDI Stations Primary and Secondary Paths Media Access Control Ports Key Guidelines for Implementation FDDI Stations Setting the Connection Policies Setting Neighbor Notification Timer Enabling and Disabling Status Reporting FDDI Paths...
Page 7 RIDGE IDE AND RIDGE ARAMETERS Bridging Overview Benefits Features Key Bridging Concepts Learning Addresses Aging Addresses Forwarding, Filtering, and Flooding Packets Spanning Tree Protocol How the Spanning Tree Protocol Works CBPDUs at Work How a Single Bridge Interprets CBPDUs How Multiple Bridges Interpret CBPDUs Spanning Tree Port States Reconfiguring the Bridged Network Topology Key Guidelines for Implementation...
Page 8 RUNKING Trunking Overview Features Benefits Key Concepts Port Numbering in a Trunk Trunk Control Message Protocol (TCMP) Key Guidelines for Implementation General Guidelines Trunk Capacity Guidelines Defining Trunks Important Considerations Modifying Trunks Important Considerations Removing Trunks Important Considerations Standards, Protocols, and Related Reading IRTUAL VLAN Overview Need for VLANs...
Page 9 Ignore STP Mode Important Considerations VLAN Aware Mode Port-based VLANs The Default VLAN Static Port-based VLANs Dynamic Port-based VLANs Using GVRP Protocol-based VLANs Important Considerations Selecting a Protocol Suite Establishing Routing Between VLANs Network-based IP VLANs Important Considerations Example of Network-based VLANs Rules of VLAN Operation Ingress Rules Egress Rules...
Page 10 Downloading Custom Packet Filters Download with Filter Builder Download an ASCII File The Packet Filtering Language Principles for Writing a Custom Filter How the Packet Filter Language Works Procedure for Writing a Custom Filter Packet Filter Opcodes Implementing Sequential Tests in a Packet Filter Common Syntax Errors Custom Packet Filter Examples Destination Address Filter...
Page 11 (IP) NTERNET ROTOCOL Routing Overview Routing in a Subnetted Environment Integrating Bridging and Routing IP Routing Overview Features and Benefits Key Concepts Multiple IP Interfaces per VLAN Media Access Control (MAC) Address Network-Layer Address IP Addresses Variable Length Subnet Masks (VLSMs) Router Interfaces Routing Table Routing Models: Port-based and VLAN-based...
Page 12 Directed Broadcast Important Considerations Routing Information Protocol (RIP) Basic RIP Parameters RIP Mode Compatibility Mode Cost Poison Reverse Advertisement Address Route Aggregation RIP-1 Versus RIP-2 Important Considerations Routing Policies How Routing Policies Work Important Considerations Implementing RIP Routing Policies Setting Up RIP Routing Policies Creating RIP Routing Policies Example Domain Name System (DNS)
Page 13 Implementing VRRP Create VLANs Configure IP Interfaces Configure the Router Protocol Enable Routing Configure VRRP Enable VRRP VRRP and Other Networking Operations Spanning Tree Protocol (STP) Dynamic Routing Protocols (RIP, RIP-2, OSPF) IGMP Queries ICMP Redirect Quality of Service IP Routing Policies Dynamic Host Configuration Protocol (DHCP) Standards, Protocols, and Related Reading IP M...
Page 14 How DVMRP Supports IP Multicast Spanning Tree Delivery Managing the Spanning Tree DVMRP Interface Characteristics Key Guidelines for Implementation Configuration Procedure Impact of Multicast Limits Impact of IEEE 802.1Q on Multicasts Protocol Interoperability Configuring IGMP Options Querying and Snooping Modes Important Considerations Configuring DVMRP Interfaces Important Considerations...
Page 15 Areas Types of Areas Area Border Routers Routing Databases Configuring Route Summarization in ABRs Important Considerations Default Route Metric OSPF Interfaces Mode Priority Area ID Cost Delay Hello Interval Retransmit Interval Dead Interval Password Statistics Important Considerations Link State Databases Router Link State Advertisements Network Link State Advertisements Summary Link State Advertisements...
Page 16 Virtual Links Important Considerations OSPF Routing Policies Important Considerations Implementing Import Policies Implementing Export Policies OSPF Statistics Standards, Protocols, and Related Reading IPX R OUTING IPX Routing Overview Features Benefits Key Concepts How IPX Routing Works Terminology Key Guidelines for Implementation Procedural Guidelines General Guidelines IPX Interfaces...
Page 17 IPX RIP Mode Important Considerations RIP Policies IPX SAP Mode Important Considerations SAP Policies IPX Statistics Standards, Protocols, and Related Reading PPLE AppleTalk Overview Features Benefits Key Concepts AppleTalk Protocols AppleTalk Network Elements Terminology Key Implementation Guidelines AppleTalk Interfaces Important Considerations AppleTalk Routes Important Considerations AppleTalk Address Resolution Protocol (AARP) Cache...
Page 18 Zone Information Protocol Name Binding Protocol Standards, Protocols, and Related Reading RSVP QoS Overview Features Benefits Methods of Using QoS Key Concepts Related Standards and Protocols Terminology Key Guidelines for Implementation Procedural Guidelines General Guidelines QoS Classifiers Important Considerations Using Predefined Classifiers Assigning Flow and Nonflow Classifier Numbers Defining Flow Classifiers Defining Nonflow Classifiers...
Page 19 QoS Excess Tagging Example of QoS Excess Tagging Transmit Queues and QoS Bandwidth LDAP Important Considerations Operation RSVP RSVP Terminology Example of RSVP Setting RSVP Parameters EVICE ONITORING Device Monitoring Overview Key Concepts and Tools Administration Console Web Management Tools Network Management Platform SmartAgent Embedded Software Other Commonly Used Tools...
Page 20 3Com Enterprise MIBs ECHNICAL UPPORT Online Technical Services World Wide Web Site 3Com Knowledgebase Web Services 3Com FTP Site 3Com Bulletin Board Service 3Com Facts Automated Fax Service Support from Your Network Supplier Support from 3Com Returning Products for Repair NDEX...
Page 21: About This Guide
Read Chapter 1 for an overview of the configuration process. This guide is intended for the system or network administrator who is responsible for configuring, using, and managing the CoreBuilder 3500 system. It assumes a working knowledge of local area network (LAN) operations and familiarity with communications protocols that are used on interconnected LANs.
Page 22: Conventions
BOUT UIDE Conventions Table 1 and Table 2 list conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device Warning Information that alerts you to potential personal injury...
Page 23 Conventions Table 2 Text Conventions (continued) Convention Description Words in italics Italics are used to: Emphasize a point Denote a new term at the place where it is defined in the text Identify menu names, menu commands, and software button names. Examples: From the Help menu, select Contents.
Page 24: Corebuilder 3500 Documentation
The System Software and Documentation CD contains online versions of the paper documents, this Implementation Guide, and the Command Reference Guide, as well as the CoreBuilder 3500 system software. To order additional copies of the paper documents and the CD-ROM, contact your sales representative.
Page 25 CoreBuilder 3500 Documentation In addition, each module and field-replaceable component contains a guide: CoreBuilder 3500 System Processor Removal and Replacement Guide Provides overview information and removal and replacement instructions for the CoreBuilder system processor. Module Installation Guides An overview, LED status information, and installation instructions for each module.
Page 26: Software And Documents On Cd-Rom
CoreBuilder 3500 Implementation Guide (this guide) Multiplatform Command Reference Guide Information about the commands used to configure the system. This guide documents commands for the CoreBuilder 3500 as well as other 3Com systems. Help system for the Web Management suite of applications Online Help system for the CoreBuilder 3500 Web Management software.
Page 27: Configuration Overview
Procedure immediately ready to configure according to your network needs. 3Com recommends that you use the following procedures the first time that you set up your system and every time that you modify its configuration.
Page 28: Configuration Procedure
1: C HAPTER ONFIGURATION VERVIEW Follow the steps that apply to your network needs and ignore the steps Configuration Procedure that do not apply. 1 Establish management access. To perform configuration or management tasks, you must initially: a Connect to the system through its terminal serial port or modem serial port.
Page 29 For more information, see the Web Management User Guide. ® SNMP-based applications — One example is 3Com Transcend Network Control Services software. To manage the system in-band from SNMP-based applications, set the SNMP parameters through the menu. For more information, see Chapter 2 and Chapter 18 in snmp this guide, as well as application-specific documentation.
Page 30 1: C HAPTER ONFIGURATION VERVIEW 5 Define all VLANs. To create logical workgroups, which are generally equivalent to Layer 2 broadcast domains or Layer 3 networks, you can define port-based, protocol-based, and network-based VLANs, and set related modes in the system.
Page 31: Management Access
The Administration Console Web Management suite of applications An external SNMP-based network management application such as 3Com’s Transcend Network Control Services The Administration Console and most of Web Management are embedded parts of the software and are available for immediate use on...
Page 32: Administration Console Overview
2: M HAPTER ANAGEMENT CCESS The Administration Console is an internal character-oriented, Administration Console Overview menu-driven, user interface for performing system administration such as displaying statistics or changing option settings. You can view the Administration Console from a terminal, a PC, a Macintosh, or from a UNIX workstation.
Page 33 Help files as well as access to links to support information on the 3Com Web site. Installable tools — Install these optional tools on your workstation from the Software and Documentation CD-ROM or from the 3Com Web site: DeviceView accessories — To set up e-mail notification for Status Logging WebManage Framework —...
Page 34: Snmp-Based Network Management Overview
For more complete network management, you can use an external SNMP-Based Network Management SNMP-based application such as 3Com’s Transcend Network Control Overview Services or another network management application. You access external applications through an Ethernet port using an IP interface.
Page 35: Protocols
Key Concepts Figure 3 shows how the different management access methods fit into the OSI model. Figure 3 OSI Protocols for the CoreBuilder 3500 SNMP Administration Administration Management Management managers Console Console applications applications Application Layer Management applications Terminal SNMP...
Page 36 2: M HAPTER ANAGEMENT CCESS Virtual Terminal Protocols A virtual terminal protocol is a software program, such as Telnet, that allow you to establish a management session from a Macintosh, a PC, or a UNIX workstation. Because Telnet runs over TCP/IP, you must have at least one IP address configured on the system before you can establish access to it with a virtual terminal protocol.
Page 37 Key Concepts Simple Network Management Protocol Simple Network Management Protocol (SNMP) is the standard management protocol for multi-vendor IP networks. SNMP supports transaction-based queries that allow the protocol to format messages and to transmit information between reporting devices and data-collection programs. SNMP runs on top of the User Datagram Protocol (UDP), offering a connectionless-mode service.
Page 38: Key Guidelines For Implementation
2: M HAPTER ANAGEMENT CCESS Key Guidelines for This section describes guidelines for the different ways to access your Implementation system. Access Methods There are several ways you can access your management application on the system; locally through a terminal connection, or remotely using a modem or an IP connection.
Page 39 This sequence allows the modem to synchronize its baud rate with the system. See the CoreBuilder 3500 Getting Started Guide for terminal port and modem port pin-outs. For additional information about modem port settings, see the Command Reference Guide.
Page 40: Administration Console Access
2: M HAPTER ANAGEMENT CCESS In-Band Management — If you are managing your network in-band, you need to set up an IP routing interface and at least one VLAN. See Chapter 9 for information about defining a VLAN, and Chapter 11 for information about setting up an IP routing interface. See “In-Band Management”...
Page 41: Terminal Port Access
Administration Console Access When you access the Administration Console, the top-level menu appears. You manage and monitor your system by selecting options from this menu and from others below it. Each menu option is accompanied by a brief description. For additional information about using the Administration Console, see the Command Reference Guide.
Page 42: Web Management Access
DeviceView, and Performance monitoring tools. Additional installable applications include Help. After you have set up your IP address for the CoreBuilder 3500 system, you can access Web Management applications directly in your Web browser by entering the IP address of the system.
Page 43: Snmp Access
SNMP Access SNMP Access You can use an external SNMP-based application such as 3Com Transcend Network Control Services to access your system through an ® Ethernet port using an IP interface. SmartAgent intelligent agents are the foundation of the Transcend architecture. SmartAgent software and RMON work together to provide automatic network-wide monitoring, analysis, and reporting.
Page 44 2: M HAPTER ANAGEMENT CCESS...
Page 45: System Parameters
YSTEM ARAMETERS This chapter guidelines and other information about the system parameters that you can configure. This chapter covers these topics: System Parameters Overview Key Concepts Key Guidelines for Implementation File Transfer Security Software Update nvData Operations Simple Network Time Protocol (SNTP) Standards, Protocols, and Related Reading You can manage system parameters in either of these ways: From the...
Page 46: System Parameters Overview
3: S HAPTER YSTEM ARAMETERS System Parameters On the Administration Console, you use the menu to set or system Overview modify values for system parameters or functions. For many of these parameters, you can also use the configuration forms in the System folder of the Web Management suite of software applications.
Page 47: Benefits
Key Concepts Using the options on the menu: Benefits system Provides an easy method for setting and modifying system parameters. Provides added security by limiting IP and Web Management access to your system. Decreases the time and cost of modifying your system configuration. You do not need to make frequent changes from the same source and then reboot your system to apply the changes.
Page 48: Key Guidelines For Implementation
3: S HAPTER YSTEM ARAMETERS Key Guidelines for This section briefly explains how to set and modify the values for system Implementation parameters that you can set. The system sets most of the parameter values during power-on. To set parameters that are not defined by the system or to modify predefined values, use one of the following methods: menu on the Administration Console’s top-level menu system...
Page 49: Implementing Tftp
Security The Trivial File Transfer Protocol (TFTP) is simpler to use than FTP but has Implementing TFTP less functionality. TFTP uses UDP as its transport protocol, with a simple stop-and-wait acknowledgment system. Because TFTP has an effective window of only one 512-octet segment, its performance cannot match that of FTP.
Page 50: Security Options
3: S HAPTER YSTEM ARAMETERS To configure trusted IP clients from the Administration Console, use the Security Options following options: Display — Shows the IP address and subnet mask of each trusted IP client. Define — Allows you to supply the IP address and subnet mask of a trusted IP client.
Page 51: Important Considerations
Security Consider the following guidelines before you configure trusted IP clients Important Considerations on your system. Configure trusted IP clients in this order: Procedures 1 Define the trusted IP clients. 2 Display the list of configured trusted IP clients to verify that you have configured them correctly.
Page 52: Software Update
If the executable software image that is stored in flash memory is corrupted (for example, if a power failure occurs during the update), contact 3Com Technical Support. You can continue to run the old software after you perform a system software upgrade.
Page 53: Nvdata Operations
nvData Operations nvData Operations All of the system’s configurable parameters are saved in nonvolatile memory. When you work with nonvolatile data (nvData), you can: Save and restore your system configuration for backup. Examine a saved nvData file header. Reset system data to its factory default values, if necessary. Saving nvData When you enter commands to save nvData, the system copies data that is stored in nonvolatile memory to a disk file location that you specify.
Page 54: Restoring Nvdata
3: S HAPTER YSTEM ARAMETERS Use the nvData restore option on the menu to restore a Restoring nvData system nvData previous configuration that you have saved to an external file. Effects and Consequences Consider the following guidelines before you restore nvData: Do not confuse nvData restore with nvData reset.
Page 55: Resetting Nvdata
nvData Operations To reset the system settings back to their factory default values, use the Resetting nvData nvData reset option. Important Considerations Consider these points before you reset nvData on your system: Resetting nvData erases all user-configured data, including all passwords, except the terminalSpeed and modemSpeed baud settings and the system boot parameters.
Page 56: Simple Network Time Protocol (Sntp)
3: S HAPTER YSTEM ARAMETERS Simple Network This section covers: Time Protocol SNTP Overview (SNTP) Implementing SNTP SNTP Overview SNTP is an adaptation of the Network Time Protocol (NTP), which is used to synchronize computer clocks in the global Internet. NTP provides comprehensive mechanisms to access national time and frequency dissemination services, organize the time-synchronization subnetwork, and adjust the local clock in each participating subnetwork peer.
Page 57: Implementing Sntp
Standards, Protocols, and Related Reading The system software provides an SNTP client, which works with Implementing SNTP distributed SNTP time servers to synchronize the system clock to international time standards. The SNTP client operates in unicast mode, which means that the client and server end-system addresses are assigned following the usual IP conventions.
Page 58 3: S HAPTER YSTEM ARAMETERS...
Page 59: Physical Port Numbering
HYSICAL UMBERING ® The CoreBuilder 3500 follows a specific set of rules for assigning physical port numbers. This chapter describes the physical port numbering on the system. It covers the following information: Port Numbering Overview Key Guidelines for Implementation Examples of Port Numbering Effects of Removing a Module Effects of Replacing Modules Port Numbering...
Page 60: Supported Module Types
(GBIC) Ethernet modules, each with 1 port (up to four Gigabit Ethernet ports per system). The 1000BASE GBIC module requires CoreBuilder 3500 system software at release 1.2.0 or higher. Each Gigabit Ethernet module uses a trunk resource, so keep track of your trunk resources (maximum of 4) when you add a Gigabit Ethernet module.
Page 61: Key Guidelines For Implementation
Key Guidelines for Implementation Key Guidelines for To ensure that you understand the port numbering that the system Implementation reports for certain aspects of your configuration (bridging information, trunks, FDDI ports, and VLANs), observe these guidelines when you configure your system: Determine your physical port configuration before you attempt to configure any bridging parameters.
Page 62: Examples Of Port Numbering
4: P HAPTER HYSICAL UMBERING The configuration of trunks or DAS pairs does not change the port numbering scheme shown in displays such as Ethernet statistics displays or bridge port displays. If you have created trunks or FDDI DAS pairs, however, be aware that a group of ports is associated with each trunk or DAS pair.
Page 63: Example 2: Empty Slot In The System
Examples of Port Numbering When you have an empty slot, the port numbering includes no ports for Example 2: Empty Slot in the System that slot. With three Fast Ethernet modules, for example, you have 18 ports, which are numbered according to their position in the system. For example, if the top-right slot is empty (slot 2), the ports are numbered as shown in Figure 7.
Page 64: Example 3: Gigabit Ethernet Module With Other Modules
4: P HAPTER HYSICAL UMBERING When you have a system with one Gigabit Ethernet module and three Example 3: Gigabit Ethernet Module Fast Ethernet modules, port numbering accounts for the single port on with Other Modules the Gigabit Ethernet module, as shown in Figure 8. Figure 8 Port Numbering for a System with a Gigabit Ethernet Module Slot 1 Slot 2...
Page 65: Example 4: Fddi Module With Other Modules
Examples of Port Numbering An FDDI module has six FDDI ports (two rows of three ports). Figure 9 Example 4: FDDI Module with Other shows an FDDI module in slot 1. The top row’s ports are numbered 1 through 3 and the bottom row’s ports are numbered 4 through 6. Slots 2 Modules and 3 have 10/100 Fast Ethernet modules, and Slot 4 has a Gigabit Ethernet module.
Page 66: Effects Of Removing A Module
4: P HAPTER HYSICAL UMBERING Effects of Removing When you remove a module and leave the slot empty, a number of a Module changes occur. Port-Numbering The ports are sequentially renumbered when you remove a module from Changes slot 1, 2, or 3. Removing a module in slot 4 does not cause renumbering, only a loss of those ports.
Page 67: Trunk Changes
Effects of Removing a Module When you remove a module, trunk changes occur as follows: Trunk Changes If you have a trunk that includes ports associated with the removed module, the trunk display shows that the trunk has ports. Missing If you had a trunk on ports 17 through 20 before you removed the Example module in slot 3, the removal of that module causes the trunk to have...
Page 68: Effects Of Replacing Modules
4: P HAPTER HYSICAL UMBERING Effects of Replacing When you remove a module, a number of changes occur, depending on Modules the replacement module. Replacing Modules of If you remove a module that does not have any trunks or DAS ports and the Same Type or replace it with another module that has the same number of ports, the Same Number of...
Page 69 Effects of Replacing Modules VLAN Changes If you replace a six-port module with a Gigabit Ethernet module, the ports are renumbered, and any preexisting VLANs now include the Gigabit Ethernet port only if the VLANs previously included the first port of the six-port module. If a VLAN contained ports 1 through 12 before you replaced the Example 10/100 Ethernet module in slot 1 with a Gigabit Ethernet module, the...
Page 70 4: P HAPTER HYSICAL UMBERING Trunk Changes If you remove a module of a specific type that has trunks and replace it with a module of another type, the new ports do not become part of the trunk. When you define a trunk, the trunk is associated with a specific media type (100 Mb, Gigabit, or FDDI).
Page 71: Ethernet
THERNET This chapter provides guidelines and other key information about how to implement Ethernet ports. The chapter covers these topics: Ethernet Overview Key Concepts Key Guidelines for Implementation Port Enable and Disable (Port State) Port Labels Autonegotiation Port Mode Flow Control PACE Interactive Access Standards, Protocols, and Related Reading You can manage Ethernet port features in either of these ways:...
Page 72: Ethernet Overview
5: E HAPTER THERNET Ethernet Overview Ethernet is a standardized, packet-based network that supports an exponential hierarchy of three line speeds: 10 Mbps — Ethernet 100 Mbps — Fast Ethernet 1000 Mbps — Gigabit Ethernet All speeds of Ethernet are based on the IEEE 802.3 standard protocol called Carrier Sense Multiple Access with Collision Detection (CSMA/CD), which controls network access.
Page 73: Benefits
To end stations — Depending on your application needs and network growth, you can migrate workstation connections from shared 10 Mbps to switched 100 Mbps Fast Ethernet. 3Com’s Ethernet network interface cards (NICs) can automatically sense and configure themselves to an upgraded connection speed.
Page 74: Key Concepts
5: E HAPTER THERNET Key Concepts These concepts are important to implementing Ethernet: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) — The standardized Ethernet protocol that controls device access to the network Collision — When two or more stations attempt to transmit simultaneously Port mode —...
Page 75 Ethernet access and cause delays.) Network areas — 3Com uses a three-tiered framework to describe the functional areas in a LAN: Wiring closet — This area provides connections to user workstations.
Page 76: Ethernet Frame Processing
5: E HAPTER THERNET All frames on an Ethernet network are received promiscuously by an Ethernet Frame Processing Ethernet port. A port can discard frames for either of the following reasons: There is no buffer space available. The frame is in error. Figure 10 shows the order in which frame discard tests are made.
Page 77 Key Concepts Frames also may be delivered directly to an Ethernet port by bridge, router, or management applications. A transmitted frame can be discarded for any of the following reasons: The Ethernet port is disabled. There is no room on the transmit queue. An error occurred during frame transmission.
Page 78: Key Guidelines For Implementation
