Allied Telesis Rapier i AT-RP16Fi/SC User Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Switch
  5. Rapier i AT-RP16Fi/SC
  6. User manual

Allied Telesis Rapier i AT-RP16Fi/SC User Manual

Rapier series layer 3 fast ethernet switch
Hide thumbs Also See for Rapier i AT-RP16Fi/SC:
Table of Contents

Advertisement

Quick Links

RAPIER SWITCH
USER GUIDE
Software Release 2.6.1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Rapier i AT-RP16Fi/SC and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Allied Telesis Rapier i AT-RP16Fi/SC

Summary of Contents for Allied Telesis Rapier i AT-RP16Fi/SC

  • Page 1 RAPIER SWITCH USER GUIDE Software Release 2.6.1...
  • Page 2 Rapier Switch User Guide for Software Release 2.6.1 Document Number C613-02025-00 REV C. Copyright © 2003 Allied Telesyn International, Corp. 960 Stewart Drive Suite B, Sunnyvale CA 94086, USA. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn.

  • Page 3: Table Of Contents

    Contents Introduction CHAPTER 1 Introducing the Rapier Series Switch ... 7 Why Read this User Guide? ... 7 Where To Find More Information ... 8 Features of the Rapier Series Switch ... 9 Warning about FLASH memory ... 12 Getting Started with the Command Line Interface (CLI) CHAPTER 2 This Chapter ...
  • Page 4 The Diagnostics Menu ... 36 Changing the Password ... 37 Context Sensitive GUI Help ... 37 Saving Configuration Entered with the GUI ... 37 Combining GUI and CLI Configuration ... 38 Configuring Multiple Devices ... 38 Upgrading the GUI ... 38 Troubleshooting ...
  • Page 5 The Forwarding Process ... 84 Layer 2 Filtering ... 85 The Egress Rules ... 87 Quality of Service ... 87 Spanning Tree Protocol (STP) ... 89 Spanning Tree Modes ... 89 Spanning Tree and Rapid Spanning Tree Port States ... 90 Overlapping VLANs belonging to multiple Spanning Tree instances ...

  • Page 7: Chapter 1 Introduction

    Chapter 1 Introduction Introducing the Rapier Series Switch Congratulations on purchasing the Rapier Series Layer 3 Fast Ethernet Switch, which combines wire speed Layer 2 and Layer 3 IP switching with a powerful multiprotocol routing software suite. This guide introduces the Rapier Series Switch and will guide you through the most common uses and applications of your new switch.

  • Page 8: Where To Find More Information

    This user guide is organised into the following chapters: ■ Chapter 1, Introduction gives an overview of the switch features and of the documentation supplied with your switch. ■ Chapter 2, Getting Started with the Command Line Interface (CLI) describes how to gain access to the command line interface.

  • Page 9: Online Technical Support

    Introduction ■ Rapier Series Switch Documentation and Tools CD-ROM The Rapier Series Switch Documentation Set in Adobe Acrobat PDF format is bundled with every switch—the complete reference to installing, configuring and managing the switch, including detailed descriptions of all commands. The CD-ROM includes the following PDF documents: •...

  • Page 10: Management Features

    Management Features The following features enhance management of the switch: ■ A sophisticated and configurable event logging facility for monitoring and alarm notification to single or multiple management centres. ■ Triggers for automatic and timed execution of commands in response to events.

  • Page 11: Special Feature Licences

    Introduction ■ IPv6 multicast routing support, including Multicast Listener Discovery (MLDv2) and Protocol Independent Multicast (PIM) Sparse and Dense Modes. ■ OSPF, RIP (IP and Novell®), SAP (Novell®), EGP and BGP routing protocols. ■ ARP, Proxy ARP and Inverse ARP address resolution protocols. ■...

  • Page 12: Warning About Flash Memory

    ■ Demand IPX ■ IPX/SPX Spoofing ■ IPX Filtering (not between switch ports) ■ AppleTalk ■ Resource Reservation Protocol (RSVP) ■ BGP-4 ■ Load balancer Most software features that require a special feature licence are bundled into one of the following special feature licence packs: ■...