When you work with trunks, be sure that you understand the port numbering for your system. For port-numbering information on the CoreBuilder 3500, see Chapter 4. For more information about trunking, see Chapter 8.
Page 79: Port Enable And Disable (Port State)
Port Enable and Disable (Port State) Port Enable and You can enable Ethernet ports (place them online) or disable them (place Disable (Port State) them off-line). Important You can use this command to configure the same setting on multiple ports simultaneously. When you specify multiple port numbers, the Considerations system prompts you to choose the setting and then applies it to all of the ports.
Page 80: Autonegotiation
5: E HAPTER THERNET Autonegotiation This feature enables some ports to identify and negotiate speed and duplex mode with a remote device. Important You can use this command to configure the same setting on multiple Considerations ports simultaneously. When you specify multiple port numbers, the system prompts you to choose the setting and then applies it to all of the ports.
Page 81 Autonegotiation 10/100BASE-TX ports — Enabling autonegotiation causes both the port speed and duplex mode attributes to be autonegotiated. 100BASE-FX ports — No autonegotiation of duplex mode occurs. The port speed is fixed at 100 Mbps. The default duplex mode is half-duplex.
Page 82: Port Mode
5: E HAPTER THERNET Port Mode You can change the port speed and duplex mode for the 10/100BASE-TX ports and the duplex mode for 100BASE-FX ports. You cannot change the port speed or duplex mode for Gigabit Ethernet ports. Important You can use this command to configure the same setting on multiple ports simultaneously.
Page 83: Flow Control
Flow Control Flow Control The flow control mode allows a Fast Ethernet or Gigabit Ethernet port to: Decrease the frequency with which it sends packets to a receiving device, if packets are being sent too rapidly. Send flow control packets to a sending device, to request that the device slow its speed of transmission.
Page 84: Pace Interactive Access
5: E HAPTER THERNET PACE Interactive PACE Interactive Access prevents excessive network jitter (variation in the Access timing of packet delivery that can cause garbled sound, jerky images, and delays). PACE technology also improves timing and optimizes LAN bandwidth utilization. You can use this command to configure the same setting on multiple Important Considerations...
Page 85: Media Specifications
GBIC transceivers and conditioned launch cables that 3Com supports. For information about currently supported GBIC specifications and conditioned launch cables, see the 3Com Web site: http://www.3com.com/gigabit_ethernet/gbics Related Reading For information about Ethernet media options, see the CoreBuilder 3500 Getting Started Guide.
Page 86 5: E HAPTER THERNET...
Page 87: Fiber Distributed Data Interface (Fddi)
IBER ISTRIBUTED (FDDI) NTERFACE This chapter provides an overview, key concepts, guidelines, and other key information about how to configure Fiber Distributed Data Interface (FDDI) in your system. This chapter covers these topics: FDDI Overview Key Concepts Key Guidelines for Implementation FDDI Stations FDDI Paths FDDI MACs...
Page 88: Fddi Overview
6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE FDDI Overview Fiber Distributed Data Interface (FDDI) is a standards-based solution that provides fast and reliable data transfer on a local area network (LAN). FDDI technology, which supports data transfer of 100 million bits per second (100 Mbps), was developed by the American National Standards Institute (ANSI).
Page 89: Key Concepts
Key Concepts Key Concepts Before you implement FDDI in your system, review the following FDDI standards, key concepts, and key terms. The industry guideline for FDDI technology is divided into four major Related Standards standards: Physical Medium Dependent (PMD) — Specifies the characteristics of the fiber-optic medium, the connectors that attach stations to the fiber-optic medium, the transmission wavelength, the power requirements for transmitters, and the methods for optically bypassing...
Page 90 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE Figure 12 illustrates the relationship of FDDI entities to the OSI Reference Model. Network attachments communicate with each other using predetermined protocols. The model divides these communication protocols into seven layers, which are defined so that each layer only requires services from the layer below it.
Page 91: Fddi Network Topologies
Key Concepts The term network topology refers to the ways that stations are FDDI Network Topologies interconnected within a network. An FDDI network topology may be viewed at two distinct levels: Physical topology — A network’s physical topology is defined by the arrangement and interconnection of its nodes.
Page 92 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE Physical Topology: A Ring of Trees The FDDI ring consists of dual-attach stations (DASs) and dual-attach connectors (DACs). The DACs on the ring allow you to attach trees. The trees consist of branches of single-attach stations (SASs) and DASs that are star-wired off of the concentrators.
Page 93: Nodes And Attachments
Key Concepts All physical connections in an FDDI topology are duplex links (a pair of insulated fiber-optic conductors). Both the FDDI ring and the ring of trees that are created through concentrators are made up of duplex links. Interconnect the nodes in an FDDI network to form at most one ring. If a topology is legal, when physical connections and nodes fail or are removed from the network, one or more legal FDDI topologies are formed.
Page 94 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE Nodes An FDDI network is made up of logically connected nodes. This generic term is used to refer to any active station or concentrator in an FDDI network. Station — Any addressable node on an FDDI network that can transmit, repeat, and receive information.
Page 95 Key Concepts Node Types Six station and concentrator types are used to describe station configurations and topologies. Table 10 lists these node types and their abbreviations. Table 10 Node Types and Abbreviations Node Type Abbreviation Single MAC-Dual Attachment Station SM-DAS Dual MAC-Dual Attachment Station DM-DAS Single Attachment Station...
Page 96 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE Figure 16 Examples of FDDI Node Types SM-DAS FDDI Duplex dual fiber ding cable DM-DAS = A port = B port = Master port = Slave port...
Page 97: Dual Homing
Key Concepts When the operation of a dual attachment node is crucial to your Dual Homing network, a configuration called dual homing can provide added reliability. Using dual homing you can determine a station’s operation by setting the appropriate configuration policy. You can configure the dual-homed station with both links active or with one link active and one connection withheld as a backup.
Page 98 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE SMT Operation The operation of SMT falls into three broad categories: Physical Connection Management (PCM) — Establishes and maintains point-to-point physical links between neighboring ports. It provides all the signaling necessary to initialize connections, withhold marginal connections, and support maintenance.
Page 99: Primary And Secondary Paths
Key Concepts SMT has six key frame-based protocols: Neighbor Notification — Allows SMT to learn the addresses of the logical neighbors of each MAC in a station. This information is useful in detecting and isolating network faults. Parameter Management — Performs the remote management of station attributes.
Page 100: Ports
6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE MAC Services Some of the services that the MAC performs include: Frame repetition and reception Frame removal Frame validity criteria checking Token capture Token rotation Ring initialization Beacon process MAC services are provided by all conforming stations that are attached to the FDDI network.
Page 101: Key Guidelines For Implementation
Key Guidelines for Implementation Ports at both ends of a physical connection determine the characteristics of that physical connection. The protocols that are executed at each port determine whether the connection is accepted or rejected. A connection is accepted if at least one station’s policy allows such a connection. A connection is rejected if each station has a policy that disallows the connection.
Page 102: Fddi Stations
By default all connections are valid on the system. An M-to-M connection is accepted so that a system port can be connected to another system port. Although an M-to-M connection is illegal within the FDDI standard, the CoreBuilder 3500 system allows this connection.
Page 103 FDDI Stations Table 11 Bit to Set for Rejecting a Station Connection This Connection Is Rejected (System port - Remote If This Bit port) Is Set Connection Rules Undesirable peer connection that creates twisted primary and secondary rings; notify station management (SMT). Normal trunk ring peer connection.
Page 104: Setting Neighbor Notification Timer
6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE The T-notify attribute is a timer that the Neighbor Notification protocol Setting Neighbor Notification Timer uses to indicate the interval of time between the generation of Neighbor Information Frames (NIF). NIF frames allow stations to discover their upstream and downstream neighbors.
Page 105: Setting Tmaxlowerbound
FDDI Paths Effects and Consequences When you set the tvxLowerBound attribute, consider the following: By adjusting the tvxLowerBound value, you specify how quickly the ring recovers from an error. The lower that you set this value, the faster the network reacts to problems, but the ring may reinitialize when there is no problem.
Page 106: Fddi Macs
6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE FDDI MACs You can display MAC statistics and configure the following parameters: MAC FrameErrorThreshold NotCopiedThreshold Logical Link Control (LLC) service Setting the Frame The FrameErrorThreshold attribute determines when the system Error Threshold generates a MAC condition report because too many frame errors have occurred.
Page 107: Enabling And Disabling Llc Service
FDDI Ports The Logical Link Control (LLC) service allows LLC frames to be sent and Enabling and Disabling LLC Service received on the MAC. LLC frames are all data frames that are transmitted on the network. If there is something wrong on your network, turn off data (user) traffic for a MAC by disabling LLC service.
Page 108: Setting Lercutoff
6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE The lerCutoff attribute is the link error rate estimate at which a link Setting lerCutoff connection is disabled. When the lerCutoff value is reached, the PHY that detected a problem is disabled. Effects and Consequences When you set the lerCutoff attribute, consider the following: The lerCutoff value is expressed as an exponent (such as 1 x 10 A healthy network has an LER exponent between 1 x 10...
Page 109: Station Mode (Das And Sas)
A and B ports on the system. DASs, excluding concentrators, may be attached to the dual ring, as shown. CAUTION: 3Com strongly recommends that you connect equipment that can be turned on and off, such as workstations, only through concentrators.
Page 110 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE Figure 18 Sample FDDI Configuration CoreBuilder ® CoreBuilder ® 5000 3500 system system (DAS) FDDI dual ring SAS server CoreBuilder 3500 system SAS server (FDDI link) Duplex CoreBuilder fiber 3500 system cable DAS server CoreBuilder ®...
Page 111: Standards, Protocols, And Related Reading
Standards, Protocols, and Related Reading Standards, This section describes how to obtain more technical information about Protocols, and FDDI. Related Reading Documents called Requests for Comments (RFCs) contain information Requests For Comments (RFCs) about FDDI. Some of the RFCs that pertain to the discussions in this chapter are: RFC 1130 —...
Page 112 6: F (FDDI) HAPTER IBER ISTRIBUTED NTERFACE...
Page 113: Bridge -Wide And Bridge Port Parameters
RIDGE IDE AND RIDGE ARAMETERS This chapter provides an overview of bridging concepts and the Spanning Tree Protocol and describes the bridging options and guidelines for your system. The chapter covers these topics: Bridging Overview Key Bridging Concepts How the Spanning Tree Protocol Works Key Guidelines for Implementation STP Bridge and Port Parameters Frame Processing...
Page 114: Bridging Overview
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Bridging Overview A bridge interconnects two or more LANs and allows them to communicate as if they were one LAN. Bridges make forwarding decisions based on the information that the frames contain, and forward the frames toward the destination.
Page 115: Features
Bridging Overview Your system supports several features that are closely related to the Features bridging process and are therefore categorized under on the bridge system interface. The following bridging topics are covered in this chapter: Spanning Tree Protocol (STP) — You can configure bridge-wide and bridge port settings to calculate a network topology that reflects a single, loop-free path between any two devices.
Page 116: Key Bridging Concepts
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Key Bridging Before you configure bridge-wide or bridge port parameters, review the Concepts following key concepts. Learning Addresses Bridges learn addresses so that they can determine which packets to forward from one bridge port to another. A bridge learns addresses by processing the network traffic that it receives.
Page 117: Spanning Tree Protocol
Key Bridging Concepts The bridge compares the destination address to the addresses in the address table and does one of the following: If the destination address is known to the bridge, the bridge identifies the port on which the destination address is located. If the destination bridge port is different from the bridge port on which the packet was received, the bridge forwards the packet to the destination bridge port.
Page 118 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS For more detailed information about Spanning Tree, see “How the Spanning Tree Protocol Works” later in this chapter. Figure 19 STP Blocks Redundant Links Transmitting station LAN 1 Bridge A Bridge B Bridge C BLOCKED BLOCKED...
Page 119: How The Spanning Tree Protocol Works
How the Spanning Tree Protocol Works How the Spanning Using the Spanning Tree Protocol (STP), bridges transmit messages to Tree Protocol Works each other that allow them to calculate the Spanning Tree topology. These messages are special packets called Configuration Bridge Protocol Data Units (CBPDUs), or configuration messages.
Page 120 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Figure 20 Hierarchy of the Root Bridge and the Designated Bridge Root bridge To designated port Designated bridge To root port To designated port Bridge To root port Actions That Result from CBPDU Information From the information that the CBPDUs provide: Bridges elect a single bridge to be the root bridge.
Page 121 How the Spanning Tree Protocol Works Figure 21 shows a bridged network with its STP elements. Figure 21 STP Root and Designated Bridges and Ports Designated bridge for LAN 3 Bridge LAN 3 LAN 1 Bridge Designated bridge for LAN 4 LANs 1, 2, and 4 Root bridge LAN 2...
Page 122 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Contents of CBPDUs Bridges use information in CBPDU to calculate a STP topology. The content of a CBPDU includes: Root ID — The identification number of the root bridge. Cost — The cost of the least-cost path to the root from the transmitting bridge.
Page 123: How A Single Bridge Interprets Cbpdus
How the Spanning Tree Protocol Works Example 2. Root ID is the same for Message 1 and Message 2, but cost is lower in Message 1. The bridge saves Message 1. Message 1 Message 2 root ID cost transmitter root ID cost transmitter Example 3.
Page 124: How Multiple Bridges Interpret Cbpdus
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS 3 From the messages that are received, the bridge identifies the root bridge. For example, if the bridge receives a CPBDU with the contents 52.0.52, then it assumes that the bridge with ID 52 is the root (because 52 is smaller than 85).
Page 125 How the Spanning Tree Protocol Works Figure 22 Starting the Spanning Tree Calculation LAN 1 Bridge A Bridge B LAN 5 12.0.12 10.0.10 LAN 2 Bridge E Bridge D Bridge C 35.0.35 LAN 6 20.0.20 29.0.29 LAN 3 Bridge F 81.0.81 LAN 4 XX.X.XX = CBPDU...
Page 126 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Figure 23 Spanning Tree Topology Calculated LAN 1 Root bridge Bridge A Bridge B LAN 5 10.11.12 10.0.10 LAN 2 Bridge E Bridge C Bridge D 10.11.35 LAN 6 10.11.20 10.11.29 LAN 3 Bridge F (R) = Root port (D) = Designated port...
Page 127 How the Spanning Tree Protocol Works Determining the Root Bridge The root ID portion of the CBPDU determines which bridge actually becomes the root bridge. In Figure 22, notice how each bridge assumes itself to be the root and transmits a CBPDU that contains its own bridge ID as both the root ID and the transmitting bridge ID, and zero as the cost.
Page 128 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS For example, Bridge B, the root bridge in Figure 23, is also the designated bridge for LANs 1, 2, and 5. A designated bridge must be determined for LANs 3, 4, and 6: Because Bridges C, D, and F are all attached to LAN 3, one of them must be the designated bridge for that LAN: The algorithm first compares the root ID of these bridges, which is...
Page 129: Spanning Tree Port States
How the Spanning Tree Protocol Works Because STP determines the network configuration or adjusts it, Spanning Tree Port States depending on events that occur, it places bridge ports in one of the following states at all times: listening, learning, forwarding, blocking, or disabled.
Page 130 7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Figure 24 illustrates the factors that cause a port to change from one state to another. The arrows indicate the direction of movement between states. The numbers correspond to the factors that affect the transition. Figure 24 Factors in Spanning Tree Port State Transitions Disabled Blocking...
Page 131: Reconfiguring The Bridged Network Topology
How the Spanning Tree Protocol Works STP reconfigures the bridged network topology when any of the Reconfiguring the Bridged Network following events occur: Topology Bridges are added or removed. The root bridge fails. You change any of the bridging parameters that influence the topology decision.
Page 132: Key Guidelines For Implementation
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Key Guidelines for Consider the following guidelines when you configure bridge-wide and Implementation bridge port parameters on your system: When you disable bridge-wide STP, the bridge cannot participate in the algorithms for loop detection. Table 13 describes the forwarding behavior of a port based on its bridge and port STP states: Table 13 Port Forwarding Behavior Depends on Bridge and Port STP States...
Page 133 Key Guidelines for Implementation If you want to specify a multicast limit for a trunk, be sure to apply it to the trunk’s anchor port (lowest-numbered port) only. However, be aware that the multicast limit applies to each link in the trunk (that is, it is not an aggregate).
Page 134: Stp Bridge And Port Parameters
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS STP Bridge and Port On a bridge-wide basis, you can enable or disable the Spanning Tree Parameters Protocol (STP) and set STP bridge parameters. On a bridge-port basis, you can enable, disable, or remove STP and set STP bridge port parameters. Administering You can set the following STP bridge-wide parameters: Bridge-wide STP...
Page 135 STP Bridge and Port Parameters Bridge forward delay — The forward delay value specifies the amount of time that a bridge spends in each of the listening and the learning states. This value temporarily prevents a bridge from starting to forward data packets to and from a link until news of a topology change has spread to all parts of a bridged network.
Page 136: Administering Stp Parameters On Bridge Ports
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS You can enable, disable, or remove the Spanning Tree Protocol for one or Administering STP Parameters more ports on the system. This setting affects the operation of a port only on Bridge Ports if the STP is enabled for the bridge.
Page 137: Frame Processing
Frame Processing Frame Processing All frames that are received on a physical interface and not explicitly directed to the system or discarded are delivered to the corresponding bridge port. The bridge port either forwards each frame to another bridge port or discards it. The system can discard an incoming frame for the following reasons: The destination station is on the same segment as the source station.
Page 138: Mac Address Table
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS MAC Address Table The system includes several options for managing MAC addresses on bridge ports. The system recognizes two different kinds of addresses: Static MAC addresses — Addresses that you manually add to the bridge address table using menu options.
Page 139: Ip Fragmentation
IP Fragmentation A statically configured address is never aged and it cannot be learned dynamically on a different port until it is removed from the port on which it is configured. The number of static MAC addresses that you can configure depends on the availability of system resources.
Page 140: Broadcast And Multicast Limit For Bridge Ports
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS Broadcast and You can assign a rate limit to any bridge port in the system to control the Multicast Limit for per-second forwarding rate of incoming multicast and broadcast packets. Bridge Ports If the limit is reached, all remaining multicast and broadcast packets that are received in that second of time are dropped.
Page 141: Garp Vlan Registration Protocol (Gvrp)
GARP VLAN Registration Protocol (GVRP) GARP VLAN To activate GVRP on the system, you enable the GARP VLAN Registration Registration Protocol (GVRP) first on the bridge and then on individual bridge ports. Protocol (GVRP) On a port-by-port basis, GVRP allows the system to automatically learn the presence of and updates to 802.1Q VLANs.
Page 142: Standards, Protocols, And Related Reading
7: B HAPTER RIDGE IDE AND RIDGE ARAMETERS GVRP manages the active topology, not nontopological data such as VLAN protocols. If a local bridge needs to classify and analyze packets by VLAN protocols, you must manually configure protocol-based VLANs and simply rely on GVRP to send VLAN ID updates. But if the local bridge needs to know only how to reach a given VLAN, then GVRP provides all necessary information.
Page 143: Trunking
RUNKING This chapter provides guidelines, limitations, and other important information about how to implement the trunking function for CoreBuilder ® 3500 systems. This chapter covers the following topics: Trunking Overview Key Concepts Key Guidelines for Implementation Defining Trunks Modifying Trunks Removing Trunks Standards, Protocols, and Related Reading You can manage trunking in either of these ways:...
Page 144: Trunking Overview
Individual links ® CoreBuilder 3500 CoreBuilder 3500 The system treats trunked ports in the same way that it treats individual ports. Also, all higher-level network functions — including Spanning Tree algorithms, VLANs, and Simple Network Management Protocol (SNMP) management — do not distinguish a trunk from any other network port.
Page 145: Key Concepts
Key Concepts Trunks also enhance network availability, because the Trunk Control Message Protocol (TCMP) detects and handles physical configuration errors in the point-to-point configuration. The system automatically distributes traffic across the ports that are associated with the trunk. If any of the trunk’s ports go down or up, the system automatically redistributes traffic across the new arrangement of operational ports.
Page 146: Trunk Control Message Protocol (Tcmp)
8: T HAPTER RUNKING It is important to understand the relationships between Ethernet, bridge, and VLAN port-related information: Ethernet port information — Each physical port is always listed individually, regardless of whether it is part of a trunk. Bridge port information — This information uses the concept of bridge ports.
Page 147: Key Guidelines For Implementation
But if you use trunking extensively between wiring closets and data centers, the large number of connections involved and their distributed nature may make their management and troubleshooting difficult. 3Com recommends that you apply trunking only within data center and campus interconnect areas.
Page 148: Trunk Capacity Guidelines
Switch-to-server connections in the data center and campus interconnect areas Downlinks from the data center to the campus interconnect The trunking feature in 3Com switches is currently a proprietary implementation. No de facto standards currently exist. Trunk Capacity The device-to-device burst-transmission rate across a trunk is limited Guidelines to the speed of just one of the port-to-port links within the trunk.
Page 149 Key Guidelines for Implementation A trunked Fast Ethernet pipeline may seem to offer comparable bandwidth to a single Gigabit Ethernet link, and trunked Fast Ethernet may seem like a good way to buy some time before you upgrade connections to Gigabit Ethernet. Table 14 shows that given a choice, trunking Fast Ethernet may not be a cost-effective strategy.
Page 150: Defining Trunks
FDDI station mode [dual attach station (DAS) or single attach station (SAS)]. Trunk names can be no longer than 32 characters. 3Com recommends that the TCMP state be . But devices can enabled operate without TCMP. When TCMP is not in effect on a point-to-point link, its configuration validation is simply absent.