  • Page 13: Chapter 2 Getting Started With The Command Line Interface (Cli)

    Chapter 2 Getting Started with the Command Line Interface (CLI) This Chapter This chapter describes how to access the switch’s CLI, and provides basic information about configuring the switch, including how to: ■ ■ ■ ■ ■ ■ ■ ■ ■...

  • Page 14: Connecting A Terminal Or Pc

    Connecting a Terminal or PC The first thing to do after physically installing the switch is to start a terminal or terminal emulation session to access the switch. Then you can use the command line interface (CLI) to configure the switch. If you wish to configure the switch using the Graphical User Interface, you must first access the CLI and assign an IP address to at least one interface.

  • Page 15: Logging In

    Getting Started with the Command Line Interface (CLI) If a modem is connected, configure the switch to make and/or accept calls via the modem. To set the CDCONTROL parameter to “CONNECT” and the FLOW parameter to “HARDWARE”, enter the command: SET ASYN CDCONTROL=CONNECT FLOW=HARDWARE If the terminal or modem is used with communications settings other than the default settings, then configure the asynchronous port to match the terminal or...

  • Page 16: Setting Routes

    If IP addresses on your LAN are assigned dynamically by DHCP, you can set the switch to request an IP address from the DHCP server, using the commands: ADD IP INTERFACE=vlan1 IPADDRESS=DHCP ENABLE IP REMOTEASSIGN You do not need to set the MASK parameter because the subnet mask received from the DHCP server is used.

  • Page 17: Changing A Password

    Getting Started with the Command Line Interface (CLI) To add a static route, enter the command: ADD IP ROUTE=ipadd INTERFACE=interface NEXTHOP=ipadd To displays the entire routing table, including both static and dynamic routes, enter the command: SHOW IP ROUTE For more information about setting IP routes, see the Internet Protocol (IP) chapter in the Rapier Series Switch Software Reference.

  • Page 18: Using The Commands

    ■ Do not use your birth date, street number or telephone number. ■ Do not write down your password anywhere. Make sure you remember the new password created as you cannot retrieve a lost password. Recovery of access to the switch is complex. Once you have logged into the manager account you are able to enter commands from this guide and from the Rapier Series Switch Software Reference.

  • Page 19: Aliases

    Getting Started with the Command Line Interface (CLI) Aliases The command line interface supports aliases. An alias is a short name for an often-used longer character sequence. When the user presses [Enter] to execute the command line, the command processor first checks the command line for aliases and substitutes the replacement text.

  • Page 20: Enabling Special Feature Licences

    Enabling Special Feature Licences You must enable the special feature licence you have purchased before you can use the licenced features. You will need the password provided by your authorised distributor or reseller. The advanced upgrade licence and password are different from the standard software release licence and password. The licence cannot be transferred from one switch to another.

  • Page 21: Chapter 3 Getting Started With The Graphical User Interface (Gui)

    Chapter 3 Getting Started with the Graphical User Interface (GUI) This Chapter This chapter describes how to access the switch’s HTTP-based Graphical User Interface (GUI), and provides basic information about using the GUI, including: ■ ■ ■ ■ ■ What is the GUI? •...

  • Page 22: What Is The Gui

    What is the GUI? The GUI (Graphical User Interface) is a web-based device management tool, designed to make it easier to configure and monitor the switch. The GUI provides an alternative to the CLI (Command Line Interface). Its purpose is to make complicated tasks simpler and regularly performed tasks quicker.
  • Page 23 Getting Started with the Graphical User Interface (GUI) To enable JavaScript in Netscape 6.2.x: From the Edit menu, select Preference Select the Advanced menu option. Ensure that the “Enable JavaScript for Navigator” checkbox is checked. The minimum screen resolution on the PC is 800x600. HTTP Proxy Servers An HTTP proxy server provides a security barrier between a private network’s PCs and the Internet.

  • Page 24: Establishing A Connection To The Switch

    Establishing a Connection to the Switch Before you start, consider how the switch fits into your network. If you are installing a new switch, consider whether you want to configure it before deploying it into the LAN, or want to configure it in situ. If you want to access a switch that has already been configured, consider the relative positions of the PC and the switch.
  • Page 25 Getting Started with the Graphical User Interface (GUI) Option 1: Configuring the Switch before Installation Use this procedure if: ■ You want to configure the switch before installing it in your LAN. ■ You will be installing the switch at a remote office or a customer site and want to configure it first.
  • Page 26 At the login prompt, enter the user name and password The default username is manager: The System Status or System Hardware Details page is displayed (Figure 6 on page 31). Select options from the sidebar menu to configure and manage the switch. Option 2: Installing the Switch into the LAN Use this procedure if: ■...
  • Page 27 Getting Started with the Graphical User Interface (GUI) You can browse to the switch through any VLAN, as long as you give that VLAN an IP address (see below). These instructions assume you will use vlan1. The switch ports all belong to vlan1 by default.
  • Page 28 10. Point your web browser at the LAN interface’s IP address For normal access, point your web browser to For secure access, point your web browser to where ip-address is the interface’s IP address. 11. At the login prompt, enter the user name and password The default username is manager: The System Status or System Hardware Details page is displayed (Figure 6 on page 31).

  • Page 29: Secure Access

    Getting Started with the Graphical User Interface (GUI) Browse to the switch For normal access, point your web browser to where ip-address is the interface’s IP address. To access the switch securely if SSL (Secure Sockets Layer) has been configured on the interface, point your web browser to For more information about secure access, see “Secure Access”...
  • Page 30 Enable system security To enable system security, use the command: Create an RSA key pair for this switch. To create an RSA key pair, use the command: Set the switch’s distinguished name. To set the switch’s distinguished name to "cn=switch1,o=my_company,c=us", use the command: Set the UTC offset.

  • Page 31: System Status

    Getting Started with the Graphical User Interface (GUI) 10. Configure an IP interface to run SSL over To configure an IP interface that SSL will be run over, first enable IP using the command: To make use the command: To add an IP route on this interface with a next hop of 172.30.1.254, use the command: For this example to succeed, you would have to log in as “cipher”...

  • Page 32: Using The Gui: Navigation And Features

    Using the GUI: Navigation and Features The GUI consists of a large number of pages, which you navigate between using the menu on the left of the browser window. This section describes how to use the GUI, and gives an overview of its functionality. The Configuration Menu You can use the GUI to configure: •...
  • Page 33 Getting Started with the Graphical User Interface (GUI) To delete or destroy an item, select it by clicking on the option button at the beginning of its entry in the selection table. Then click the Remove button. Only one person can configure a particular switch with the GUI at a time, to avoid clashes between configurations.
  • Page 34 Figure 8: An example of a popup “add” page Text field Select list Checkbox Apply and Cancel buttons Figure 9: An example of a popup “modify” page Non-editable field Editable Fields GUI pages allow you to enter values or select options through a range of field types.

  • Page 35: Apply Button

    Getting Started with the Graphical User Interface (GUI) • • Ports Graphic Pages on which you can select switch ports use a Ports graphic - a visual representation of the switch ports.To toggle through the selection options, click on the icon representing the port you want to select or deselect. Apply Button An Apply button applies the configuration settings on the page or the section of the page.

  • Page 36: The Management Menu

    The Management Menu You can use the GUI to manage the switch itself, including: • • • • • • • The Monitoring Menu When you browse to the GUI, the sidebar menu opens to display the monitoring menu, opened at the System > Status. From this menu, you can also check: •...

  • Page 37: Changing The Password

    Getting Started with the Graphical User Interface (GUI) • • Changing the Password As a security precaution, change the password as soon as possible. To change the password of the default Manager account, select Management > Users from the sidebar menu. Select the Manager account and click Modify. For information about passwords, see “Changing a Password”...