Page 151 Defining Trunks When you create a VLAN that includes ports that are part of a trunk, specify the anchor port (lowest-numbered port) that is associated with the trunk. For example, if ports 1 through 3 are associated with a trunk, specifying port 1 defines the VLAN to include all of the physical ports in the trunk.
Page 152: Modifying Trunks
8: T HAPTER RUNKING Modifying Trunks You can modify a trunk in two ways: You can modify a trunk’s characteristics (for example, the operating mode or the TCMP state). You can add or remove a port from the trunk. Important You must keep at least one port that you defined in the original trunk.
Page 153: Removing Trunks
Removing Trunks You cannot change some port characteristics within a trunk. For example, in an FDDI trunk, you cannot change a trunked DAS port to a SAS port. Here is an example of how to change the FDDI station mode of a trunk: a Remove the desired trunk.
Page 154: Standards, Protocols, And Related Reading
IEEE 802.3u — 100BASE-T Fast Ethernet over UTP or fiber IEEE 802.3z — 1000BASE-SX Gigabit Ethernet over multimode fiber and 1000BASE-LX Gigabit Ethernet over multimode or singlemode fiber 3Com trunking technology interoperates with similar technology from other vendors, including Sun Microsystems and Cisco Systems.
Page 155: Virtual Lans
IRTUAL This chapter provides guidelines and other key information about how to use virtual LANs (VLANs) on your system. This chapter covers the following topics: VLAN Overview Key Concepts Key Guidelines for Implementation VLAN allOpen or allClosed Mode Ignore STP Mode Port-based VLANs The Default VLAN Static Port-based VLANs...
Page 156: Vlan Overview
9: V HAPTER IRTUAL VLAN Overview A virtual LAN (VLAN) is a logical grouping that allows end users to communicate as if they were physically connected to a single LAN, independent of the physical configuration of the network. A VLAN is generally considered equivalent to a Layer 2 broadcast domain or a Layer 3 network.
Page 157: Benefits
VLAN Overview VLANs provide a high-performance and easy-to-implement alternative to routers for broadcast containment. Using switches with VLANs: Each network segment can contain as few as one user (approaching private port LAN switching), while broadcast domains can be as large as 1,000 users or even more.
Page 158: Features
9: V HAPTER IRTUAL Your system supports the following VLAN features: Features Settable modes — For the entire system, you can establish a less-restrictive VLAN environment with allOpen mode or a more secure VLAN environment with allClosed mode. Using allClosed mode also enables you to use another VLAN feature called Ignore STP mode.
Page 159: Key Concepts
Key Concepts You can either configure network-based IP VLANs (IP VLANs with unique Layer 3 IP addresses) or you can define a single VLAN with the protocol type IP and then define multiple IP routing interfaces for that single IP VLAN. See Chapter 11 for more information about defining VLAN-based routing interfaces.
Page 160: Vlan Ids
VLAN ID Number Description VID 1 Reserved for the default VLAN assigned by IEEE and 3Com Corporation VID 4095 Reserved VID 2–4094 Numbers that you assign when you create VLANs If you rely on dynamic configuration to create a port-based VLAN based on GVRP updates, the VID is the unique IEEE 802.1Q VID.
Page 161: Terminology
Key Concepts The following terms apply to VLANs: Terminology Default VLAN — The predefined port-based VLAN interface on your system that always uses VID 1, the protocol type unspecified, and the name Default. The default VLAN also initially includes all of the bridge ports without any tagging, but you can modify the bridge ports and tag status of the default VLAN.
Page 162 9: V HAPTER IRTUAL Protocol suite — The protocol family that is associated with a protocol-based VLAN. Protocol-based VLANs can be associated with one or more protocol suites. The protocol suite is unspecified for the default VLAN and all port-based VLANs. Layer 3 address —...
Page 163: Key Guidelines For Implementation
Key Guidelines for Implementation Key Guidelines for This section provides a series of guidelines to consider when you use Implementation VLANs. The guidelines are organized as follows: Network-based VLANs vs. multiple interfaces per VLAN VLANs created by router port IP interfaces Number of VLANs General guidelines You can either configure network-based IP VLANs (IP VLANs with unique...
Page 164: Vlans Created By Router Port Ip Interfaces
9: V HAPTER IRTUAL By default, your system uses a routing over bridging model, in which any VLANs Created by Router Port IP frame is bridged before it is potentially routed. If you want to define IP Interfaces routing interfaces that use a routing versus bridging model, however, you can bypass your static VLAN configuration and instead go directly to defining an IP interface on a single router port (a router port IP interface).
Page 165: Number Of Vlans
Key Guidelines for Implementation Your system supports a maximum of 64 VLANs based on a physical limit Number of VLANs of 125 VLAN table entries. To determine the number of VLANs of any type that you can have on the system, use the following equation: Number of VLANs supported = (125 divided by the number of protocol suites) minus 3 Important Considerations...
Page 166 9: V HAPTER IRTUAL VLAN Equation Examples You have 7 protocol suites on the system (IP, AppleTalk, unspecified for Example 1 the default VLAN, and generic IPX, which counts as 4 protocol suites): (125 / 7) – 3 = 14 In this configuration, the system supports a minimum of 14 VLANs.
Page 167: General Guidelines
Key Guidelines for Implementation The VLAN mode of allOpen or allClosed applies to all VLANs General Guidelines associated with the system (static, dynamic, or router port). Configure the VLAN mode before you define any static VLANs. (As part of the configuration procedures for a router port IP interface, you must place the system in allClosed mode;...
Page 168 9: V HAPTER IRTUAL To establish routing between static VLANs and configure a VLAN interface to support one or more routing protocols, configure the VLAN for the protocols before you configure a routing interface. For protocols other than IP, the system does not define the routing interface for a protocol if a VLAN for that protocol does not exist.
Page 169: Vlan Allopen Or Allclosed Mode
You can select allOpen or allClosed as the VLAN mode for your entire allClosed Mode system. The default is allOpen. 3Com’s use of the term “allOpen” is equivalent to the IEEE Standard 802.1Q term “Shared VLAN Learning” (SVL). The term “allClosed” is equivalent to the IEEE 802.1Q term “Independent VLAN Learning” (IVL).
Page 170: Modifying The Vlan Mode
9: V HAPTER IRTUAL If you are using allClosed mode and STP on the system (with multiple routes to a destination), you can also specify a mode called Ignore STP mode to disable STP blocking for a specified static VLAN. (Although each VLAN has its own address table, there can be only one instance of STP on the system.) See “Ignore STP Mode”...
Page 171: Mode Requirements
VLAN allOpen or allClosed Mode Table 16 shows the requirements for defining static VLANs in allOpen and Mode Requirements allClosed mode. Table 16 Mode Requirements for Static VLANs Type of Static VLAN Requirements Port-based For nonoverlapped port-based VLANs: Protocol type: unspecified Separate member ports.
Page 172: Ignore Stp Mode
9: V HAPTER IRTUAL Ignore STP Mode When you use allClosed VLAN mode on your system, you can enable the system to ignore the Spanning Tree Protocol (STP) mode on a per-VLAN basis, that is, to ignore STP blocked ports for static protocol-based VLANs associated with routing interfaces.
Page 173 Ignore STP Mode Figure 27 shows two paths available if a workstation associated with Example of Ignore STP Mode IP VLAN E wants to communicate with a server associated with IP VLAN D. STP blocks the routed as well as bridged traffic for the one path unless you enable Ignore STP Mode for the routed IP VLANs.
Page 174: Vlan Aware Mode
9: V HAPTER IRTUAL VLAN aware mode accommodates the difference in VLAN resource usage VLAN Aware Mode as well as tagged-frame ingress rules between Release 1.2 and Release 3.0 of the system software. For more information on ingress rules, see “Rules of VLAN Operation” later in this chapter. (The Release 1.2 ingress rules in allOpen mode mandated that incoming tagged frames assigned to one of the configured VLANs if the VID of the frame matched that of the VLAN and if a port in that VLAN were tagged.)
Page 175: Port-Based Vlans
Port-based VLANs In this situation, the system removes all bridge ports from the VLAN that it could not restore from nonvolatile (NV) data, although it does maintain the previously stored NV data. To restore your VLANs after you see the resource error message, use the option bridge vlan vlanAwareMode...
Page 176 9: V HAPTER IRTUAL The default VLAN is the flood domain in either of these cases: The system receives data for a protocol that is not supported by any VLAN in the system. The system receives data for a protocol that is supported by defined VLANs, but these VLANs do not contain the port receiving the data.
Page 177 Trunking and the Default VLAN Another benefit of maintaining the default VLAN (with any number of ports) involves trunking. 3Com strongly recommends that you define your trunks before you define your VLANs. Trunking actions affect the default VLAN in the following ways:...
Page 178: Static Port-Based Vlans
9: V HAPTER IRTUAL If you remove the default VLAN, the system has nowhere to return ports Trunking with the default VLAN altered by trunking, as discussed in these examples: removed If you have VLANs (but no default VLAN) and you then define a trunk for ports in one of the VLANs, those ports are removed from that VLAN and are not assigned to any other VLAN.
Page 179 Port-based VLANs If you define FDDI DAS ports, select the lowest-numbered port in the DAS pair when you define the ports in the VLAN. The higher-numbered port in the DAS pair is not selectable. See Chapter 6. Decide whether you want the ports that you are specifying for the VLAN interface to be shared by any other VLAN interface on the system.
Page 180 9: V HAPTER IRTUAL This situation causes different behavior for allOpen versus allClosed VLANs. For example, for allClosed VLANs, if a frame is received on a port in unspecA with a destination address that is known in the address table of unspecB, the frame is flooded throughout unspecA because it has an unknown address for unspecA.
Page 181 Port-based VLANs Table 17 shows the information that can be used to configure these VLANs without overlapped ports on Device 1 (the device on the left): Table 17 Port-based VLAN Definitions Without Overlapped Ports for Device 1 unspecA unspecB VLAN Index 2 VLAN Index 3 VID 10 VID 15...
Page 182: Dynamic Port-Based Vlans Using Gvrp
9: V HAPTER IRTUAL Table 18 shows the information that you use to configure these VLANs with overlapped ports on Device 1: Table 18 Port-based VLAN Definitions with Overlapped Ports for Device 1 unspecA unspecB VLAN Index 2 VLAN Index 3 VID 20 VID 30 Bridge ports 1-4...
Page 183 GVRP). When GVRP is disabled, the VLAN origin is either static (traditional static VLAN without GVRP) or router (router port). In a GVRP environment, devices must be GVRP-enabled (that is, support GVRP). These devices may be end stations with 3Com’s DynamicAccess ®...
Page 184 9: V HAPTER IRTUAL The VLAN topologies that GVRP learns are treated differently from VLANs that are statically configured. GVRP’s dynamic updates are not saved in NVRAM, while static updates are saved in NVRAM. When GVRP is disabled, the system deletes all VLAN interfaces that were learned through GVRP and leaves unchanged all VLANs that were configured through the Administration Console, SNMP, or the Web Management software.
Page 185 Port-based VLANs Example: GVRP Figure 30 shows how a GVRP update (with the VID) sent from one end station is propagated throughout the network. Figure 30 Sample Configuration Using GVRP LAN 1 LAN 2 Station sending update with VID D = Declaration of Attribute R = Registration of Attribute...
Page 186: Protocol-Based Vlans
9: V HAPTER IRTUAL Protocol-based Protocol-based VLANs enable you to use protocol type and bridge ports VLANs as the distinguishing characteristics for your VLANs. When you select a protocol such as IP, you do so based on the guidelines in this section. Important Before you create this type of VLAN interface, review these guidelines: Considerations...
Page 187: Selecting A Protocol Suite
Protocol-based VLANs The protocol suite describes which protocol entities can comprise a Selecting a Protocol Suite protocol-based VLAN. For example, the system’s VLANs support the IP protocol suite, which has three protocol entities (IP, ARP, and RARP). Table 19 lists the protocol suites that the system supports, as well as the number of protocols that are associated with each protocol suite.
Page 188 9: V HAPTER IRTUAL The system imposes two important limits regarding the number of VLANs and the number of protocols: Number of VLANs supported on the system — To determine the minimum number of VLANs that the system can support, use the equation described in “Number of VLANs”...
Page 189: Establishing Routing Between Vlans
Protocol-based VLANs Table 20 shows the information that can be used to configure these VLANs on Device 1 (the device on the left): Table 20 Sample Protocol-based VLAN Definitions IP-1 VLAN IP-2 VLAN IPX-1 VLAN VLAN Index 2 VLAN Index 3 VLAN Index 4 VID 12 VID 13...
Page 190 9: V HAPTER IRTUAL Important Considerations To create an IP interface that can route through a static VLAN, you must: 1 Create a protocol-based IP VLAN for a group of bridge ports. If the VLAN overlaps with another VLAN at all, define it in accordance with the requirements of your VLAN mode.
Page 191 Protocol-based VLANs Example: Protocol-based VLANs for Routing Figure 32 shows a VLAN configuration that contains three IP VLANs without overlapped ports. Figure 32 Sample VLAN Routing Configuration VID 7, IP VLAN 1 Device 1 VID 8, IP VLAN 2 (Gigabit Ethernet) Device 2 VID 9, IP VLAN 3 Table 21 shows the information that is used to configure these routing...
Page 192: Network-Based Ip Vlans
9: V HAPTER IRTUAL Network-based IP For IP VLANs only, you can configure network-layer subnet addresses. VLANs With this additional Layer 3 information, you can create multiple independent IP VLANs with the same bridge ports. Untagged frames are assigned to a network-based VLAN according to both the protocol (IP) and the Layer 3 information in the IP header.
Page 193: Example Of Network-Based Vlans
Network-based IP VLANs You can define only one IP routing interface for a network-based VLAN. When you define an IP routing interface with the interface type vlan, the system does not allow you to select a network-based IP VLAN that already has a routing interface defined for it. For more information about IP routing interfaces, see Chapter 11.
Page 194 9: V HAPTER IRTUAL Figure 33 Network-based VLANs with Overlapped Ports VID 22, IP VLAN2 ports 7,8 =100Mb trunk 158.101.112.0 VID 33, IP VLAN3 158.101.113.0 Device 1 Device 2 VLAN1 VLAN4 Table 22 shows the information that can be used to configure the two overlapped IP VLANs on Device 1: Table 22 Network-based IP VLAN Definitions with Overlapped Ports IP VLAN2...
Page 195: Rules Of Vlan Operation
VLAN. This VLAN has no ports and has no address table (in allClosed mode). The CoreBuilder 3500 Release 3.0 ingress rules are classified according to the tag status of the frame and the VLAN mode (allOpen for open VLANs or allClosed for closed VLANs).
Page 196 9: V HAPTER IRTUAL The flow chart in Figure 34 shows the VLAN ingress rules for the system at Release 3.0. Figure 34 Flow Chart for 3.0 Ingress Rules Incoming Frame Yes (Frame tagged with a VID) Frame tagged? Receive port is Receive port is in aVLAN that untagged in a...
Page 197 Rules of VLAN Operation The ingress rules for tagged frames vary for the various system releases. Table 23 summarizes the differences. Table 23 Ingress Rules for IEEE 802.1Q Tagged Frames Based on VLAN Mode and Software Release Number Action Without VLAN Mode Release 1.2 Release 2.0 Release 3.0...
Page 198: Egress Rules
9: V HAPTER IRTUAL These rules determine whether the outgoing frame is forwarded, filtered Egress Rules (dropped), or flooded; they also determine the frame’s tag status. Although the same standard bridging rules apply to both open and closed VLANs, they result in different behavior depending on the allOpen mode (one address table for the system) versus allClosed mode (one address table for each VLAN).
Page 199 Rules of VLAN Operation Tag Status Rules After the VLAN and the transmit ports are determined for the frame, the Tag Status rules determine whether the frame is transmitted with an IEEE 802.1Q tag. Priority tagged frames for QoS use the same frame format as IEEE 802.1Q tagging but with a VID of 0.
Page 200: Examples Of Flooding And Forwarding Decisions
9: V HAPTER IRTUAL This section provides several examples of flooding and forwarding Examples of Flooding and Forwarding decisions. Decisions Example 1: Flooding Decisions for Protocol-based VLANs Table 24 shows how flooding decisions are made according to three VLANs that are set up by protocol (assuming a 12-port configuration). In this example, ports and frames are untagged and the destination address is unknown, multicast, or broadcast.
Page 201 Rules of VLAN Operation Example 2: VLAN Exception Flooding If an untagged frame arrives on an untagged bridge port that belongs to a VLAN that matches the protocol type of the incoming frame, the frame is assigned to the matching VLAN. The default VLAN (if it exists) provides the match and defines the flooding domain for the data when other VLANs that match the frame’s protocol type are defined in the system but not on the receive port.
Page 202: Rules For Network-Based (Layer 3) Vlans
9: V HAPTER IRTUAL Whenever an IP VLAN is defined with Layer 3 information, another VLAN, Rules for Network-based called the All IP Subnets VLAN, is defined over the same ports. (Layer 3) VLANs Information about this VLAN is not available to the network administrator.
Page 203 Rules of VLAN Operation Example 3: Decisions for One Network-Based VLAN Table 26 shows the information for one network-based IP VLAN and how forwarding and flooding decisions are made for this VLAN. Table 26 One Network-based VLAN and Forwarding and Flooding Decisions Index VLAN Name Ports...
Page 204 9: V HAPTER IRTUAL Example 4: Forwarding and Flooding for Network-Based VLANs Table 27 shows the information for network-based IP VLANs and how forwarding and flooding decisions are made according to these VLANs. In the following example, the system is in allOpen mode and the incoming frame is untagged.
Page 205 Rules of VLAN Operation Untagged frame received on Port 1 Frame is Frame (Protocol 0x0800) Assigned to the IP_100 VLAN IP destination address (DA) Transmitted on port 6 untagged 158.101.100.1 MAC DA is known on port 6 IP Frame (Protocol 0x0800) Assigned to the IP_101 VLAN IP DA = 158.101.101.1 Transmitted on port 6, tagged with a VID...
Page 206: Modifying And Removing Vlans
9: V HAPTER IRTUAL Modifying and You can modify or remove any VLANs on your system. Review the Removing VLANs following guidelines before you modify or remove VLANs: When you modify VLAN information for a VLAN interface other than the Default VLAN on your system, you have the option to change VLAN characteristics such as the VID, member bridge ports, protocol type, and form of explicit tagging.
Page 207: Monitoring Vlan Statistics
Monitoring VLAN Statistics Monitoring VLAN When you display VLAN statistics, the system-generated statistics are Statistics valid only under these conditions: When the VLANs are defined for the same protocol type (or the type unspecified) and do not have any overlapping ports (for example, an IP VLAN1 with ports 1 –...
Page 208 9: V HAPTER IRTUAL...
Page 209: Packet Filtering
ACKET ILTERING This chapter describes what packet filters are, how to create them, and how to use system utilities to apply them to ports of your CoreBuilder ® 3500 system. The chapter covers these topics: Packet Filtering Overview Key Concepts Important Considerations Managing Packet Filters Tools for Writing Filters...
Page 210: Packet Filtering Overview
10: P HAPTER ACKET ILTERING Packet Filtering The packet filtering feature allows a switch to make a permit-or-deny Overview decision for each packet based on the packet contents. Use packet filters to control traffic on your network segments to: Improve LAN performance. Implement LAN security controls.
Page 211: When Is A Filter Applied? - Paths
Packet Filtering Overview You must filter on the input packet type. For example, if you write a filter that you intend to assign to the transmit path of an Ethernet port, it will not be sufficient to compose a filter that only filters Ethernet traffic. This is because the filtering function is applied before the conversion to Ethernet format.
Page 212: Path Assignment
10: P HAPTER ACKET ILTERING After you create a packet filter, you can assign it to any combination of Path Assignment transmit all transmit multicast receive all receive , and paths of each port. The filter multicast receive internal executes a series of operations on the packet’s contents and, if the result is 0, it stops (filters) the packet.
Page 213: Key Concepts
Standard Filters — Packet filters that are supplied with the CoreBuilder 3500 that the hardware executes at wire speed. You can load them from the Administration Console, or select them from the set of predefined filters with the Filter Builder application. (Filter Builder is part of the Web Management suite of applications.
Page 214: Custom Packet Filters
10: P HAPTER ACKET ILTERING Placing a filter on the receive path confines the packet to the segment that it originated from if it does not meet the forwarding criteria. Placing a filter on the transmit path prohibits a packet from accessing certain segments unless it meets the forwarding criteria.
Page 215: Important Considerations
Important Considerations Important After you create a packet filter, you must: Considerations Assign the filter to the applicable ports Assign the filter to the applicable transmit and receive paths Define port groups, if needed If you assign standard (hardware) filters on the receive multicast and transmit multicast paths, they will be executed in software which can slow the switch substantially.
Page 216 10: P HAPTER ACKET ILTERING Deleting packet filters — Deleting a packet filter removes the filter from the system. A filter cannot be deleted if it is assigned. You must unassign the filter from any ports before you can delete the filter. Use command.
Page 217: Tools For Writing Filters
Tools for Writing Filters Tools for Writing The following tools can be used to create packet filters. Filters ASCII Text Editor Built-in Line Editor Web Management Filter Builder Tool ASCII Text Editor You can create a new custom packet filter using an ASCII-based text editor (such as EMACS, vi, or Notepad).
Page 218 10: P HAPTER ACKET ILTERING Table 29 Commands for the Built-In Packet Filter Editor Command Keys Description List buffer Ctrl+l Displays each of the lines in the editing buffer, and then redisplays the line currently being edited. Next Line Ctrl+n Moves cursor to start of next line.
Page 219: Web Management Filter Builder Tool
Tools for Writing Filters Filter Builder is part of the Web Management tool suite. You can use Filter Web Management Filter Builder Tool Builder to: Download one of the predefined standard hardware or custom software filters to your switch. Create your own custom filters and then download them to your switch.
Page 220 10: P HAPTER ACKET ILTERING Filter Builder includes 10 predefined filters, which are displayed on the Filter screen. Table 30 lists the filters by name, what each does, and whether the filter operates in the software or the hardware. Table 30 Predefined Filter Builder Packet Filters Filter Name Type Filtering Function...
Page 221: Downloading Custom Packet Filters
The Load Filter panel is displayed. These items are checked: Use TFTP and Include the full file path. Leave them checked. 4 Type the IP address of the CoreBuilder 3500 to which you want to download the filter. 5 Always leave Slot at its default value, which is 1.
Page 222: Download An Ascii File
The filter file must be placed in a directory that either you or the CoreBuilder 3500 has permission to access. TFTP and FTP use different permission mechanisms. TFTP grants all outside systems permission to access files in its defined home directory.
Page 223 Downloading Custom Packet Filters 4 You are prompted in turn to supply: The IP address of the remote system where the file is. The full pathname to the file. At this point, TFTP simply transfers the file. FTP prompts for the: Remote system username.
Page 224: The Packet Filtering Language
10: P HAPTER ACKET ILTERING The Packet Filtering You define packet filters using a stack-oriented language, which uses a Language LIFO (last in, first out) queue when the packet filter is running. The program places values (called operands) on the stack and tests them with various logical expressions (called operators), such as and, or, equal, and not equal.
Page 225: Procedure For Writing A Custom Filter
The Packet Filtering Language This section describes the process of writing a packet filter. Detailed Procedure for Writing a Custom Filter examples are provided in “Long Custom Filter Example” later in this chapter. You write the instructions for the packet filter using the following syntax: <opcode>[.<size>] [<operand>...] [# <comment>] The opcode descriptions are in “Packet Filter Opcodes”...
Page 226 10: P HAPTER ACKET ILTERING Table 31 describes the instructions and stacks of a packet filter. Table 31 Packet Filter Instructions and Stacks — Descriptions and Guidelines Element Descriptions and Guidelines Instructions Each instruction in a packet filter definition must be on a separate line in the packet filter definition file.
Page 227 The Packet Filtering Language The Ethernet and FDDI packet fields in Figure 35 are used as operands in the packet filter. The two simplest operands are described in Table 32. Table 32 Two Packet Filter Operands Operand Description Opcode packet field A field in the packet that can reside at any offset.
Page 228: Packet Filter Opcodes
10: P HAPTER ACKET ILTERING Opcodes are instructions used in packet filter definitions. The available Packet Filter Opcodes opcodes are described in Table 33. Table 33 Packet Filtering Opcodes Memory Opcode Requirements Description name “<name>” 2 + n bytes, Assigns a user-defined <name> to the packet filter. where n is the length The name may be any sequence of ASCII characters of the <name>...
Page 229 The Packet Filtering Language Table 33 Packet Filtering Opcodes (continued) Memory Opcode Requirements Description pushTop 1 byte Pushes the current top of the stack onto the stack (that is, it reads the top of the stack and pushes the value onto the stack, which effectively duplicates the item currently on top of the stack).
Page 230 10: P HAPTER ACKET ILTERING Table 33 Packet Filtering Opcodes (continued) Memory Opcode Requirements Description pushSPGM 1 byte Pushes the source port group mask (SPGM) onto the top of the stack. The SPGM is a bitmap representing the groups to which the source port of a packet belongs.
Page 231 The Packet Filtering Language Table 33 Packet Filtering Opcodes (continued) Memory Opcode Requirements Description le (less than or equal 1 byte Pops two values from the stack and performs an unsigned comparison. If the first is less than or equal to the second, a byte containing the non-zero value is pushed onto the stack;...
Page 232 10: P HAPTER ACKET ILTERING Table 33 Packet Filtering Opcodes (continued) Memory Opcode Requirements Description accept 1 byte Conditionally accepts the packet that is being examined. Pops a byte from the stack. If its value is non-zero, the packet is accepted and evaluation of the filter ends immediately;...
Page 233: Implementing Sequential Tests In A Packet Filter
The Packet Filtering Language Filter language expressions are normally evaluated to completion — Implementing Sequential Tests in a a packet is accepted if the value remaining on the top of the stack is nonzero. Frequently, however, a single test is insufficient to filter packets Packet Filter effectively.
Page 234 10: P HAPTER ACKET ILTERING Figure 37 Accept and Reject Instructions Accept Reject (Use for OR-ing tests) (Use for AND-ing tests) First test First test Nonzero Nonzero Accept packet Reject packet result? result? and terminate and terminate test sequence test sequence Next test Next test The following example shows the use of both accept and reject in a...
Page 235: Common Syntax Errors
Common Syntax Errors Common Syntax When you press the Escape key to exit from the Administration Console’s Errors built-in editor or when you load a packet filter definition from across the network, the software examines the definition for syntax errors. Table 34 lists syntax errors and their causes.
Page 236 10: P HAPTER ACKET ILTERING Table 34 Common Syntax Errors (continued) Syntax Error Description Invalid characters in The number specified as an offset or literal is improperly number formatted. Possible causes are 1) lack of white space setting off the number, and 2) invalid characters in the number. Note: The radix of the number is determined by the first 1 or 2 characters of the number: A number with a leading “0x”...
Page 237: Custom Packet Filter Examples
Custom Packet Filter Examples Custom Packet The following examples of packet filters, which were built using the Filter Examples packet filter language, start with basic concepts. Destination This filter operates on the destination address field of a frame. It allows packets to be forwarded that are destined for stations with an Address Filter Organizationally Unique Identifier (OUI) of 08-00-02.
Page 238: Type Filter
10: P HAPTER ACKET ILTERING This filter operates on the type field of a frame. It allows packets to be Type Filter forwarded that are IP frames. To customize this filter to another type value, change the literal value loaded in the pushLiteral.w instruction. name “Forward IP frames”...
Page 239: Source Address And Type Filter
Custom Packet Filter Examples This filter operates on the source address and type fields of a frame. It Source Address and Type Filter allows XNS packets to be forwarded that are from stations with an OUI of 08-00-02. To customize this filter to another OUI value, change the literal value loaded in the last pushLiteral.l instruction.
Page 240: Xns Routing Filter
10: P HAPTER ACKET ILTERING This filter operates on the type and data fields of a frame. It discards all XNS Routing Filter XNS routing packets. name “Drop XNS Routing” pushField.w # Get type field. pushLiteral.w 0x0600 # Load XNS type value. # Check for non-XNS packet.
Page 241: Limits To Filter Size
Limits to Filter Size Limits to Filter Size A packet filter program is stored in a preprocessed format to minimize the space that is required by the packet filter definition. Comments are stripped. When assigned to a port, the packet filter is converted from the stored format to a run-time format to optimize the performance of the filter.
Page 242: Using Port Groups In Custom Packet Filters
10: P HAPTER ACKET ILTERING Using Port Groups You can use a port group (a list of system ports) as filtering criteria in a in Custom Packet packet filter. Filters A packet filter uses the group to make filtering decisions by accessing the group’s source port group mask and destination port group mask.
Page 243 Using Port Groups in Custom Packet Filters If MAC address 00-80-3e-12-34-56 is learned on port 3 and port 3 belongs to port group 1, it has a port group bit mask for port group 1 inserted into the port group mask table that is associated with the MAC address in the bridge address table.
Page 244 10: P HAPTER ACKET ILTERING For example, port 1 has a packet filter using the DPGM assigned to the rxAll path of port 1 and a broadcast frame is received on port 1. The bridge determines that the frame will be flooded to the VLAN ports 2-5. The filter is processed 4 times: 1 Once for the RX port 1 - TX port 2 pair 2 Once for the RX port 1 - TX port 3 pair...
Page 245: Port Group Management And Control Functions
Port Group Management and Control Functions Port Group Management and control functions to define port groups are provided in Management and the system. Control Functions You can configure port groups from the Defining Port Groups bridge packetFilter menu of the Administration Console, as described in the portGroup Command Reference Guide.
Page 246 10: P HAPTER ACKET ILTERING Removing ports from a group — At least one group must exist before you can remove a port. Loading groups — The Administration Console has no explicit menu item for loading port groups that are defined in a file on a remote host.
Page 247: Long Custom Filter Example
Long Custom Filter Example Long Custom Filter The following solution shows a complex packet filter built from three Example simple packet filters. Each of the shorter, simpler packet filters can be used on its own to accomplish its own task. Combined, these filters create a solution for a larger filtering problem.
Page 248 10: P HAPTER ACKET ILTERING You can use this information to create pseudocode that simplifies the process of writing the actual filter. It helps to first write the pseudocode in outline form, as shown here: 1 Determine if the packet has a broadcast address. 2 Determine if the packet is an XNS datagram.
Page 249 Long Custom Filter Example Name “IP XNS ticker bcast filter” # Assign this filter in the multicast path # of a port only--this is very important. # XNS FILTERING SECTION pushField.a # Apply pushLiteral.a 0xffffffffffff# filter # only on broadcast traffic accept pushField.w # Get the type field of the packet and...
Page 250 10: P HAPTER ACKET ILTERING The rest of this section concentrates on the parts of the complex filter, showing you how to translate the pseudocode’s requirements into filter language. The large filter is broken down into subsets to show how you can create small filters that perform one or two tasks, and then combine them for more sophisticated filtering.
Page 251 Long Custom Filter Example 4 Enter executable instruction #3: # not 0xffffffffffff 5 Enter executable instruction #4: accept # accept packet and go no further This accepts all non-broadcast packets. 6 Enter executable instruction #5: pushField.w # Get the type field of the packet and # place it on top of the stack.
Page 252 10: P HAPTER ACKET ILTERING 4 Enter executable instruction #3: # Compare if the value of the socket is greater than # or equal to the lower bound. 5 Enter executable instruction #4: pushLiteral.w 0x0898 # Put the highest socket value on # top of the stack.
Page 253 Long Custom Filter Example 4 Add an and statement to compare the results of step 2 with the results of step 3: # Compare if IP and in range. This combination looks like this: Name “Only IP pkts w/in socket range” pushField.w # Get the type field of the packet and # place it on top of the stack.
Page 254: Optimizing The Filter With Accept And Reject Commands
10: P HAPTER ACKET ILTERING Combining All the Filters Together, the packet filters work to perform the solution to the problem: filtering the broadcast packets from the market data servers. These steps show how to create this filter: 1 Name the filter: name “Discard XNS &...
Page 255 Long Custom Filter Example Name “Optimized IP XNS ticker bcast filter” # Assign this filter in the multicast path # of a port only--this is very important. # XNS FILTERING SECTION (Assuming more XNS traffic) pushField.a pushLiteral.a 0xffffffffffff# accept pushField.w # Get the type field of the packet and # place it on top of the stack.
Page 256 10: P HAPTER ACKET ILTERING...
Page 257: Internet Protocol (Ip)
(IP) NTERNET ROTOCOL This chapter provides guidelines and other key information about how to configure your system to route packets using the Internet Protocol (IP). Chapter contents include: Routing Overview Key Concepts Routing Models: Port-based and VLAN-based Key Guidelines for Implementing IP Routing Address Resolution Protocol (ARP) ARP Proxy Internet Control Message Protocol (ICMP)
Page 258: Routing Overview
11: I (IP) HAPTER NTERNET ROTOCOL Routing Overview The term routing refers to the action of sending information, in the form of packets, from one network to another. A router is the device that accomplishes this task. Your system, as a Layer 3 device, can act as a router.
Page 259: Routing In A Subnetted Environment
Routing Overview Use your system to fit Ethernet switching capability into subnetworked Routing in a Subnetted (subnetted) environments. When you put your system into such a network, the system streamlines your network architecture by routing Environment traffic between subnets and switching within subnets. See Figure 39. Figure 39 Typical Routing Architecture Connecting Connecting...
Page 260: Integrating Bridging And Routing
11: I (IP) HAPTER NTERNET ROTOCOL Your system integrates bridging and routing. You can assign multiple Integrating Bridging and Routing ports to each subnet. See Figure 40. Figure 40 Multiple Ethernet Ports Per Subnet Subnetwork 2 Subnetwork 1 Subnetwork 3 Bridging switches traffic between ports that are assigned to the same subnet.
Page 261: Ip Routing Overview
Routing Overview An IP router, unlike a bridge, operates at the network layer of the Open IP Routing Overview Systems Interconnection (OSI) Reference Model. The network layer is also referred to as Layer 3. An IP router routes packets by examining the network layer address (IP address).
Page 262: Features And Benefits
11: I (IP) HAPTER NTERNET ROTOCOL IP routing provides the following features and benefits: Features and Benefits Economy — Because you can connect several segments to the same subnet with routing, you can increase the level of segmentation in your network without creating new subnets or assigning new network addresses.
Page 263: Key Concepts
Key Concepts Key Concepts IP routers use the following elements to transmit packets: Multiple IP Interfaces per VLAN Media Access Control (MAC) addresses Network addresses IP addresses Router interfaces Routing tables Address Resolution Protocol (ARP) Internet Control Message Protocol (ICMP) Multiple IP Interfaces You can overlap IP interfaces without configuring a separate VLAN for per VLAN...
Page 264: Network-Layer Address
11: I (IP) HAPTER NTERNET ROTOCOL The network-layer address refers to a logical address that applies to a Network-Layer Address specific protocol. A network-layer address exists at Layer 3 of the OSI reference model. IP Addresses IP addresses are 32-bit addresses that consist of a network part (the address of the network where the host is located) and a host part (the address of the host on that network).
Page 265 Key Concepts Network Portion The location of the boundary between the network part and the host part depends on the class that the central agency assigns to your network. The three primary classes of IP addresses are A, B, and C: Class A address —...
Page 266 11: I (IP) HAPTER NTERNET ROTOCOL Figure 44 Subnet Masking Take the IP address IP address Network Subnet and Host Apply the subnet mask Subnet mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Result = subnet/host boundary Subnet Network...
Page 267 Key Concepts Figure 45 Extending the Network Prefix Take the IP address IP address Network Subnet and Host Apply the subnet mask Subnet mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Result = subnet/host boundary Subnet Network...
Page 268: Variable Length Subnet Masks (Vlsms)
11: I (IP) HAPTER NTERNET ROTOCOL With Variable Length Subnet Masks (VLSMs), each subnet under a Variable Length Subnet Masks network can use its own subnet mask. Therefore, with VLSM, you can get (VLSMs) more subnet space out of your assigned IP address space. How VLSMs Work VLSMs get beyond the restriction that a single subnet mask imposes on the network.
Page 269 Key Concepts Figure 46 Example of Route Aggregation Router ABC 78.0.0.0/8 78.1.0.0/16 78.2.0.0/16 78.3.0.0/16 78.254.0.0/16 78.1.1.0/24 78.254.32.0/19 78.1.2.0/24 78.254.64.0/19 78.1.3.0/24 78.254.96.0/19 78.1.254.0/24 78.254.192.0/19 78.1.2.32/27 78.1.2.64/27 78.1.2.96/27 78.1.192.0/27 If you plan your subnet addresses carefully, you can improve your utilization of IP addresses and your routing tables will be easier to maintain.
Page 270 “rolling up” or aggregating the subnet addresses into a single advertisement. See the RIP-1 versus RIP-2 discussion later in this chapter. Go to http://www.3com.com/technology/tech_net/white_papers a thorough discussion of IP addressing, VLSMs, and route aggregation. Guidelines for Using VLSMs Consider the following guidelines when you implement VLSMs: When you design the subnet scheme for your network, do not estimate the number of subnets and hosts that you need.
Page 271: Router Interfaces
Key Concepts A router interface connects the router to a subnet. If you use your system Router Interfaces for IP routing, more than one port can connect to the same subnet. Each router interface has an IP address and a subnet mask. This router interface address defines both the number of the network to which the router interface is attached and its host number on that network.
Page 272: Routing Table
11: I (IP) HAPTER NTERNET ROTOCOL With a routing table, a router or host determines how to send a packet Routing Table toward its ultimate destination. The routing table contains an entry for every learned and locally defined network. The size of the routing table on your system is dynamic and can hold at least 25,600 entries;...
Page 273 Key Concepts Routing table data is updated statically or dynamically: Statically — You manually enter static routes in the routing table. Static routes are useful in environments where no routing protocol is used or where you want to override some of the routes that are generated with a routing protocol.
Page 274: Routing Models: Port-Based And Vlan-Based
Routing Models: There are two basic routing models for implementing how a bridge and a Port-based and router interact within the same 3Com switch. They are: VLAN-based Port-based routing (routing versus bridging) — The system first tries to route packets that belong to recognized protocols, and all other packets are bridged.
Page 275: Role Of Vlans In Ip Routing
Routing Models: Port-based and VLAN-based It is important to keep in mind that, except for the out-of-band Role of VLANs in IP Routing management port, there is a VLAN index associated with every IP interface, whether the interface is port-based or VLAN-based: Port-based router interface —...
Page 276: Port-Based Routing
11: I (IP) HAPTER NTERNET ROTOCOL In the communications industry, Layer 3 devices have traditionally Port-based Routing employed port-based routing: routed packets over interfaces that are associated with a single physical port. Figure 49 illustrates traditional routing: 1 The packet enters the switch. 2 The bridge or router determines that the packet belongs to a recognized routing protocol, so the packet is passed to the router.
Page 277 Routing Models: Port-based and VLAN-based Port-based Routing Examples In Figure 50, four Layer 3 switches act as the campus backbone. Because very little bridging takes place within the backbone, port-based routing actually makes operations more efficient. Figure 50 Port-based Routing (Backbone Operations) To Internet Backbone Most routing...
Page 278 11: I (IP) HAPTER NTERNET ROTOCOL In Figure 51, a Layer 2 switch is acting as a port aggregator for the corporate or campus VLAN. Because the traffic going from the Layer 2 switch to the Layer2/Layer 3 switch is only going to be routed, port-based routing between these two devices is more efficient.
Page 279 Routing Models: Port-based and VLAN-based Important Considerations Be aware of the following points when you use port-based routing: Your system can be in only allOpen or allClosed VLAN mode. You cannot create mixed VLAN modes on the same device. You can establish up to 32 IP interfaces on a single VLAN. If you set up your IP router as a port-based router, you are not required to use 802.1Q tagging.
Page 280: Vlan-Based Routing
11: I (IP) HAPTER NTERNET ROTOCOL You can only remove a VLAN associated with a router port interface using . If you try to remove the VLAN using ip interface remove , an error is returned. This protects the router bridge vlan remove port VLAN from inadvertent deletion.
Page 281 Routing Models: Port-based and VLAN-based 5 The bridging layer then selects a segment (port) based on the destination MAC address and forwards the packet to that segment. Figure 52 3Com VLAN-based Routing Model Router Routing layer Router interfaces Bridge Bridging layer...
Page 282: Key Guidelines For Implementing Ip Routing
11: I (IP) HAPTER NTERNET ROTOCOL Key Guidelines for To route network traffic using IP, you must perform these tasks in the Implementing IP following order: Routing 1 Configure trunks (optional). 2 Configure IP VLANs (VLAN-based routing). 3 Establish your IP interface. 4 Enable IP routing.
Page 283: Establish Your Ip Interfaces
Key Guidelines for Implementing IP Routing To establish an IP interface, follow these steps: Establish Your IP Interfaces 1 Determine your interface parameters. 2 Define the IP interfaces. Interface Parameters Each IP routing interface has these standard characteristics: IP address — An address from the range of addresses that the Internet Engineering Task Force (IETF) assigns to your organization.
Page 284 11: I (IP) HAPTER NTERNET ROTOCOL You must define a router interface if your system is in allClosed mode and want to forward traffic between VLANs. In allClosed mode, the system does not forward unicast traffic. (in-band) and ip interface define management ip interface (out-of-band) options are documented in the Command define...
Page 285: Enable Ip Routing
Key Guidelines for Implementing IP Routing To enable IP routing, use the command on the Enable IP Routing ip routing Administration Console or use the IP Configuration form in the Web Management software. By default, IP routing is disabled on the system. You can use the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol to take advantage of routing capabilities.
Page 286: Address Resolution Protocol (Arp)
11: I (IP) HAPTER NTERNET ROTOCOL Address Resolution ARP is a low-level protocol that locates the MAC address that Protocol (ARP) corresponds to a given IP address. This protocol allows a host or router to use IP addresses to make routing decisions while it uses MAC addresses to forward packets from one hop to the next.
Page 287 Address Resolution Protocol (ARP) Figure 54 Example of an ARP Request Packet ARP request packet 00802322b00ad Source hardware address 158.101.2.1 Source protocol address Target hardware address 158.101.3.1 Target protocol address When devices on the network receive this packet, they examine it. If their address is not the target protocol address, they discard the packet.
Page 288: Important Considerations
11: I (IP) HAPTER NTERNET ROTOCOL Keep the following things in mind about this protocol: Important Considerations Enter a static ARP entry when the ARP resolution does not result in an ARP entry in the cache. For example, some applications do not respond to ARP requests and, consequently, specific network operations may time out for lack of address resolution.
Page 289 ARP Proxy However, if the router has ARP proxy enabled, the router answers the request of Server A with its own MAC address — thus, all traffic sent to Server B from Server A is addressed to the corresponding IP interface on the router and forwarded appropriately.
Page 290: Internet Control Message Protocol (Icmp)
11: I (IP) HAPTER NTERNET ROTOCOL Internet Control Because a router knows only about the next network hop, it is not aware Message Protocol of problems that may be closer to the destination. Destinations may be (ICMP) unreachable if: Hardware is temporarily out of service. You specified a nonexistent destination address.
Page 291 Internet Control Message Protocol (ICMP) Uses the router with the highest preference level as the default gateway (ICMP Router Discovery) ICMP Router Discovery is useful if you have multiple gateways that connect a particular subnet to outside networks. By using the preference setting, you can select which gateway is the preferred choice.
Page 292: Icmp Redirect
11: I (IP) HAPTER NTERNET ROTOCOL ICMP Redirect ICMP Redirect adds another layer of intelligence to routing. ICMP Redirect: Informs the sending device of the frame that there is a more efficient route to the destination. Routes the frame via the more efficient route. Use the Administration Console or the Web Management software to enable ICMP Redirect.
Page 293: Example
ICMP Redirect Disable ICMP Redirect if you have overlapped IP interfaces on ports that are not configured to use 802.1Q VLAN tagging. Doing so provides better routing performance between the overlapped subnets. If you have two interfaces that belong to different VLANs that share a given port and you want to completely disable ICMP redirects for that port, disable the redirects for each interface that shares that port.
Page 294: Icmp Router Discovery
11: I (IP) HAPTER NTERNET ROTOCOL ICMP Router ICMP Router Discovery directs a host to use the router with the highest Discovery preference level as the default gateway. ICMP does this by enabling hosts that are attached to multicast or broadcast networks to discover the IP addresses of their neighboring routers and determine which router to use for a default gateway.
Page 295: Broadcast Address
Broadcast Address See the documentation for your workstation to determine whether you can configure your workstation to use this protocol. See RFC 1256 for detailed information about ICMP Router Discovery. Broadcast Address You can set a broadcast address for each defined IP interface. Your system uses this broadcast address when forwarding directed broadcast packets, and when advertising RIP packets.
Page 296: Routing Information Protocol (Rip)
11: I (IP) HAPTER NTERNET ROTOCOL Routing RIP is the protocol that implements routing. RIP does this by using Information Distance Vector Algorithms (DVAs) to calculate the route with the fewest Protocol (RIP) number of hops to the destination of a route request. Each device keeps its own set of routes in its routing table.
Page 297: Rip Mode
Routing Information Protocol (RIP) The four available settings for RIP mode are as follows: RIP Mode Disabled — The system ignores all incoming RIP packets and does not generate any RIP packets of its own. Learn — The system processes all incoming RIP packets, but it does not transmit RIP updates.
Page 298: Poison Reverse
11: I (IP) HAPTER NTERNET ROTOCOL Poison Reverse is a RIP feature that you use specifically with a scheme Poison Reverse called Split Horizon. Your system enables Poison Reverse by default. Split Horizon avoids the problems that reverse-route updates can cause. Reverse-route updates are sent to a neighboring router and include the routes that are learned from that router.
Page 299: Route Aggregation
Routing Information Protocol (RIP) Route aggregation mode determines which route table entries are sent Route Aggregation during a RIP-2 update: If route aggregation mode is enabled, RIP-2 can function like RIP-1 and “collapse” route table entries for all subnets of a directly connected network.
Page 300: Important Considerations