  • Page 38: Combining Gui And Cli Configuration

    Combining GUI and CLI Configuration You can alternate between the GUI and the CLI without difficulty. Note that GUI pages will not automatically refresh to reflect changes in the CLI configuration; you must reload the relevant page (for example, by clicking the Refresh button on your browser).
  • Page 39 Getting Started with the Graphical User Interface (GUI) If you have multiple valid resource files and releases stored on the switch, use the SET INSTALL command to change the release and resource file the switch uses (see below). Load the new file onto the switch Download the GUI resource file for your model of switch from the website to your TFTP server.

  • Page 40: Troubleshooting

    Troubleshooting The GUI resource file has an 8-digit name, with the file extension example, switch, use the command: SHOW FILE To see which GUI resource file the switch is currently using, and which it will use on bootup, use the command: SHOW INSTALL To display information about the GUI resource file that is currently installed, use the command:...

  • Page 41: Traffic Flow

    Getting Started with the Graphical User Interface (GUI) • • ■ If the switch should be dynamically assigned an IP address, check that the DHCP server can reach the switch, by pinging the switch from the DHCP server. ■ If your PC accesses the Internet through a proxy server, you may need to set your browser to bypass the proxy when browsing to the switch’s IP address range.

  • Page 42: Ip Addresses And Dhcp

    ■ Check that the switch is passing the correct DNS information to hosts on the LAN, if the switch is a DHCP server. If the switch acting as a DHCP client as well, and therefore is passing on DNS information from another DHCP server, check that this DHCP server is providing the switch with the correct information.

  • Page 43: Loading Software

    Getting Started with the Graphical User Interface (GUI) Problem The switch’s time is incorrect, even though it assigns the correct time to devices on the LAN. Solution The UTC offset is probably incorrect, or needs to be adjusted for the beginning or end of summer time.

  • Page 45: Operating The Switch

    Chapter 4 Operating the switch This Chapter This chapter introduces basic operations on the switch, including: ■ ■ ■ ■ ■ ■ ■ ■ ■ User Accounts and Privileges The switch software supports three levels of privilege for users: USER, MANAGER, and SECURITY OFFICER.
  • Page 46 In normal mode, a user with manager privilege can create and delete accounts for users with any of these privilege levels. Users and passwords are managed by the User Authentication Facility. Users and passwords are authenticated using an internal database called the User Authentication Database, or by interrogation of external RADIUS (Remote Authentication Dial In User Service) or TACACS (Terminal Access Controller Access System) servers.

  • Page 47: Normal Mode And Security Mode

    Operating the switch See the Operations chapter in the Rapier Series Switch Software Reference for: ■ More information about managing and using accounts with user, manager and security officer privileges ■ A full list of commands that require security officer privilege when the switch is in secure mode ■...
  • Page 48 When the switch is in security mode, a user with security officer privilege is the only person who can execute commands which affect switch security. Table 5 on page 48 lists commands that only a security officer can execute when the switch is in security mode.
  • Page 49 Operating the switch Table 5: Commands requiring SECURITY OFFICER privilege when the switch is operating in security mode (Continued). Command DESTROY SA DESTROY STAR DISABLE FEATURE DISABLE IPSEC DISABLE ISAKMP DISABLE PKI DEBUG DISABLE SA DISABLE SSH DISABLE USER DUMP EDIT ENABLE FEATURE ENABLE IPSEC...

  • Page 50: Remote Management

    Table 5: Commands requiring SECURITY OFFICER privilege when the switch is operating in security mode (Continued). Command SET PPP TEMPLATE SET SA SET SCR SET SNMP COMMUNITY SET SSH SET STAR SET USER SHOW CONFIG SHOW ENCO KEY SHOW FEATURE SHOW FILE SHOW NVS SHOW PPP...

  • Page 51: Storing Files In Flash Memory

    Operating the switch Storing Files in FLASH Memory When you purchase the switch, the switch software release, the online help files, and a default configuration file are stored in FLASH memory, where they are saved even if the switch is powered down. You will use the FLASH memory to store updated software releases or patches, and files that record the router’s configuration.