In this way, the system keeps track of the RIP-1 and RIP-2 address routes in its routing table and forwards the routes as well. 3Com recommends that you not advertise RIP-1 and RIP-2 together. If you do, two different sets of IP addresses may go into to the routing table for every one RIP advertisement, which quickly reduces the efficiency of the routing table.
Page 301: How Routing Policies Work
Routing Policies Routing policies can control the entire flow of routing information among the network, the protocols, and the routing table manager. Routing Policies are often referred to as Route Filters because defining policies for accepting and forwarding routes is very much like defining filters to screen which routes may be forwarded or accepted.
Page 302 11: I (IP) HAPTER NTERNET ROTOCOL Figure 60 IP Routing Policies IP Network OSPF Incoming traffic Advertise Routing table manager Discard Discard Import Export Accept Outgoing traffic Routing table Figure 60 shows the first level of decision-making in routing policies. Routing policies also contain two parameters that help further refine this system: metrics and administrative weight.
Page 303: Important Considerations
Routing Policies Even though Routing Policies are not true routing protocols and are Important Considerations considered optional, they can increase network efficiency. You can increase speed and security simply by limiting the number of devices from which the router receives data. You can establish a neighbor list of devices, which is a list of trusted systems whose addresses you have confidence in.
Page 304 11: I (IP) HAPTER NTERNET ROTOCOL RIP Import Policy Conditions for Specified Interfaces Table 42 lists the policy conditions for RIP import policies. Table 42 RIP Import Policy Conditions Source Route Router (address/mask) Action Description Specified Specified accept Accept specified route from specified router route/mask source router on specified interfaces...
Page 305 Routing Policies RIP Export Policy Conditions for Specified Interfaces Table 43 lists the policy conditions for the RIP export policies. Table 43 RIP Export Policy Conditions Source Protocol Router Route Action Description RIP, OSPF, Specified Specified accept Advertise RIP/OSPF/static static router or route/mask specified route from...
Page 306: Setting Up Rip Routing Policies
11: I (IP) HAPTER NTERNET ROTOCOL To configure a routing policy, follow these general steps: Setting Up RIP Routing Policies 1 Establish an Export policy that controls the advertisement of routes through RIP, regardless of the source from which the route is learned. 2 Establish an Import policy that accepts or refuses to accept information on routes learned by RIP from a trusted neighbor.
Page 307: Creating Rip Routing Policies
Routing Policies To set a routing policy, you need to know the following parameters: Creating RIP Routing Policies Policy type — The determination whether to accept a route into the routing table (import) or advertise a route from the routing table (export) Source address —...
Page 308: Example
11: I (IP) HAPTER NTERNET ROTOCOL Figure 61 and Table 44 show an example of how to set a RIP import Example routing policy. Figure 61 RIP Routing Policies Example Route addresses 130.1.0.0 131.1.0.0 132.1.0.0 133.1.0.0 10.1.2.2 (Source address) Router A RIP packets from Router 1 Routes in packets: 130.1.0.0...
Page 309 Routing Policies Table 44 lists the import policies for Router B from Figure 61. Table 44 Router B Routing Policies Source Route Route Subnet Policy Type Address Address Mask IP Interface Policy Action Metric Weight Import 10.1.2.2 130.1.0.0 255.255.0.0 accept Import 10.1.2.2 131.1.0.0...
Page 310: Domain Name System (Dns)
11: I (IP) HAPTER NTERNET ROTOCOL Domain Name The Domain Name System (DNS) client allows you to specify a hostname System (DNS) rather than an IP address when you perform various operations (for example, when you use to contact an IP station). ping traceRoute With DNS, you can specify one or more name servers that are associated...
Page 311: User Datagram Protocol (Udp) Helper
RFC 2131 is the official specification for DHCP. Both BOOTP and DHCP use the logical port number 67 for their servers. However, 3Com implements a generic UDP Helper agent in the system that can apply to any port. Implementing UDP Helper...
Page 312: Configuring Overlapped Interfaces
11: I (IP) HAPTER NTERNET ROTOCOL You have to set the following UDP Helper parameters: UDP port number — A logical address, not a port (interface) on your system. BOOTP (including DHCP) uses UDP port 67. IP forwarding address — The IP address to which the packets are forwarded.
Page 313: Important Considerations
16; the default hop count limit . Keep the hop count as low as possible for performance purposes. 3Com recommends that you keep the UDP port number at 67. The Port number 67, which is the industry standard, helps ensure that UDP packets do not get dropped due to an unknown destination failure.
Page 314: Standards Organizations
11: I (IP) HAPTER NTERNET ROTOCOL You can obtain copies of RFCs from the Web site of the Internet Engineering Task Force (IETF): http://www.ietf.org Standards Standards organizations ensure interoperability, create reports, and Organizations recommend solutions for communications technology. The most important standards groups are: International Telecommunications Union (ITU) Electronic Industry Association (EIA)
Page 315: Virtual Router Redundancy Protocol (Vrrp)
IRTUAL OUTER EDUNDANCY (VRRP) ROTOCOL The Virtual Routing Redundancy Protocol (VRRP) can prevent a loss of network operations for end hosts due to the failure of the static default IP gateway. VRRP accomplishes this by allowing you to designate a number of other routers as Backup routers in the event that the Master router (the default router) should fail for any reason.
Page 316: Vrrp Overview
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL VRRP Overview A critical component of IP networking is the way in which hosts and routing devices find the next-hop address in a connectionless environment. There are several different ways of determining the next-hop address, but they all fall into two basic categories: Router to Router Host to Host and Host to Gateway...
Page 317: Example
VRRP Overview Static Route A static route is an IP address that is user-configured and fixed. Static routes are useful if the host only needs to access a few networks; in this case, static routes actually require less overhead than dynamic routing protocols.
Page 318: Key Concepts
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL Figure 62 Simple VRRP Configuration Router A Router C Server Router B Router D In the example shown in Figure 62, Router A is the default gateway for the workstation named PC, which provides access to the Wide Area Network (WAN) and to the device named Server.
Page 319: How Vrrp Works
Key Concepts Virtual router master — The VRRP router that forwards packets sent to the IP addresses associated with the virtual router. Also called the Master router. A virtual router is the Master when: You configure it (using the Administration console, the Web Management console, or SNMP) as the primary IP address for a given interface Backing up a Master that has been disconnected or disabled...
Page 320: Virtual Router Decision-Making
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL After the original Master again become operational, it begins again to broadcast advertisements to the other virtual routers if preempt mode is enabled. Packet forwarding responsibility then shifts back to the original Master router.
Page 321 Key Concepts The parallel design in Figure 63 takes advantage of the capabilities of VRRP. This design can be extended to include more routers and more subnetworks. In a more complex virtual router scheme with many backup routers, this method ensure that all routers have adequate backup in the event of a failure.
Page 322: Important Considerations
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL Important This section provides information to be aware of when you implement Considerations VRRP: The Master router forwards the IP addresses that you have associated with the primary virtual router, and: Responds to ARP requests for the IP address or addresses that are associated with the virtual router.
Page 323: Implementing Vrrp
Implementing VRRP VRRP supports Proxy ARP; the virtual router uses the virtual router MAC address in Proxy ARP replies. VRRP supports Fiber Distributed Data Interface (FDDI) and Ethernet Consider using VRRP in conjunction with port-based routing to provide router redundancy on your campus backbone. See Chapter 11 for an example of port-based routing on a campus backbone.
Page 324: Create Vlans
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL This section identifies the VLAN parameters that you must configure for Create VLANs both Router 1 and Router 2. Use in the bridge vlan define Administration console or use the Bridge VLAN Define form in the Web Management console to configure the VLANs.
Page 325: Configure The Router Protocol
Implementing VRRP Configure a dynamic routing protocol (RIP-2 or OSPF) for both Router 1 Configure the Router Protocol and Router 2. In this case, the sample configuration uses RIP-2. Use the menu in the Administration Console or use the IP RIP Web ip rip Management forms to configure RIP on both routers.
Page 326: Enable Vrrp
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL VRRP parameters for Virtual Router 2 VLAN Router Association Index IP Interface Type VRID Address Interval Priority Preempt 10.1.0.253 Backup 1 10.1.0.254 10.1.4.253 Backup 2 10.1.4.254 10.1.4.253 Primary 10.1.8.253 10.1.4.253 Primary 10.1.12.253 1 150.100.0.8 Backup 5 150.100.0.4 1 Enable VRRP...
Page 327: Spanning Tree Protocol (Stp)
VRRP and Other Networking Operations Figure 63, earlier in this chapter, shows how you can set up VRRP parallel Spanning Tree Protocol (STP) routers to provide total redundancy in your inter-LAN operations. However, because VRRP uses MAC addresses in its advertisements, this topology can represent a bridge loop to STP.
Page 328: Igmp Queries
12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL Figure 65 Proper Use of Dynamic Routing Protocols with VRRP (OSPF) 99.99.1.0 OSPF RIP-2 Router C Router A Router B 99.99.2.0 (RIP) IGMP Queries IP multicast routers use IGMP to query subnetworks in order to detect host members of multicast groups.
Page 329: Icmp Redirect
Standards, Protocols, and Related Reading Using ICMP Redirect in conjunction with VRRP might cause gateway ICMP Redirect access problems due to potential conflicts between actual MAC addresses and the virtual MAC addresses that VRRP uses. Disable ICMP Redirect if you are using VRRP. Quality of Service You can enable Quality of Service (QoS) to run on systems running the VRRP protocol.
Page 330 12: V (VRRP) HAPTER IRTUAL OUTER EDUNDANCY ROTOCOL...
Page 331 IP M ULTICAST OUTING This chapter provides conceptual information, configuration options, and implementation guidelines for IP multicast routing on your system. This chapter covers the following topics: IP Multicast Overview How a Network Supports IP Multicast Key Concepts How IGMP Supports IP Multicast How DVMRP Supports IP Multicast Key Guidelines for Implementation Configuring IGMP Options...
Page 332: Ip Multicast Overview
13: IP M HAPTER ULTICAST OUTING IP Multicast The easiest way to begin to understand multicasting is to compare it Overview against two other address types and their communication models. Unicast Model A unicast address is designed to transmit a packet from a source to a single destination.
Page 333: Benefits Of Ip Multicast
IP Multicast Overview New applications that are designed to increase productivity within and Benefits of IP Multicast across organizations are driving the need for network infrastructures to support IP multicast. When the application content is time-sensitive or requires significant bandwidth (for example, a video stream), the IP multicast process provides an efficient delivery mechanism.
Page 334: How A Network Supports Ip Multicast
13: IP M HAPTER ULTICAST OUTING How a Network To support IP multicast, the sending and receiving nodes, as well as the Supports IP network infrastructure between them, must be multicast-enabled. Multicast Specifically, there must be cohesive support for IP multicast in the following components: TCP/IP protocol stack, operating systems, application software, NICs, and Layer 3 devices.
Page 335: Ip Multicast Tunnels
How a Network Supports IP Multicast Supporting Protocols in Your System To communicate with other routers, your system supports the Distance-Vector Multicast Routing Protocol (DVMRP) version 3.6. DVMRP functions and configuration options are explained later in this chapter. To communicate with group members on directly attached subnetworks, your system supports the Internet Group Management Protocol (IGMP) version 1 and version 2.
Page 336: Ip Multicast Filtering
CPUs. It is also important to have a similar IP multicast filtering capability in ® Layer 2 devices. Your 3Com options include the CoreBuilder 9400 ® switch, CoreBuilder 9000 Layer 2 modules, SuperStack II Switch 3900, and SuperStack II Switch 9300.
Page 337: Internet Support For Ip Multicast
How a Network Supports IP Multicast The MBONE is the Internet’s experimental multicast backbone network. It Internet Support for IP Multicast is an interconnected set of Internet routers, subnetworks, and tunnels that support the delivery of IP multicast traffic. The MBONE was first configured in 1992 as a test zone to enable IP multicast applications to be deployed without waiting for multicast routers to replace unicast routers across the entire Internet.
Page 338: Key Concepts
13: IP M HAPTER ULTICAST OUTING Key Concepts This section describes several terms and concepts related to IP multicast routing. Traffic Movement Application sources generate the majority of IP multicast packets, but group members and routers that are communicating (DVMRP and IGMP messages) to establish the delivery path also generate IP multicast packets.
Page 339: Multicast Addresses
Key Concepts A multicast packet differs from a unicast packet by the presence of a Multicast Addresses multicast group address in the destination address field of the IP header. IP multicast uses a Class D destination address format, which has the high-order four bits set to 1-1-1-0 followed by a 28-bit multicast group identifier.
Page 340 13: IP M HAPTER ULTICAST OUTING Reserved MAC Addresses IANA also controls a reserved portion of the IEEE-802 MAC-layer multicast address space. All addresses in this block use hexadecimal format and begin with 01-00-5E. A simple procedure maps Class D addresses to this block, so that IP multicasting can take advantage of the hardware-level multicasting supported by network interface cards (NICs).
Page 341: How Igmp Supports Ip Multicast
How IGMP Supports IP Multicast How IGMP IGMP provides a way for routers and switches to learn where group Supports members exist on a network, and thus provides a critical function in the IP IP Multicast multicast packet delivery process. On each subnetwork or broadcast domain (VLAN), the communication Electing the Querier between routers, switches, and group members begins with one...
Page 342: Role Of Igmp In Ip Multicast Filtering
13: IP M HAPTER ULTICAST OUTING Join Message Rather than wait for a query, a host can also send an IGMP report on its own initiative to inform the querier that it wants to begin receiving a transmission for a specific group (perhaps by clicking a Go or Start button on the client interface).
Page 343: How Dvmrp Supports Ip Multicast
How DVMRP Supports IP Multicast How DVMRP DVMRP is a distance-vector routing protocol that allows routers to Supports establish shortest-path, source-rooted, IP multicast delivery trees. While it IP Multicast is similar to the Routing Information Protocol (RIP), one important difference is that DVMRP focuses on the previous hop back to a multicast source, not the next hop to a destination.
Page 344: Managing The Spanning Tree
13: IP M HAPTER ULTICAST OUTING The term spanning tree applies to any loopless graph that spans intelligent nodes. The DVMRP spanning tree structure provides only one active path to connect any two multicast routers in the network. This approach provides a logical, efficient path to reach group members and prevents multicast storms from decreasing network performance.
Page 345 How DVMRP Supports IP Multicast Interface Relationships The interface on which a router receives source-origin traffic for a given source-group pair is called the incoming or parent interface. Each interface over which the router forwards source-group traffic is called an outgoing or child interface.
Page 346: Dvmrp Interface Characteristics
13: IP M HAPTER ULTICAST OUTING Inside the prune message is a prune lifetime, or prune timer, which is a period of time for which the prune message is valid. When the prune lifetime expires, the interface is added back into the multicast delivery tree —...
Page 347: Key Guidelines For Implementation
Key Guidelines for Implementation Key Guidelines for You need to enable IP multicast routing features only if network users Implementation require access to IP multicast application traffic from local or remote sources. Configuration To activate IP multicast routing and filtering capabilities in your system, follow this general procedure: Procedure 1 Configure VLANs and IP routing interfaces on the system.
Page 348: Impact Of Multicast Limits
VLAN that has multicast group members, even if the path to reach the members is the same physical link. To achieve wirespeed multicast performance, 3Com recommends that you configure only one VLAN per port. Contact your 3Com representative about network design options. Protocol...
Page 349: Configuring Igmp Options
You cannot enable or disable snooping or querying Considerations on specific interfaces. 3Com recommends that you keep both modes enabled at all times. They add little processing overhead to the system. Configuring DVMRP DVMRP is the protocol used to develop source-rooted spanning trees Interfaces between routers in the network.
Page 350: Configuring Dvmrp Tunnels
The other tunnel end point must be a multicast interface on a different system and subnetwork. You can configure up to 8 tunnels per CoreBuilder 3500 system. Before you can define a tunnel end point, you must configure a routing interface and enable DVMRP on the interface.
Page 351 2, it can assign index 4 to the next new tunnel, and so on. Removing a tunnel end point on one system destroys that tunnel’s functionality, but 3Com recommends that you remove the tunnel configuration from both systems.
Page 352: Configuring Dvmrp Default Routes
13: IP M HAPTER ULTICAST OUTING Configuring DVMRP You can configure a default route for IP multicast traffic on any DVMRP Default Routes routing interface in the system. How Default Routes If an interface is configured as a default route, it advertises source 0.0.0.0 Work to neighboring DVMRP routers.
Page 353: Viewing The Dvmrp Routing Table
Viewing the DVMRP Routing Table Viewing the Your system records DVMRP route information in a table that you can DVMRP access from the management interface. Your system learns source-based Routing Table route information from neighboring DVMRP routers and also advertises routes that it learns to its neighbors.
Page 354: Using Ip Multicast Traceroute
13: IP M HAPTER ULTICAST OUTING Using IP Multicast You can perform an IP multicast traceroute from the system management Traceroute interface. The ability to trace the path of a IP multicast group packet from a source to a particular destination is desirable for troubleshooting purposes.
Page 355: Standards, Protocols, And Related Reading
Internet drafts. IGMP was first defined in RFC 1112 and has been Related Reading modified in various Internet drafts. To learn more about DVMRP and IGMP, IP multicast technology, or related events, consult the following Web resources: http://www.3com.com http://www.ipmulticast.com http://www.ietf.org http://www.stardust.com...
Page 356 13: IP M HAPTER ULTICAST OUTING...
Page 357: Open Shortest Path First (Ospf)
HORTEST IRST (OSPF) This chapter provides guidelines and other key information about how to configure Open Shortest Path First (OSPF) on your system. This information includes: OSPF Overview Key Concepts Key Guidelines for Implementing OSPF Autonomous System Boundary Routers Areas Default Route Metric OSPF Interfaces Link State Databases...
Page 358: Ospf Overview
14: O (OSPF) HAPTER HORTEST IRST OSPF Overview The OSPF link-state protocol dynamically responds to changes in network topology that occur within a group of networks and routers known as an autonomous system. OSPF tracks the states of links and routers in each autonomous system, and when a change occurs, calculates new routes based on the new topology.
Page 359 OSPF Overview OSPF interfaces — An OSPF interface is an IP interface that you configure to send and receive OSPF traffic. When you configure an OSPF interface, you define the behavior and role of the interface within the OSPF routing domain. For example, router priority determines designated router selection, cost determines the expense associated with using the interface, and the Hello interval directly affects how fast topological changes are detected.
Page 360: Benefits
14: O (OSPF) HAPTER HORTEST IRST Virtual links — All areas of an OSPF routing domain must connect to the backbone area. In cases where an area does not have direct, physical access to the backbone, you can configure a logical connection to the backbone, called a virtual link.
Page 361 OSPF Overview Ability to partition the network into more manageable areas — Many autonomous systems in the Internet are large and complicated to manage. OSPF allows them to be subdivided into smaller, more manageable networks or sets of contiguous networks called areas. You can think of an area as a generalization of an IP subnetworked network.
Page 362 14: O (OSPF) HAPTER HORTEST IRST Support for virtual links to noncontiguous areas — As discussed earlier, OSPF can partition large autonomous systems into smaller, more manageable subdivisions, called areas. An OSPF backbone is responsible for distributing routing information between the areas of an autonomous system.
Page 363: Key Concepts
Key Concepts Key Concepts Before you configure OSPF on your system, review the following key concepts and terms discussed in these sections: Autonomous Systems Areas Neighbors and Adjacency Router Types Protocol Packets How OSPF Routing Works An autonomous system consists of a set of OSPF routers that exchange Autonomous Systems routing information.
Page 364: Router Types
14: O (OSPF) HAPTER HORTEST IRST OSPF routers serve several different, often overlapping, functions: Router Types Internal routers — Internal routers connect only to networks that belong to the same area. An internal router runs one copy of the OSPF algorithm and maintains routing data only for its area.
Page 365: Protocol Packets
Key Concepts Router IDs The OSPF router ID identifies a router to other routers within an autonomous system. OSPF uses three types of router identifiers, which take the form of an IP address: Default — An arbitrary ID that the system generates and uses as the default router ID Interface —...
Page 366: How Ospf Routing Works
14: O (OSPF) HAPTER HORTEST IRST This section summarizes how the OSPF algorithm works for a router that How OSPF Routing Works meets these characteristics: Lies within an autonomous system area (an interior router) Is attached to a multiaccess network Is configured to be the designated router for its network Starting Up When the router starts, the interfaces that are configured to run OSPF...
Page 367 Key Concepts Electing the Designated Router OSPF selects a designated router, which originates LSAs on behalf of the network segment. These advertisements list all routers (including the designated router) that are attached to the segment. The designated router also floods LSA packets throughout the segment to allow its neighbors to update their databases.
Page 368 14: O (OSPF) HAPTER HORTEST IRST Routing Packets A packet’s source and destination determine the routers that move it: Intraarea — When a packet’s source and destination are in the same area, the packet is routed using internal router databases. No routers are used outside the area.
Page 369: Key Guidelines For Implementing Ospf
Key Guidelines for Implementing OSPF Key Guidelines for Consider the following guidelines when you design a scalable and Implementing OSPF dependable OSPF internetwork: The following OSPF interface parameters must be consistent across all These parameters must be consistent routers on an attached network: across all routers Hello interval Dead interval...
Page 370: Autonomous System Boundary Routers
14: O (OSPF) HAPTER HORTEST IRST Autonomous Autonomous system boundary routers (ASBRs) are the links between the System Boundary OSPF autonomous system and the outside network. They exchange their Routers autonomous system topology data with boundary routers in other autonomous systems. ASBRs can import external link advertisements that contain information about external networks from other protocols like RIP and redistribute them as LSAs to the OSPF network.
Page 371 Autonomous System Boundary Routers A router never becomes an ASBR if: All of the router’s interfaces reside in a stub area. This last rule overrides all other cases where a router can become an ASBR. You create IP interfaces with the option.
Page 372: Areas
14: O (OSPF) HAPTER HORTEST IRST Areas To reduce the amount of routing information that travels through a network, and the corresponding size of the OSPF routers’ topology databases, subdivide OSPF autonomous systems into areas. Each area has the following configurable parameters: Area ID —...
Page 373: Types Of Areas
Areas All routers within the same area maintain and use identical link state Types of Areas advertisement (LSA) databases. The network shown in Figure 70 later in this chapter contains four OSPF areas within autonomous system A. There are three types of OSPF areas: Transit area —...
Page 374 14: O (OSPF) HAPTER HORTEST IRST Figure 70 Sample OSPF Routing Application Area 2 (stub) Autonomous system A Area border router 1 Area 0 (backbone) Segment 2 Segment 1 Area 1 Area Router 1 Segment 4 Segment 7 Segment 8 border router 2 Router 3...
Page 375: Area Border Routers
Areas Each area (including the backbone area) includes all border routers that Area Border Routers are connected to the area. In Figure 70, for example, you define: Area border routers 1, 2, and 3 as being in backbone area 0 Area border routers 2 and 4 as being in area 1 Area border router 1 as being in area 2 Area border routers 3 and 4 as being in area 3...
Page 376: Configuring Route Summarization In Abrs
14: O (OSPF) HAPTER HORTEST IRST The concept of route summarization is key in implementing a stable and Configuring Route Summarization in scalable OSPF internetwork. Route summarization is the consolidating of ABRs advertised addresses by area border routers (ABRs). Instead of advertising routes to individual nodes within an area, you can configure an ABR to advertise a single summary route or “network range”...
Page 377 Areas Whenever there is a change in network topology (such as when a link is lost or comes online), routers in all affected areas must converge on the new topology. If your internetwork consists of unstable links, you can partition the AS into smaller areas to minimize the number of areas that affected when the topology changes as a result of those unstable links.
Page 378 14: O (OSPF) HAPTER HORTEST IRST Because all routers connected to the backbone (ABRs) must recompute routes whenever the topology changes for any link in the AS, keeping the size of the backbone to a minimum is especially important in an autonomous system that may contain unstable links. At the very least, reducing the number of areas that connect a backbone directly reduces the likelihood of link-state change.
Page 379: Default Route Metric
Default Route Metric Default Route An OSPF router always forwards an IP packet to the network that is the Metric best match for the packet’s destination; best match means the longest or most specific match. A router that fails to find a specific match for a packet’s destination forwards the packet to the default router in the area.
Page 380: Ospf Interfaces
14: O (OSPF) HAPTER HORTEST IRST OSPF Interfaces You configure OSPF router interfaces by adding OSPF characteristics to existing IP VLAN interfaces. The OSPF interface has the following characteristics and statistics, which are discussed in the next sections: Mode Priority Area ID Cost Delay...
Page 381: Area Id
OSPF Interfaces To configure a router to be chosen as a designated router, you must understand how the designated router is elected: The routing interface that has the highest routing priority within an area is elected as the designated router using the Hello protocol. In case of a tie —...
Page 382: Delay
14: O (OSPF) HAPTER HORTEST IRST Specifying Cost Metrics for Preferred Paths In OSPF, the best path is the one that offers the least-cost metric. A cost is associated with each router output interface and each route as follows: Each output interface is assigned a default cost by the system based on the media bandwidth to which it is attached.
Page 383: Hello Interval
OSPF Interfaces The delay value that you specify for an interface also increases the age of all LSAs that are transmitted over the interface by the same value. This setting may also affect how soon the LSA is flushed from an area router’s database.
Page 384: Dead Interval
14: O (OSPF) HAPTER HORTEST IRST The dead interval determines how long neighbor routers wait for a Hello Dead Interval packet before they determine that a neighbor is inactive. Each time that a router receives a Hello packet from a neighbor, the router resets the dead interval timer for that neighbor.
Page 385: Important Considerations
OSPF Interfaces Consider the following guidelines when you configure router interfaces: Important Considerations To set the OSPF interface mode to active, enable IP routing. Because designated routers and backup designated routers have the Designated routers most OSPF work to do within an area, select routers that are not already loaded with CPU-intensive activities to be the designated router and backup designated router.
Page 386 14: O (OSPF) HAPTER HORTEST IRST The default value for the dead interval is 40 seconds. Dead interval Set the dead interval to 4 times the value specified for the hello timer. Set the dead interval to the same value for all routers on the same network segment.
Page 387: Link State Databases
Link State Databases Link State OSPF routers use the information that is contained in the link state Databases advertisements (LSAs) to build and maintain link state databases. Each link state database contains the link state advertisements from throughout the areas to which the router is attached. OSPF uses the following types of LSAs: Router Link State Advertisements Network Link State Advertisements...
Page 388: Network Link State Advertisements
14: O (OSPF) HAPTER HORTEST IRST Link ID — Identifies the object to which this router link connects for each Link Type. Possible values: If Link Type is PTP, then this is the neighboring router’s router ID. If Link Type is Transit, then this is the address of the designated router.
Page 389: Summary Link State Advertisements
Link State Databases Area border routers can generate two types of summary link state Summary Link State Advertisements advertisements: Summary link state advertisements that report the cost to a single subnetwork number outside the area. These advertisements are identified as Type 3 in the link state advertisement header. Summary link state advertisements that report the cost to a single autonomous system boundary router (ASBR).
Page 390 14: O (OSPF) HAPTER HORTEST IRST In addition, OSPF also considers the following routes to be external routes. They are advertised using external link state advertisements: The default route Static routes Routes derived from other routing protocols, such as RIP Directly connected networks that are not running OSPF All external routes are assigned a cost metric.
Page 391: Important Considerations
Link State Databases Network Mask — The IP address mask for the advertised destination. Fwd address (Forwarding Address) — If the AS boundary router is advertising a destination that can be more optimally reached by a different router on the same LAN, then the advertising boundary router specifies that router’s address in the forwarding address field.
Page 392: Neighbors
14: O (OSPF) HAPTER HORTEST IRST Neighbors Neighbor routers are those that are physically attached to the same network segment. The OSPF Hello protocol establishes adjacencies among neighboring routers to facilitate the exchange of routing information. An adjacency describes the relationship between two routers that exchange network topology information.
Page 393 Neighbors State — The state of the adjacency. You can also think of this as the state of the conversation that is held with the neighboring router. Possible neighbor state values: Down — The initial state of a neighbor conversation. It indicates that no recent information has been received from this neighbor.
Page 394 14: O (OSPF) HAPTER HORTEST IRST RxQ (Retransmit Queue) — The number of LSAs in the local retransmit queue to the neighbor. These LSAs have been flooded but not acknowledged on this adjacency. The LSAs in the queue are flooded until they are acknowledged by the neighbor or until the adjacency is destroyed.
Page 395: Static Neighbors
Neighbors On broadcast networks such as Ethernet, the OSPF Hello protocol uses Static Neighbors the broadcast capability to dynamically discover neighbors. On nonbroadcast networks, such as X.25 Public Data Network, however, you may need to assist in neighbor discovery by statically defining neighbors on each interface.
Page 396: Router Ids
14: O (OSPF) HAPTER HORTEST IRST Router IDs Each router that is configured for OSPF has an OSPF router ID. The OSPF router ID uniquely identifies the router to other routers within an autonomous system. The router ID determines the designated router in a broadcast network if the priority values of the routers involved in the designated router election are equal.
Page 397: Ospf Memory Partition
OSPF Memory Partition OSPF Memory There are three choices for OSPF memory allocation: Partition Have the system intelligently determine the maximum OSPF memory partition size (partition size = ). This is the default. Have OSPF be part of system memory, growing as needed and without limit (partition size = Configure the maximum OSPF memory partition size manually (partition size =...
Page 398: Running Out Of Memory - Soft Restarts
14: O (OSPF) HAPTER HORTEST IRST The estimate (maxRoutingTableSize) of the maximum number of routing table entries the system can hold for a given memory size is a hardcoded value. On extended memory systems this value is 51200. On systems without extended memory this value is only 1024.
Page 399: Manual Memory Allocation
OSPF Memory Partition You can manually control the OSPF current partition maximum size. You Manual Memory Allocation can enter any value between 4096 and the maximum memory available on your system, as shown in the command ip ospf partition modify prompt.
Page 400: Stub Default Metrics
14: O (OSPF) HAPTER HORTEST IRST Stub Default Generally, a stub area is a network that is connected to an OSPF routing Metrics domain by a single area border router (ABR). External link state advertisements are not advertised into stub areas. Instead, the ABR injects a Type 3 summary link state advertisement that contains a single external default route into the stub area.
Page 401: Virtual Links
Virtual Links Virtual Links The backbone area (0.0.0.0) must link to all areas. If any areas are disconnected from the backbone, some areas of the autonomous system (AS) become unreachable. In the rare case that it is impossible to physically connect an area to the backbone, you can use a virtual link. The virtual link provides a logical path to the backbone for the disconnected area.
Page 402: Important Considerations
14: O (OSPF) HAPTER HORTEST IRST In Figure 71, area 0.0.0.1 cannot be physically connected to the backbone area. Instead, connectivity to the backbone is achieved using a virtual link, configured between router A and router B. Area 0.0.0.2 is the transit area, and router B is the entry point into backbone area 0.0.0.0.
Page 403: Ospf Routing Policies
OSPF Routing Policies OSPF Routing Routing policies are rules that define criteria to control the flow of routes Policies to and from the routing table. Your system supports two types of OSPF routing policies: import policies that dictate which routes are added to the routing table and export polices that dictate which routes are advertised to other routers.
Page 404: Important Considerations
14: O (OSPF) HAPTER HORTEST IRST Consider the following guidelines when you work with OSPF routing Important Considerations policies: You can only apply OSPF policies against external routes. External routes refer to routes that are advertised over the network using external link state advertisements (LSAs).
Page 405: Implementing Import Policies
OSPF Routing Policies You can set up an IP RIP or OSPF import or export policy to accept or advertise the default route, as long as the default route exists in the routing table. When you define a policy, you are always prompted for the route subnet mask after the route address, even though you specify the wildcard route address of 0.0.0.0.
Page 406 14: O (OSPF) HAPTER HORTEST IRST Figure 72 illustrates the import policy process. Figure 72 Import Policy Process IP Network OSPF Incoming traffic (non-self-originated) Link State Database Reject Import Policy Accept Routing Table Information that you define for an import policy includes: The route or routes to which you want the policy to apply, specified by a network address and subnet mask.
Page 407 OSPF Routing Policies For routes that are accepted into the routing table as defined by the policy, you can define a new cost metric value for the route, or you can adjust the existing cost metric using one of these operators: + adds the specified number to the existing cost metric - subtracts the specified number from the existing cost metric * multiplies the specified number by the existing cost metric...
Page 408: Implementing Export Policies
14: O (OSPF) HAPTER HORTEST IRST Import Example 1: Accept Route The policy defined in Table 48 imports route 243.140.28.0 into the routing table and assigns a cost of 10 to the route. Table 48 Import Policy Example Policy Field Definition Policy type import...
Page 409 OSPF Routing Policies When you define an export policy, you can configure the router to accept or reject routes. An accept export policy configures the router to place the specified route in external link state advertisements for propagation over the network. The routes are advertised with the cost and the external metric type defined by the policy.
Page 410 14: O (OSPF) HAPTER HORTEST IRST When you specify RIP or static as the origin protocol, you can specify the source address of the router that originated the RIP or static route. For example, you can define an export policy to reject (that is, not advertise) all statically defined routes, in which case you specify the local router’s ID as the source address.
Page 411 OSPF Routing Policies Export Policies for RIP and Static Routes Table 50 shows the export policies that can be applied to RIP and statically defined routes. Table 50 OSPF Export Policies for RIP and Static Routes External Origin Source Policy Metric Metric Protocol...
Page 412 14: O (OSPF) HAPTER HORTEST IRST Export Policies for Direct Interfaces Table 51 shows the possible export policies that can be applied to directly connected router interfaces. Table 51 OSPF Export Policies for Directly Connected Interfaces External Origin Policy Metric Metric Protocol Interface...
Page 413 OSPF Routing Policies Export Example 2: Prohibit Advertisement of Static Address The policy defined in Table 53 prohibits a router from advertising any static route originating from router 131.141.127.7. Table 53 Export Policy to Reject Static Routes Policy Field Definition Policy type export Origin protocol...
Page 414 14: O (OSPF) HAPTER HORTEST IRST Export Example 4: Advertisement of Direct Interfaces The policy defined in Table 55 configures a router to advertise direct interface 8 as a Type 2 external metric with a cost increase of 2. Table 55 Export Policy to Accept a Direct Interface Policy Field Definition Policy type...
Page 415 OSPF Routing Policies Export Example 6: Advertisement of RIP Routes The policy defined in Table 57 configures an autonomous system boundary router to advertise all routes that are imported from a RIP network as Type 2 external metrics with associated costs of 10. Table 57 Export Policy to Accept RIP Routes Policy Field Definition...
Page 416: Ospf Statistics
14: O (OSPF) HAPTER HORTEST IRST OSPF Statistics From the Administration Console and the Web Management interface, you can display general statistics for specific OSPF interfaces. These statistics provide valuable information useful in troubleshooting network and system issues. For example, the number of SPF computations directly corresponds to the number of topological changes that the interface had to converge on.
Page 417: Standards, Protocols, And Related Reading
Standards, Protocols, and Related Reading Standards, OSPF as implemented on this system is described in the following Internet Protocols, and Engineering Task Force (IETF) Request for Comment (RFC) documents: Related Reading RFC 1583, Moy, J., OSPF Version 2, March 1994. RFC 1850, Baker, F., and Coltrun, R., OSPF Version 2 Management Information Base, November 1995.
Page 418 14: O (OSPF) HAPTER HORTEST IRST...
Page 419: Ipx Routing
IPX R OUTING This chapter provides an overview, key concepts, guidelines, and other key information about using the Internet Packet Exchange (IPX) protocol to route packets to and from your system. IPX Routing Overview Key Concepts Key Guidelines for Implementation IPX Interfaces IPX Routes IPX Servers...
Page 420: Features
15: IPX R HAPTER OUTING Figure 74 shows the relationship of the IPX protocol to the Open System Interconnection (OSI) reference model. Figure 74 IPX Protocol in the OSI Reference Model Layers in the OSI Reference Application Applications NetWare Service Routing Advertising Information...
Page 421: Key Concepts
Key Concepts Key Concepts This section explains how IPX routing works and provides a glossary of IPX routing terms. To route packets using the IPX protocol, take these general steps: How IPX Routing Works 1 Define an IPX routing interface. 2 Decide which IPX routing and server options you want to use.
Page 422 15: IPX R HAPTER OUTING IPX Packet Format An IPX packet consists of a 30-byte header followed by packet data. The packet header contains network, node, and socket addresses for both the destination and the source. Figure 75 shows the IPX packet format. Figure 75 IPX Packet Format Checksum (2 bytes)
Page 423 Key Concepts Destination node — A 6-byte field that contains the physical address of the destination node. Destination socket — A 2-byte field that contains the socket address of the packet’s destination process. Source network — A 4-byte field that contains the source node network number.
Page 424 15: IPX R HAPTER OUTING IPX Packet Delivery Successful packet delivery depends both on proper addressing and on the network configuration. The packet’s Media Access Control (MAC) protocol header and IPX header address handle packet addressing. The sending node must have the destination’s complete network address, including the destination network, node, and socket.
Page 425 Key Concepts Sending Node’s Responsibility When sending and destination nodes have the same network number, the sending node addresses and sends packets directly to the destination node. If sending and destination nodes have different network numbers, as in Figure 76, the sending node must find a router on its own network segment that can forward packets to the destination node’s network segment.
Page 426: Terminology
15: IPX R HAPTER OUTING Places its own node address in the source address field of the packet’s MAC header Increments the transport control field in the IPX header and sends the packet to the next router Terminology Review the following IPX routing terms that are used extensively throughout this chapter: Address —...
Page 427: Key Guidelines For Implementation
Key Guidelines for Implementation Key Guidelines for Consider the guidelines in this section when you configure your system Implementation for IPX routing. Procedural Guidelines Complete the following steps to set up IPX routing on your system: 1 Set up your VLAN interfaces. 2 Define the IPX interfaces before you define the routes and servers.
Page 428: Ipx Interfaces
15: IPX R HAPTER OUTING IPX Interfaces An IPX interface has the following information associated with it: IPX network address — You must set this 4-byte address. Make each address unique within the network. Cost — A number between 1 and 65534 that the system uses to calculate route tiks.
Page 429: Per-Interface Options
IPX Interfaces Before you define the IPX (routing) interface, you must define a VLAN and select IPX, IPX-II, IPX-802.2, IPX-802.2 LLC, or IPX-802.3-SNAP as the protocol to be supported by the VLAN. See Chapter 9. Unless your network has special requirements, such as the need for redundant paths, assign a cost of 1 to each interface and do not modify this setting.
Page 430: Ipx Routes
15: IPX R HAPTER OUTING IPX Routes Your system maintains a table of routes to other IPX networks. You can: Use RIP mode to exchange routing information dynamically. Use the Administration Console to make static entries in the table. Important Consider the following guidelines when you set up an IPX route: Considerations The first line in the output (the status line) indicates whether:...
Page 431: Primary And Secondary Routes
IPX Routes If an interface goes down, routes are temporarily removed from the routing table until the interface comes back up. Static routes take precedence over dynamically learned routes to the same destination. You can have a maximum of 32 static routes. When you use the IPX route remove option to remove a route, that route is immediately removed.
Page 432: Routing Tables
15: IPX R HAPTER OUTING RIP operates with active and passive network devices: Active devices — Usually routers, they broadcast their RIP messages to all devices in a network; they update their own routing tables when they receive a RIP message. Passive devices —...
Page 433: Selecting The Best Route
IPX Routes Figure 77 shows an example of a typical routing information table. Figure 77 Sample Routing Table Routing table Interface Address Hops Tics Node 00-00-00-00-00-00 45469f30 00-00-00-00-00-00 45469f33 08-00-17-04-33-45 The routing information table is updated statically or dynamically. Large networks contain many possible routes to each destination. A Selecting the Best Route router performs the following steps to find the best route toward a...
Page 434: Ipx Servers
15: IPX R HAPTER OUTING IPX Servers Your system creates and maintains a server information table that lists all the servers that reside on other IPX networks. You can: Use SAP to exchange server information dynamically. Make static entries in the server table. Important Consider the following guidelines when you set up an IPX server: Considerations...
Page 435: Primary And Secondary Servers
IPX Servers You can set up both Primary and Secondary servers in the server table. Primary and Secondary Servers You can set up Secondary servers to serve as a backup to the Primary server set up on the same IPX server. To set up Secondary servers on your system, see the IPX chapter in the Command Reference Guide.
Page 436: Server Tables
15: IPX R HAPTER OUTING SAP Aging Router SAP agents use a special aging mechanism to deal with a SAP agent that goes down suddenly without sending a DOWN broadcast. A hardware failure, power interruption, or power surge can cause this situation.
Page 437: Ipx Forwarding
IPX Forwarding This table contains the following data: Interface — The interface from which server information is received Server name — The name of the server Server type — The type of service the server provides Network address — The address of the network that contains the server Node address —...
Page 438: Ipx Rip Mode
15: IPX R HAPTER OUTING IPX RIP Mode You can exchange routing information on a NetWare network using the option. This option selects the IPX RIP mode that is ipx rip mode appropriate for your network and selects the routers that use RIP mode to create and maintain their dynamic routing tables.
Page 439: Rip Policies
IPX RIP Mode Each router maintains a table of current routing information (the routing RIP Policies table). The routing protocols receive or advertise routes from the network. RIP policies control the flow of routing information among the network, the protocols, and the routing table manager. Routing policies allow you to define: The import policies that specify which routes the router places into the routing table.
Page 440 15: IPX R HAPTER OUTING RIP Policy Parameters These parameters define SAP policies: Policy type — Import (apply the policy to received services) or Export (apply the policy to advertised services). Route origin — The origin of the route for this policy if it is an export policy: static, RIP, or all.
Page 441: Ipx Sap Mode
IPX SAP Mode IPX SAP Mode IPX SAP provides routers and servers that contain SAP mode agents with a means of exchanging network service information. Through SAP, servers advertise their services and addresses. Routers gather this information and share it with other routers. With this process, routers dynamically create and maintain a database (server table) of network service information.
Page 442 15: IPX R HAPTER OUTING SAP Import Polices Each time that the router receives an advertised service, it compares the service to the import polices to decide whether to add the service to the service table or drop it. If the router accepts the service, the router adds it to the service table.
Page 443: Ipx Statistics
IPX Statistics Node address — The 6-byte MAC address of the router that can forward packets to the network. Interfaces — One or more IP interface index numbers associated with this policy. Action — Whether this router accepts or rejects a service that matches the policy.
Page 444: Standards, Protocols, And Related Reading
15: IPX R HAPTER OUTING Standards, The following standards and protocols apply when you use IPX to route Protocols, and packets on your system: Related Reading IEEE 802.2 IEEE 802.2 LLC IEEE 802.3 IEEE 802.3-RAW IEEE 802.3-SNAP Internet Packet eXchange (IPX) — RFC 1234, RFC 1552 Routing Information Protocol (RIP) —...
Page 445: Apple Talk
PPLE This chapter provides guidelines, limitations, and other key information about routing with AppleTalk technology. This information includes: AppleTalk Overview Key Concepts Key Implementation Guidelines AppleTalk Interfaces AppleTalk Routes AppleTalk Address Resolution Protocol (AARP) Cache AppleTalk Zones Forwarding AppleTalk Traffic Checksum Error Detection AppleTalk Echo Protocol (AEP) AppleTalk Statistics...
Page 446: Features
16: A HAPTER PPLE AppleTalk transport and application services operate over a best-effort Delivery Datagram Protocol (DDP). The AppleTalk Data Steam Protocol (ADSP) ensures reliable transmission of AppleTalk information. Your system supports AppleTalk version 2, which runs the AppleTalk Routing Table Maintenance Protocol (RTMP). As a distance-vector based routing protocol, RTMP constructs the best paths based on hop-count information that is propagated by neighbors.
Page 447: Benefits
AppleTalk Overview Checksum error detection — AppleTalk uses checksums to detect errors in data transmissions. Your system allows you to enable or disable checksum generation and verification. See “Checksum Error Detection” later in this chapter for more information. AppleTalk Echo Protocol (AEP) — Your system supports AppleTalk Echo Protocol, which you can use to test the connectivity and response of an AppleTalk device.
Page 448: Key Concepts
16: A HAPTER PPLE Key Concepts Before configuring AppleTalk, review the following key concepts and terms discussed in these sections: AppleTalk Protocols AppleTalk Network Elements Terminology AppleTalk Protocols AppleTalk protocols ensure the flow of information through AppleTalk networks. Figure 79 shows a simplified view of AppleTalk protocols and their relationship to the OSI Reference Model.
Page 449 Key Concepts The AppleTalk six-layer protocol suite does not fully comply with the OSI seven-layer model. However, AppleTalk provides many of the functions and services of OSI. AppleTalk has no specific protocols for the Application layer because the lower levels provide printer and file service. Physical Layer Protocols The Physical layer of the OSI protocol stack defines the connection with network hardware.
Page 450 16: A HAPTER PPLE Transport Layer Protocols The Transport layer and the Session layer provide end-to-end services in the AppleTalk network. These services ensure that routers transmit data accurately between one another. Each layer includes four protocols that work together to support these services. This section describes these protocols and provides more detail for the protocols that you can view using the Administration Console.
Page 451 Key Concepts A router uses these items to determine the best path along which to forward a data packet to its destination. The routing table contains an entry for each network that a router’s datagram can reach within 15 hops. The table is aged at set intervals as follows: 1 After a specified period of time, the RTMP changes the status of an entry from good to suspect.
Page 452 16: A HAPTER PPLE Table 58 Routing Table for Router 24 in Figure 80 Network Range Distance (hops) Interface State Good 12-12 Good 18-20 Good 103-103 Good 64-64 Good You view the AppleTalk routing tables in your network through the Administration Console.
Page 453 Key Concepts AppleTalk Data Stream Protocol (ADSP) The ADSP works with the ATP to ensure reliable data transmission. Unlike ATP, however, ADSP provides full-duplex byte-stream delivery. Therefore, two nodes can communicate simultaneously. ASDP also includes flow control, so that a fast sender does not overwhelm a slow receiver.
Page 454: Appletalk Network Elements
You assign these numbers from a range of valid network numbers. Two AppleTalk network numbering systems are currently in use: nonextended (Phase 1) and extended (Phase 2). 3Com routers support ® extended network numbers. While the CoreBuilder 3500 system does not translate Phase 1 packets to Phase 2 packets, it does route packets to a Phase 1 network.
Page 455: Terminology
Key Concepts Named Entities When a device on the network provides a service for other users, you can give the device a name. The name appears on the Chooser menu of the Macintosh with an associated icon. For example, the Chooser of the Macintosh can include a printer icon.
Page 456 16: A HAPTER PPLE Phase 1 network — Also known as a nonextended network, AppleTalk networks that contain a single network number (such as network 2). Phase 1 networks do not allow two nodes on a single network segment to belong to different zones. Phase 2 network —...
Page 457: Key Implementation Guidelines
Key Implementation Guidelines Consider the following guidelines when designing a dependable and Implementation scalable AppleTalk network: Guidelines All AppleTalk routers on the same network segment must have the same configuration. This means all seed routers must be configured with matching: Network ranges.
Page 458: Appletalk Interfaces
16: A HAPTER PPLE AppleTalk On the CoreBuilder 3500, an AppleTalk interface defines the relationship Interfaces between a virtual LAN (VLAN) and an AppleTalk network. An AppleTalk interface has these elements associated with it: Seed Interface — You can configure the interface to be a seed or nonseed interface: A seed interface initializes (“seeds”) the network with your...
Page 459: Important Considerations
AppleTalk Interfaces Before configuring AppleTalk interfaces, review the following guidelines Important Considerations and considerations: Your system can support up to 32 AppleTalk interfaces. Each seed interface supports up to 16 zones. Your system supports a maximum of 1 AppleTalk interface per VLAN; overlapping AppleTalk interfaces on a bridge VLAN is not allowed.
Page 460: Appletalk Routes
16: A HAPTER PPLE AppleTalk Routes Your system maintains a table of local and remote routes to all reachable AppleTalk networks. The Routing Table Maintenance Protocol (RTMP) automatically generates the routing table. RTMP defines rules for: Information contained within each routing table — Routers use the information within this table to determine how to forward data on the basis of its destination network number.
Page 461 AppleTalk Routes When a router receives an RTMP packet that contains a routing entry currently not in it’s table, the router adds the entry to its routing table, and increments the route’s distance (hop count) by 1. When a network is removed from the RTMP table (whether manually, or though the aging process), the router also scans the Zone Information Table (ZIT), and removes ZIT entries that contain the deleted network number.
Page 462: Appletalk Address Resolution Protocol (Aarp) Cache
16: A HAPTER PPLE AppleTalk Address The AppleTalk Address Resolution Protocol (AARP) maps the hardware Resolution Protocol address of an AppleTalk node to an AppleTalk protocol address. AARP (AARP) Cache maps for both extended and nonextended networks. Your system uses AppleTalk Address Resolution Protocol (AARP) to map hardware addresses to AppleTalk protocol addresses.
Page 463 AppleTalk Address Resolution Protocol (AARP) Cache AARP also registers a node’s dynamically assigned address on the network, as follows: AARP randomly assigns an address. To determine whether another node is already using the address, the system broadcasts AARP probe packets containing the address. If the system receives no reply, the address becomes the node’s address.
Page 464: Appletalk Zones
16: A HAPTER PPLE AppleTalk Zones An AppleTalk zone is a logical collection of nodes on an AppleTalk intranet. A zone can include all nodes in a single network or a collection of nodes in different networks. You assign a unique name to each zone to identify it in the intranet.
Page 465: Important Considerations
AppleTalk Zones AppleTalk routers use the Zone Information Protocol (ZIP) to map network numbers to Zones. Each AppleTalk router maintains a Zone Information Table (ZIT), which lists the zone-to-network mapping information. Creating zones within a network reduces the amount of searching that a router must do to find a resource on the network.
Page 466: Changing Zone Names
16: A HAPTER PPLE When you change the zone information for a network, all routers on the Changing Zone Names segment must update their zone information tables with the new information. Although no AppleTalk mechanism forces routers to update zone lists, you can successfully change the zones associated with a network segment by: Aging out the network range —...
Page 467 AppleTalk Zones To change the associated zones for a network segment without changing the segment’s network range: 1 For any seed interfaces on the segment, use the appletalk interface command to enter the new zone list for the existing network modify range.
Page 468: Forwarding Appletalk Traffic
16: A HAPTER PPLE Forwarding You can choose to enable or disable AppleTalk forwarding on your AppleTalk Traffic system. Enabling Forwarding When you enable AppleTalk forwarding, you enable the forwarding of Datagram Delivery Protocol (DDP) packets. Because AppleTalk uses this network layer protocol, this also enables the routing of AppleTalk packets.
Page 469: Checksum Error Detection
Checksum Error Detection Checksum Error You can enable or disable checksum generation and verification. The Detection AppleTalk protocol uses checksums to detect errors in data transmissions. A checksum totals all data bytes and adds the sum to the checksum field of the data packet.
Page 470: Appletalk Statistics
16: A HAPTER PPLE AppleTalk Statistics You can view statistics for the following AppleTalk protocols: Datagram Delivery Protocol Routing Table Maintenance Protocol Zone Information Protocol Name Binding Protocol Datagram Delivery AppleTalk extends the normal node-to-node delivery of packets to a Protocol process-to-process delivery.
Page 471: Routing Table Maintenance Protocol
AppleTalk Statistics inShortDdps — Number of input DDP datagrams that were dropped because the system was not their final destination and their type was short DDP inTooFars — Number of input datagrams that were dropped because the system was not their final destination and their hop count would exceed 15 inTooLongs —...
Page 472: Zone Information Protocol
16: A HAPTER PPLE routeEqChgs — Number of times that RTMP changed the Next Internet Router in a routing entry because the hop count advertised in a routing table was equal to the current hop count for a particular network routeLessChgs —...
Page 473: Name Binding Protocol
AppleTalk Statistics outAddrInvs — Number of times that this system had to broadcast a ZIP GetNetInfo reply because the GetNetInfo request had an invalid address outExReplies — Number of ZIP extended replies sent outGniReplies — Number of ZIP GetNetInfo reply packets sent out of this port outGniRequests —...
Page 474: Standards, Protocols, And Related Reading
16: A HAPTER PPLE Standards, For more information about AppleTalk technology, see the following Protocols, and publications: Related Reading Gursharan S. Sidhu, Richard F. Andrews, and Alan B. Oppenheimer, Inside AppleTalk, Second Addition (Addison-Wesley Publishing Company, 1990). RFC 1742, AppleTalk Management Information Base II...
Page 475: Q O Sand Rsvp
RSVP This chapter provides guidelines and other key information about how to use Quality of Service (QoS) and the Resource Reservation Protocol (RSVP) on your system. QoS Overview Key Concepts Key Guidelines for Implementation QoS Classifiers QoS Controls Examples of Classifiers and Controls Modifying and Removing Classifiers and Controls QoS Excess Tagging Transmit Queues and QoS Bandwidth...
Page 476: Qos Overview
17: Q RSVP HAPTER QoS Overview Quality of Service (QoS) is an advanced feature that allows you to establish control over network traffic. QoS provides policy-based services, which establish various grades of network service to accommodate different types of traffic, such as multimedia, video, protocol-specific, time-critical, and file-backup traffic.
Page 477: Methods Of Using Qos
QoS Overview Improve performance for specific types of traffic and preserve performance as the volume of traffic grows. Reduce the need to constantly add bandwidth to the network. Manage network congestion. Methods of Using Your system’s implementation of QoS focuses on traffic classification, policy-based management, and bandwidth.
Page 478: Key Concepts
17: Q RSVP HAPTER Key Concepts Before configuring QoS, review the following standards and terms. Related Standards The system supports IEEE 802.1Q, IEEE 802.1p, and the RSVP protocol. and Protocols IEEE 802.1p This standard, which is part of the IEEE 802.1D MAC Bridges base standard, focuses on traffic class prioritization as well as dynamic multicast filtering services in bridged LANs.
Page 479: Terminology
Key Concepts The Resource Reservation Protocol (RSVP) This connection-oriented IP protocol handles bandwidth reservation. The request for comments document RFC 2205 describes the details of RSVP. RSVP aims to meet the demands of real-time voice and video applications by using a QoS flow specification that mandates parameters such as the maximum frame transmission rate, long-term average frame transmission rate, maximum frame jitter, and maximum end-to-end delay.
Page 480 17: Q RSVP HAPTER Controls — Define the following parameters to assign rate limits and priorities to the packets that are associated with one or more classifiers: Rate limit — Limits the amount of input bandwidth used by incoming classified traffic (optionally, on a per-port basis). When you define a control, you can specify one of three rate limits: none (no rate limit), receivePort (a separate limit on each specified receive port), aggregate (limits on groups of receive ports)
Page 481 Key Concepts Timer option — The QoS Timer option lets you configure a QoS session to take effect during a predefined time period by setting the start and end times for the specific control. IEEE 802.1Q priority tag — When you define a control for a classifier, you can select an IEEE 802.1p priority tag value to insert into forwarded frames.
Page 482: Key Guidelines For Implementation
17: Q RSVP HAPTER Key Guidelines for Consider the following guidelines when you configure QoS on your Implementation system. Procedural Guidelines Configure classifiers and controls in the following order: 1 Define a classifier, or choose a predefined classifier. Identify a particular type of traffic that you want to regulate and define a classifier for this traffic via the Administration Console or the Web Management Traffic Policy Wizard.
Page 483: Qos Classifiers
QoS Classifiers QoS Classifiers You define classifiers to distinguish certain types of traffic from other types of traffic. A classifier tells the system how to identify a certain type of traffic; after defining a classifier, you must apply a control to the classifier.
Page 484: Assigning Flow And Nonflow Classifier Numbers
17: Q RSVP HAPTER Figure 82 Predefined Classifiers and Associated Controls Classifier Name Control Cast Protocol 802.1p none Flow Telnet Traffic none Background Standard Business Critical Streaming Multimedia Interactive Multimedia Interactive Voice Network Control Nonflow TCP/IP none TCP/IP IP Unicast none IP Multicast none...
Page 485: Defining Flow Classifiers
QoS Classifiers The classifier number indicates precedence. The classifier with the lowest number takes precedence if a packet meets the criteria for more than one classifier. For example, you might use two classifiers as follows: You define a flow classifier with classifier number 6 that recognizes all TCP or UDP traffic from IP address 3.3.3.3.
Page 486 17: Q RSVP HAPTER Flow Classifier Information You supply the following information when defining a flow classifier: A classifier number in the range 1 to 399 (20 and 23 are predefined) A classifier name (a unique name of up to 32 characters long) A cast type (unicast, multicast, or both).
Page 487 QoS Classifiers For the source or destination IP address mask, you specify how many parts of the IP address you want to match. Place a 255 in each portion of the mask that you want the software to recognize; place a 0 in any portion of the mask that you want the software to ignore.
Page 488: Defining Nonflow Classifiers
17: Q RSVP HAPTER Nonflow classifiers enable you to classify bridged or routed frames Defining Nonflow Classifiers according to protocol, cast type, and/or IEEE 802.1p priority tag values. You can define up to 16 nonflow classifiers per system. The system predefines 16 nonflow classifiers for you.
Page 489: Qos Controls
QoS Controls QoS Controls After you define a classifier, you assign it a control to apply one or more of the following: A rate limit (to limit the amount of input bandwidth the classifier uses) A service level for conforming packets (a transmit priority that maps to a particular transmit queue) Whether packets conforming to the rate limit are loss eligible (that is, discarded instead of queued when transmit queues back up beyond a...
Page 490: Assigning Control Numbers
17: Q RSVP HAPTER Each control must have a unique control number. When you define a Assigning Control Numbers control, the system provides the next-available control number, but you can specify any unreserved control number. The system supports control numbers in the range 1 to 50 and predefines controls 1 through 4 for some of the predefined nonflow classifiers.
Page 491 QoS Controls For the rate limit type receivePort or aggregate, the following: Service level for nonconforming excess (packets exceeding the rate limit) Whether nonconforming excess are loss eligible. The default is yes. How the rate limit is expressed (percentage of port bandwidth or KBytes/sec) Rate-limit value (0 to 65434 Kbytes or 0 to 100 percent).
Page 492: Specifying Rate Limits
17: Q RSVP HAPTER A rate limit restricts the amount of input bandwidth used by incoming Specifying Rate Limits classified traffic (optionally, on a per-port basis). When you define a control, you can specify one of three rate limits: None — No rate limit ReceivePort —...
Page 493: Specifying Service Levels
QoS Controls After specifying how the rate limit is expressed, you can specify a burst size. The burst size is the maximum amount of data that you can transmit at the line rate before the transmission is policed. This value accommodates variations in speeds and allows you to occasionally exceed the configured rate.
Page 494: Specifying Tcp Drop Control
17: Q RSVP HAPTER The TCP drop control option lets you create a control for packets used to Specifying TCP Drop Control establish TCP connections. This control affects QoS Flow Classifiers that have TCP traffic going from “source” IP addresses to “destination” IP addresses.
Page 495: Setting The Qos Timer Control
QoS Controls This next example illustrates how TCP one-way-filtering can be effective. Figure 85 shows the same situation, but with TCP drop control enabled to filter only those packets with the SYN=1 and ACK=0 signature. Figure 85 QoS Control Action (Drop Control Enabled) QoS Classifier: Source IP: 0.0.0.0...
Page 496 17: Q RSVP HAPTER Days of the week use the following syntax: (Monday=1, Tuesday=2, Wednesday=3, Thursday=4, Friday=5, Saturday=6, Sunday=7). For example, to enter Monday as the day of the week, you would type: 1 You can check the timer control options using the “qos control detail” command.
Page 497: Examples Of Classifiers And Controls
Examples of Classifiers and Controls Examples of The following six examples show different ways to implement flow and Classifiers and nonflow classifiers and their associated controls. Controls In the first example, a flow classifier is defined with two address and port Example 1: Traffic to and from a Specific patterns (filters) to classify traffic from subnets of the 168.101.0.0...
Page 498 17: Q RSVP HAPTER Classifier Field Classifier Definition UDP source port range (end) 65535 UDP destination port range (start) 2020 UDP destination port range (end) 2020 Add another filter (address/port pattern)? Source IP address 168.101.0.0 Source IP address mask 255.255.0.0 Destination IP address 168.101.162.151 Destination IP address mask...
Page 499: Example 2: Filtering Traffic To A Destination
Examples of Classifiers and Controls The control definition for the to/from classifier: Control Field Definition Control Number Control Name DBServer1 Rate Limit Type none Service Level high Loss Eligible Status 802.1p tag for forwarded frames none Classifiers controlled In the following example, a classifier is defined to block access to the Example 2: Filtering Traffic to a Accounting network 192.1.0.0 (which includes subnets 192.1.1.0 and...
Page 500 17: Q RSVP HAPTER Classifier definition for filtering traffic to a specific destination: Classifier Field Classifier Definition Classifier Number Classifier Name IPFilter1 Cast Type IP protocol type Source IP address 168.20.30.0 Source IP address mask 255.255.255.0 Destination IP address 192.1.0.0 Destination IP address mask 255.255.0.0 UDP source port range (start)
Page 501: Example 3: Using Two Classifiers To Filter Traffic
Examples of Classifiers and Controls In the following example, two flow classifiers (1 and 3) are defined with Example 3: Using Two Classifiers to Filter controls to filter IP traffic. Classifier 1 permits IP traffic between two hosts (192.20.3.3. and 193.20.3.3), while classifier 3 drops IP traffic TCP and Traffic UDP, (not ICMP) to and from one of the hosts (192.20.3.3).
Page 502 17: Q RSVP HAPTER First classifier definition for filtering traffic to/from a specific destination: Classifier Field Classifier Definition Classifier Number Classifier Name 192.20.3.3_to_193.20.3.3 Cast Type IP protocol type Source IP address 192.20.3.3 Source IP address mask 255.255.255.255 Destination IP address 193.20.3.3 Destination IP address mask 255.255.255.255...
Page 503 Examples of Classifiers and Controls Second classifier definition for filtering traffic to/from a specific destination: Classifier Field Classifier Definition Classifier Number Classifier Name 192.20.3.3_to_all Cast Type IP protocol type Source IP address 192.20.3.3 Source IP address mask 255.255.255.255 Destination IP address 0.0.0.0 (all) Destination IP address mask 0.0.0.0...
Page 504: Example 4: Assigning High Priority To Specific Traffic
17: Q RSVP HAPTER In the following example, a classifier is defined to give high priority to Example 4: Assigning High Priority to Web server (http) traffic. In this configuration, all Web servers have Specific Traffic addresses that end in .
Page 505 Examples of Classifiers and Controls Classifier Field Classifier Definition Add another filter (address/port pattern)? y Source IP address 0.0.0.0 Source IP address mask 0.0.0.0 Destination IP address 0.0.0.222 Destination IP address mask 0.0.0.255 UDP source port range (start) UDP source port range (end) UDP destination port range (start) UDP destination port range (end) 65535...
Page 506: Example 5: Nonflow Multimedia Tagged Traffic
17: Q RSVP HAPTER The control definition for this classifier is as follows: Control Field Definition Control Number Control Name httpServer1 Rate Limit Type none Service Level high 802.1p tag for forwarded frames none Classifiers controlled Example 5: Nonflow In this example, a nonflow classifier is defined to classify bridged Multimedia Tagged multimedia traffic with an IEEE 802.1p priority tag of 5 and control this Traffic...
Page 507 Examples of Classifiers and Controls Nonflow classifier definition for Multimedia Traffic with priority tagging: Classifier Field Classifier Definition Classifier Number Classifier Name Interactive Multimedia Cast Type all (unicast, multicast broadcast, UMB) Protocol type IEEE 802.1Q tag(s) The control definition for this classifier is as follows: Control Field Definition Control Number...
Page 508: Example 6: Bridged Nonflow Ip Unicast Traffic
17: Q RSVP HAPTER In this example, a nonflow classifier is defined to classify IP unicast traffic Example 6: Bridged Nonflow IP Unicast between clients and the server on the 168.101.0.0 network. Traffic The applied control handles this bridged traffic with a high priority transmit service level and a rate limit of 75 percent of the link bandwidth.
Page 509 Examples of Classifiers and Controls Nonflow classifier definition for bridged IP Unicast Traffic: Classifier Field Classifier Definition Classifier Number Classifier Name IP_Unicast Cast Type unicast (U) Protocol type IEEE 802.1Q tag(s) 0 to 7 The control definition for this classifier is as follows: Control Field Definition Control Number...
Page 510: Modifying And Removing Classifiers And Controls
17: Q RSVP HAPTER Modifying and You can modify or remove a previously defined classifier or control. When Removing modifying or removing a classifier, you specify the classifier number; Classifiers and when modifying removing a control, you specify the control number. Controls You may want to modify a classifier to alter source/destination information (flow classifier) or change IEEE 802.1p values (nonflow...
Page 511: Qos Excess Tagging
QoS Excess Tagging QoS Excess Tagging Your system enables you to tag nonconforming excess (packets that exceed the rate-limit criteria) with a special IEEE 802.1p tag value. This refers to any packets marked as excess that you want to tag. By default, excess tagging is disabled.
Page 512 17: Q RSVP HAPTER Figure 92 QoS Excess Tagging 169.10.20.30 Conforming (1 MByte) Conforming Excess (500 KBytes) Excess with tag of 2 Server Upstream Downstream system system Classifier definition for QoS Excess Tagging: Classifier Field Classifier Definition Classifier Number Classifier Name VideoServer1 Cast Type multicast...
Page 513: Transmit Queues And Qos Bandwidth
Transmit Queues and QoS Bandwidth The accompanying control definition: Control Field Definition Control Number Control Name VideoServer1 Rate Limit Type receivePort Service Level high Loss Eligible Status Excess Service Level Excess Loss Eligible Status Representation of Rate Limit Kbytes/sec Rate Limit Value 1024 Burst Size Bridge Ports...
Page 514: Ldap
Lightweight Directory Access Protocol (LDAP) is an Internet standard for directory services. LDAP directory services is based on the client/server model and runs over TCP/IP. The CoreBuilder 3500 contains the LDAP client software necessary to communicate and exchange configuration information for QoS parameters stored on the LDAP server.
Page 515: Operation
(499). When a successful connection is made, the QoS parameters are retrieved from the LDAP server using a search filter (a group name or a wildcard). Once a CoreBuilder 3500 is associated with a group configuration, it is automatically updated with the parameters associated with that group configuration.
Page 516: Rsvp
17: Q RSVP HAPTER Figure 93 Updating QoS Parameters from the LDAP Server Administration Console Filter A Filter B LDAP Server QoS Parameters Filter B Filter A Updates Filter A Filter B QoS changes RSVP The Resource Reservation Protocol (RSVP) is an IP service that prevents real-time traffic such as voice or video from overwhelming bandwidth resources.
Page 517: Rsvp Terminology
RSVP To use RSVP, you must be routing. (RSVP operates at Layer 3 for IP-based data flows.) Endstations in the configuration must support RSVP in order to request the reservation of bandwidth through the network. By default, RSVP is disabled on the system. If you decide to use RSVP, it is recommended that you use the default RSVP settings.
Page 518: Example Of Rsvp
Figure 94 shows an RSVP configuration in which an RSVP reservation request flows upstream along a multicast delivery tree (with routers, Layer 3 switches such as the CoreBuilder 3500) until it merges with another reservation request for the same source.
Page 519 RSVP Figure 94 Sample RSVP Configuration Source station Routers End stations...
Page 520: Setting Rsvp Parameters
17: Q RSVP HAPTER If you enable RSVP, you specify the following information: Setting RSVP Parameters The maximum total reservable bandwidth The maximum per-reservation bandwidth The policing option (edge, always, or never, with edge as the default) The service level for excess/policed traffic (best or low, with low as the default).
Page 521: Device Monitoring
EVICE ONITORING This chapter provides descriptions and key operational information about ® device monitoring features and tools of your CoreBuilder 3500 system. The chapter covers these topics. Device Monitoring Overview Key Concepts and Tools Event Logging Baselining Roving Analysis Ping traceRoute SNMP Remote Monitoring (RMON)
Page 522: Device Monitoring Overview
18: D HAPTER EVICE ONITORING Device Monitoring You can use the device monitoring features and tools described in this Overview chapter to analyze your network periodically and to identify potential network problems before they become serious. To identify potential problems in your network, use: Event logging.
Page 523: Network Management Platform
Key Concepts and Tools Network The network management platform allows you to view the health of Management your overall network. With the platform, you can understand the Platform logical configuration of your network and configure views of your network to understand how devices work together and the role they play in the users’...
Page 524: Event Logging
18: D HAPTER EVICE ONITORING Event Logging The event log messages display real-time information about the state of the system, a specific service, or both, and can help you diagnose site-specific problems. The event log captures several types of log messages from various services (applications) and sends them to the Administration Console.
Page 525: Baselining
Baselining Baselining Normally, statistics for MACs and ports start to compile when you turn the system on. Baselining allows you to view statistics compiled over the period of time since a baseline was set. By viewing statistics relative to a baseline, you can more easily evaluate recent activity in your system or on your network.
Page 526: Roving Analysis
Fiber Distributed Data Interface (FDDI) port traffic to another port of the same media type. This second port has an external RMON-1/RMON-2 probe or analyzer attached such as the 3Com Transcend Enterprise Monitor. Through the probe, you can monitor traffic on any switched segment.
Page 527: Key Guidelines For Implementation
Roving Analysis Key Guidelines for To enable the monitoring of ports on a system, follow these general Implementation steps: 1 Add the port on which you want to attach the network analyzer. 2 Start roving analysis. a Select the port that you want to monitor. b Enter the analyzer port’s MAC address.
Page 528 18: D HAPTER EVICE ONITORING If the physical port configuration changes in the system (that is, if you remove or rearrange modules), the MAC address of the analyzer port remains fixed. If the module with the analyzer port is replaced with a different media type module, the RAP configuration is cleared.
Page 529 Roving Analysis The RMON groups that require samples of traffic from the ASICs will not work because they do not receive any traffic data when a port is defined as a monitor port. The system is capable of doing either roving analysis or traffic sampling, but not both at the same time.
Page 530: Ping
18: D HAPTER EVICE ONITORING Ping The ping feature is a useful tool for network testing, performance measurement, and management. It uses the Internet Control Message Protocol (ICMP) echo facility to send ICMP echo request packets to the IP destination that you specify. See Chapter 11 for more information about ICMP.
Page 531: Strategies For Using Ping
Ping Strategies for Using Follow these strategies for using ping: ping Ping devices when your network is operating normally so that you have a performance baseline for comparison. Ping by IP address when: You want to test devices on different subnetworks. This method allows you to ping your network segments in an organized way, rather than having to remember all the hostnames and locations.
Page 532: Traceroute
18: D HAPTER EVICE ONITORING traceRoute Use the traceRoute feature to track the route of an IP packet through the network. TraceRoute information includes all of the nodes in the network through which a packet passes to get from its origin to its destination. The traceRoute feature uses the IP time-to-live (TTL) field in User Datagram Protocol (UDP) probe packets to elicit an ICMP Time Exceeded message from each gateway to a particular host.
Page 533: Snmp
SNMP SNMP Simple Network Management Protocol (SNMP), one of the most widely used management protocols, allows management communication between network devices and your management workstation across TCP/IP internets. See Chapter 2 to review where SNMP fits in the Open System Interconnection (OSI) reference model for the network environment.
Page 534 18: D HAPTER EVICE ONITORING IP Address Assignment For the manager and agent to be able to communicate with one another you need to assign IP addresses as follows: Assign an IP address to either the system processor out-of-band Ethernet port or an in-band Ethernet port, depending on where the management station is attached.
Page 535 SNMP Trap Reporting Traps are events that devices generate to indicate status changes. Every agent supports some trap reporting. You must configure trap reporting at the devices so that these events are reported to your management station to be used by the Network Management Platforms (such as HP OpenView Network Node Manager or SunNet Manager).
Page 536 18: D HAPTER EVICE ONITORING Table 63 Traps Supported by SNMP (continued) Trap Trap Name Source Indication SMT Hold 3C FDDI MIB FDDI SMT state either in holding-prm or Condition holding-sec. SMP Peer Wrap 3C FDDI MIB FDDI SMT connection does not connect Condition to an M-port under DAS mode.
Page 537 SNMP Table 63 Traps Supported by SNMP (continued) Trap Trap Name Source Indication VRRP VRRP MIB A VRRP packet is received from a router Authentication whose authentication failed. The Failure authentication failure under this trap is sub-divided under three types: Invalid authentication type Authentication type is valid, but does not match the type configured...
Page 538: Setting Up Snmp On Your System
18: D HAPTER EVICE ONITORING Security SNMP uses community strings as a form of management security. To enable management communication, the manager must use the same community strings that are configured on the agent. You can define both read and read/write community strings. Because community strings are included unencoded in the header of a User Datagram Protocol (UDP) packet, packet capture tools can easily access this information.
Page 539 SNMP Displaying Community Strings You can display the current SNMP community strings that are assigned. Configuring Community Strings A community string is an octet string, included in each SNMP message, that controls access to system information. The system SNMP agents internally maintain two community strings that you can configure: Read-only community strings with the default public Read-write community strings with the default private...
Page 540 18: D HAPTER EVICE ONITORING Removing Trap Destinations — When you remove a destination, no SNMP traps are reported to that destination. Flushing All SNMP Trap Destinations — When you flush the SNMP trap reporting destinations, you remove all trap destination address information for the SNMP agent.
Page 541: Remote Monitoring (Rmon)
RMON in Your System RMON-1 Groups RMON-2 Groups The CoreBuilder 3500 does not provide RMON support for Gigabit Ethernet ports. You can gain access to the RMON capabilities of the system through SNMP applications such as Transcend Network Control Services software, not through the serial interface or Telnet.
Page 542: Overview Of Rmon
18: D HAPTER EVICE ONITORING Overview of RMON RMON provides a way to monitor and analyze a local area network (LAN) from a remote location. The Internet Engineering Task Force (IETF) defines RMON-1 (RMON Version 1) in documents RFC 1271 and RFC 1757; RFC 2021 defines the extension of RMON-1, RMON-2 (RMON Version 2).
Page 543: Rmon Benefits
Remote Monitoring (RMON) RMON Benefits From a network management console, traditional network management applications poll network devices such as switches, bridges, and routers at regular intervals. The console gathers statistics, identifies trends, and highlights network events. The console polls network devices constantly to determine if the network is within its normal operating conditions.
Page 544: Rmon In Your System
18: D HAPTER EVICE ONITORING RMON in Your System Your system supports RMON as follows: RMON-1 support — The system software offers full-time embedded RMON support using SNMP for seven RMON-1 groups. (RMON-1 defines 10 groups.) FDDI extensions — The system software offers full support for two FDDI groups: axFddistatistics and axFddihistory.
Page 545: 3Com Transcend Rmon Agents
LAN that is separated by a bridge or router, the cost of implementing many probes in a large network can be high. To solve this problem, 3Com has built an inexpensive RMON probe into the Transcend SmartAgent software in each system. With this probe you deploy RMON widely around the network at a cost of no more than the cost of traditional network monitors.
Page 546: Important Considerations
All other RMON group data is hardware sampled. The system can be configured to keep hardware-sampled RMON group data on up to four ports per CoreBuilder 3500 system. No RMON data is kept for Gigabit Ethernet modules. There is no limit to the number of network management stations...
Page 547: Rmon-1 Groups
Remote Monitoring (RMON) RMON-1 Groups The system supports seven of the RMON-1 groups that the IETF defines. Table 64 briefly describes these groups. Table 64 RMON-1 Groups Supported in the System Group RMON-1 Group Number Purpose Statistics Maintains utilization and error statistics for the segment being monitored History Gathers and stores periodic statistical...
Page 548 18: D HAPTER EVICE ONITORING Number of received broadcast packets Number of received multicast packets Number of received packets with CRC or alignment errors Number of received packets that are undersized but otherwise well-formed Number of received packets that are oversized but otherwise well-formed Number of received undersized packets with either a CRC or an alignment error...
Page 549 Remote Monitoring (RMON) Number of received packets that are undersized but otherwise well-formed Number of received packets that are oversized but otherwise well-formed Number of received undersized packets with either a CRC or an alignment error Number of detected transmit collisions Estimate of the mean physical layer network utilization Alarm Group The system supports the following RMON alarm mechanisms:...
Page 550 18: D HAPTER EVICE ONITORING An alarm calculates the difference in counter values over a set time interval and remembers the high and low values. When the value of a counter exceeds a preset threshold, the alarm reports this occurrence. Using Transcend Network Control Services or any other SNMP network management application, you can assign alarms to monitor any counter, gauge, timetick, or integer.
Page 551 Remote Monitoring (RMON) RMON Hysteresis Mechanism The RMON hysteresis mechanism prevents small fluctuations in counter values from causing alarms. Alarms occur only when either: The counter value exceeds the high threshold after previously falling below the low threshold. (An alarm does not occur if the value has not fallen below the low threshold before rising above the high threshold.) The counter value falls below the low threshold after previously exceeding the high threshold.
Page 552: Rmon-2 Groups
18: D HAPTER EVICE ONITORING Matrix Group The matrix group records the following statistics about conversations between sets of addresses: Number of packets transmitted from the source address to the destination address Number of octets, excluding errors, transmitted from the source address to the destination address Number of bad packets transmitted from the source address to the destination address...
Page 553 Remote Monitoring (RMON) Table 67 RMON-2 Groups Supported in the System (continued) Group RMON-2 Group Number Purpose nlMatrix A network-layer matrix that provides statistics on the amount of traffic between source/destination pairs of hosts based on network-layer address. It also maintains a TopN table to rank pairs of hosts based on the number of octets or number of packets sent between pairs of hosts.
Page 554 18: D HAPTER EVICE ONITORING Protocol Distribution Group The protocolDist group tracks how many octets and packets the supported protocols have sent. It features two tables, a protocol distribution control table that manages the collection of the statistics for the supported protocols, and a protocol distribution statistics table that records the statistics.
Page 555 Remote Monitoring (RMON) Network-Layer Matrix Group The nlMatrix group gathers statistics about pairs of hosts based on network-layer address. (The RMON-1 matrix group gathers statistics based on MAC address.) This group features two control tables and three data tables. One control table and its data tables collect matrix statistics;...
Page 556: Management Information Base (Mib)
Protocol (SNMP) network management package, such as the Transcend Network Control Services application suite, to manage a network device without having a specific description of that device. 3Com ships the following MIB files with Extended System software as ASN.1 files: BRIDGE-MIB.mib —...
Page 557 Management Information Base (MIB) IF-MIB-V1SMI.mib — Interface MIB, SMI Version 1, RFC 1573 Unsupported tables in this MIB: ifTestTable ifRcvAddressTable ifHC 64-bit counters MIB2-MIB.mib — MIB-II MIB, RFC 1213 Unsupported groups and tables in this MIB: egp group OSPF-MIB.mib — OSPF MIB, RFC 1850 RMON-MIB.mib —...
Page 558: Compiler Support
SOURCE-ROUTING-MIB.mib — Source Routing Bridges MIB, RFC 1525 VRRP-MIB.mib — Virtual Router Redundancy Protocol MIB, Draft RFC 3Com Enterprise MIBs — See “3Com Enterprise MIBs” later in this chapter. Compiler Support Compiler Support ASN.1 MIB files are provided for these MIB compilers: SunNet Manager (version 2.0)
Page 559: Mib Objects
MIBs include MIB-II, other standard MIBs (such as the RMON MIB), and vendors’ private MIBs (such as enterprise MIBs from 3Com). These MIBs and their objects are part of the MIB tree.
Page 560: Mib Tree
18: D HAPTER EVICE ONITORING MIB Tree The MIB tree is a structure that groups MIB objects in a hierarchy and uses an abstract syntax notation (ASN.1) to define manageable objects. Each item on the tree is assigned a number (shown in parentheses after each item), which creates the path to objects in the MIB.
Page 561 MIB(1) mgmt(2) private(4) egp(8) experimental(3) transmission(10) 3Com(43) snmp(11) synernetics(114) chipcom(49) startek(260) enterprises(1) onstream(135) retix(72) axon(370) Statistics(1) 3Com Enterprise History(2) ProtocolDir(11) MIBs RMON(16) Alarm(3) Protocol Dist(12) Hosts(4) AddressMap(13) nlHost(14) HostTopN(5) Matrix(6) nlMatrix(15) Filter(7) alHost(16) Capture(8) alMatrix(17) Event(9) userHistory(18)
Page 562: Mib-Ii
18: D HAPTER EVICE ONITORING MIB-II MIB-II defines various groups of manageable objects that contain device statistics as well as information about the device, device status, and the number and status of interfaces. The MIB-II data is collected from network devices using SNMP. As collected, this data is in its raw form.
Page 563: Rmon-1 Mib
Management Information Base (MIB) RMON-1 MIB RMON-1 is a MIB that enables the collection of data about the network itself, rather than about devices on the network. The IETF definition for the RMON-1 MIB specifies several groups of information. These groups are described in Table 69. Table 69 RMON-1 Group Descriptions RMON-1 Group Description...
Page 564: Rmon-2 Mib
18: D HAPTER EVICE ONITORING RMON-2 MIB RMON-1 and RMON-2 are complementary MIBs. The RMON-2 MIB extends the capability of the original RMON-1 MIB to include protocols above the MAC level. Because network-layer protocols (such as IP) are included, a probe can monitor traffic through routers attached to the local subnetwork.
Page 565: 3Com Enterprise Mibs
3Com Enterprise MIBs 3Com Enterprise MIBs allow you to manage unique and advanced functionality of 3Com devices. These MIBs are shipped with your system on the Software and Documentation CD-ROM. Figure 99 shows some of the 3Com Enterprise MIB names and numbers. The following MIBs are included in 3Com(43).
Page 566 18: D HAPTER EVICE ONITORING...
Page 567: Technical Support
For the most recent information, 3Com recommends that you access the 3Com Corporation World Wide Web site. Online Technical 3Com offers worldwide product support 24 hours a day, 7 days a week, Services through the following online systems: World Wide Web site...
Page 568: 3Com Ftp Site
3Com FTP Site Download drivers, patches, software, and MIBs across the Internet from the 3Com public FTP site. This service is available 24 hours a day, 7 days a week. To connect to the 3Com FTP site, enter the following information into...
Page 569: 3Com Facts Automated Fax Service
Support from Your Network Supplier Access by Digital Modem ISDN users can dial in to the 3Com BBS using a digital modem for fast access up to 64 Kbps. To access the 3Com BBS using ISDN, call the following number:...
Page 570 A: T PPENDIX ECHNICAL UPPORT When you contact 3Com for assistance, have the following information ready: Product model name, part number, and serial number A list of system hardware and software, including revision levels Diagnostic error messages Details about recent configuration changes, if applicable...
Page 571: Returning Products For Repair
Returning Products for Repair Returning Products Before you send a product directly to 3Com for repair, you must first for Repair obtain an authorization number. Products sent to 3Com without authorization numbers will be returned to the sender unopened, at the sender’s expense.
Page 572 A: T PPENDIX ECHNICAL UPPORT...
Page 573: Index
NDEX Administration Console 46 Numbers accessing 32, 40 3Com bulletin board service (3Com BBS) 568 accessing the modem port 39 3Com enterprise MIBs 565 managing from 32 3Com Facts 569 password levels 40 3Com Knowledgebase Web Services 567 sample menu output 32...
Page 574 NDEX hop count 456 area border routers 364, 375, 378, 387, 389 interface address 458 area IDs, OSPF 385 interface states 458 areas 358, 361, 363, 372, 376 interfaces 459, 460 backbone 373, 377 elements of 458 backbone, OSPF 385 key guidelines for configuring 457 stub 373, 377, 400 Management Information Base II 474...
Page 575 NDEX Spanning Tree classifiers, QoS 482 bridge priority, setting 134 assigning numbers 484 forward delay, setting 135 defining flow 485 hello time, setting 134 defining nonflow 488 maximum age, setting 134 flow routing requirements 485, 488 bridge ports predefined 483 associating with VLANs 176 restrictions 482 in port-based VLANs 178...
Page 576 NDEX convergence, OSPF 377 disabled cost port state 129 Spanning Tree settings 136 disabled RIP mode 297 cost, OSPF 381 distance, AppleTalk routes 460 creating distance-vector protocols 358 VLANs via GVRP 182 DNS (Domain Name Server) 310 CSMA/CD (Carrier Sense Multiple Access With DNS server problems 531 Collision Detection) 84 documentation...
Page 577 82 definition 72 sample port numbering 62 Fast Ethernet 72 trunks 149 frames, processing 76 fax service (3Com Facts) 569 Gigabit Ethernet 72 FDDI Gigabit Interface Converter (GBIC) 85 and OSI model 90 guidelines 73 dual homing 97...
Page 578 NDEX filtering group address for VLANs 198 Spanning Tree, setting 135 IP multicast 331, 336 gt opcode 231 QoS 501 guidelines fixed filter style, RSVP 517 configuration and port numbering 61 flooding 198 for accessing your system 38 exception 200 key for configuring AppleTalk 457 samples of 200 QoS 482...
Page 579 NDEX IGMP defining a management interface 36 default setting 349 interfaces 284 host membership reports 341 management concepts 37 query mode 349 management interface 39 snooping mode 349 managing in-band 40 managing out-of-band 40 Ignore STP mode 161, 167, 170, 173 sample configuration 173 networking protocol 39 Implementing SNTP 56...
Page 580 NDEX IP routing protocol, OSPF 358 address classes 265 request packets, OSPF 365 administering 285 update packets, OSPF 365 defining static routes 285 link state age, OSPF 387 features and benefits 262 link state databases, OSPF 359, 383, 387 OSI reference model 261 viewing 391 router interface 271 link state ID, OSPF 387...
Page 581 NDEX metrics, OSPF 388 external Name Binding Protocol (NBP) 452 type 1 390 name opcode 228 external type 2 390 named entities 455 MIB (Management Information Base) names FDDI 98 for VLANs 162 RMON 542, 556 NBP (Name Binding Protocol) 473 MIB browser ne opcode 230 viewing the tree 560...
Page 582 NDEX nodes OSI Reference Model 34, 261 AppleTalk 454 and FDDI 90 FDDI 94 AppleTalk routing and 448 types 95 OSPF nonconforming excess packets and imported RIP routes 404 definition 480 OSPF (Open Shortest Path First) nonextended network numbers 454 addresses nonflow classifiers addressing scheme 369...
Page 583 NDEX mode 380 type 1 external metrics 390 neighbors 359, 365, 366, 367, 369, 383, 384, type 2 external metrics 390 types of routers 364 and adjacencies 363 variable length subnet mask 362 static 395 virtual links 360, 362, 364, 368, 375, 377, 378, 387, 392, 401, 402 viewing information 392 network link advertisements 388...
Page 584 NDEX PAP (Printer Access Protocols) 453 port numbering password, OSPF 369, 384, 386 configuration guidelines 61 passwords effects of empty slots 63 community strings 538 effects of module removals 66 path cost effects of module replacements 68, 70 defined 136 FDDI 65 PCMCIA flash memory card 52 overview 59...
Page 585 NDEX priority, OSPF 385 probe, RMON 542 QoS (Quality of Service) 475 probeConfig group, RMON V2 555 and RSVP 479 procedures bandwidth 481, 513 for establishing routing between VLANs 190 burst size 480, 493 QoS 482 classifiers 479 protocol packets, OSPF 365 assigning numbers 484 protocol suites defining flow 485...
Page 586 NDEX Restore 47 SmartAgent software 523 Restoring nvData 54 statistics 547, 548 restrictions Version 1 544 QoS 482 groups 547 QoS control 489 Version 2 544 retransmit interval, OSPF 386 groups 552 returning products for repair 571 RMON-2 564 reverse path multicasting (RPM) groups 564 broadcasting 345 MIB definition 564...
Page 587 NDEX overview 258 sample VLAN configuration 191 S port 101 system 281 sample configurations to different autonomous systems 368 GVRP 185 to stub area, OSPF 368 Ignore STP mode 173 Routing Information Protocol (RIP) 358 multiple QoS classifiers and control 501 routing policies port numbering 62 adding routes to the routing table 301...
Page 588 NDEX SMT (Station Management) 89 spanning tree lerAlarm value 107 IP multicast 344 lerCutoff value 108 speed smtProxyTraps (SNMP) 540 Ethernet ports 82 snapshot 46 Fast Ethernet ports 82 SNMP 37 SPGM (source port group mask) 242 access 43 SRF (Status Report Frames) accessing external applications 34 and FDDI stations 104 agent...
Page 589 480, 494 removing destinations 540 ports 487 trap-based polling 537 technical support T-Req 105 3Com Knowledgebase Web Services 567 triggered updates bulletin board service 568 SAP 438, 441 fax service 569 Trivial File Transfer Protocol (TFTP) 47, 48, 49...
Page 590 NDEX trunks anchor port 145 variable length subnet mask (VLSM), and OSPF 362 and default VLAN 177 vi editor 217 and port numbering 61 VID (VLAN ID) 159 benefits of 144 GVRP and 182 capacity 148 range 160 configuring before establishing IP interfaces 282 router port IP interfaces and 160 configuring before VLANs 168 Viewing nvData 55...
Page 591 NDEX origin 160, 182 overview 156 port-based 175 in packet filter 240, 248, 250 protocol-based 186 xor opcode 231 removing 206 routing between 168, 189 selecting modes 169 statistics 207 zeroes, in classifier addresses and masks 487 supported protocol suites 187 ZIP (Zone Information Protocol) 465, 472 terms 161 ZIT (Zone Information Table) 453, 461, 465...
Page 592 NDEX...

3Com corebuilder 3500 Implementation Manual

About this Guide

Configuration Overview

Management Access

System Parameters

Physical Port Numbering

Ethernet

Fiber Distributed Data Interface (Fddi)

Bridge -Wide and Bridge Port Parameters

Trunking

Virtual Lans

Packet Filtering

Internet Protocol (Ip)

Quick Links

Related Manuals for 3Com corebuilder 3500

Summary of Contents for 3Com corebuilder 3500