  • Page 52: Using Scripts

    Using Scripts When you start or restart the switch, or when it automatically restarts, it executes the configuration commands in the boot script. A boot script is a text file containing a sequence of standard commands that the switch executes at startup.

  • Page 53: Storing Multiple Scripts

    Operating the switch Storing Multiple Scripts You can store multiple configuration scripts on the switch. This allows you to test new configuration scripts once, before setting them as the default configuration. For example, to test the new configuration script enter the command: RESTART SWITCH CONFIG=test.cfg Storing multiple scripts also allows you to keep a backup switch with configuration scripts stored on it for every switch in the network to speed up...

  • Page 54: Loading Files

    Table 6: File extensions and file types (Continued). Extension You may see files on your switch with file name extensions not listed in Table 6 on page 53. If you require more information about file types and file name extensions, contact your authorised distributor or reseller. Do not change the header in a release or patch file.

  • Page 55: Setting Loader Defaults

    Operating the switch To load a file onto the switch using the HTTP protocol, enter the command: LOAD [METHOD={HTTP|WEB|WWW}] [DELAY=delay] The switch can only load one file at a time. Wait for the current transfer to complete before initiating another transfer. To display the default configuration of the LOADER module, and the progress of any current transfer, enter the command: SHOW LOADER...

  • Page 56: Uploading Files From The Switch

    o load a patch file Configure the LOADER. Set the LOADER module with defaults to make the process of downloading files in future simpler. Download the patch file. Download the patch file onto the switch, using the defaults set above. When the download has completed, check that the file is in FLASH.

  • Page 57: More Information

    Operating the switch Upload the configuration file. Upload the configuration file from the switch into the TFTP directory of the TFTP server on the network, using the defaults set above. Monitor the load progress. When the upload is complete, check that the file is in the TFTP directory on the network host.
  • Page 58 When the switch reboots, it checks the install information in a strict order: • • • The preferred install should not be set up with an untested release or patch. It is advisable to install new releases or patches as the temporary install, and when the switch boots correctly, to then set up the preferred install with the new release or patch.

  • Page 59: Example: Upgrade To A New Software Release Using Tftp

    Operating the switch Example: Upgrade to a New Software Release Using TFTP This example assumes the switch is correctly configured to allow TFTP to function. This means that IP is configured and the switch is able to communicate with the designated TFTP server. The TFTP server is assumed to function correctly and the release and patch files are assumed present in the server’s TFTP directory.

  • Page 60: Example: Upgrade To A New Patch File

    compatible, so your current configuration should run with little or no modifications on the later release. The SET CONFIG information survives the release update. Reboot the switch. The switch reboots, loading the new release file and the specified configuration. Display the install history, and check that the temporary release was loaded.

  • Page 61: Using The Built-In Editor

    Operating the switch The switch reboots, loading the new patch file and the specified configuration. Check that the switch operates correctly with the new patch file. Make the patch part of the default (permanent) release. If the switch operates correctly with the new patch, make the release permanent.

  • Page 62: Snmp And Mibs

    SNMP and MIBs You can remotely monitor some features of the switch using Simple Network Management Protocol (SNMP). For information about the MIBs supported by the switch, see Appendix C: SNMP MIBs in the Rapier Series Switch Software Reference. The SNMP agent is disabled by default. To enable SNMP, enter the command: ENABLE SNMP SNMP communities are the main configuration item in the router’s SNMP agent, and are defined in terms of a list of IP addresses which define the SNMP...
  • Page 63 Operating the switch ■ How to use LDAP to load PKI certificates and CRLs onto your switch. ■ Switch Startup Operations ■ How to use FLASH compaction to regain storage space on the switch. Read “Warning about FLASH memory” on page 12 before you attempt to do this. ■...

  • Page 65: Chapter 5 Layer 2 Switching

    Layer 2 Switching Chapter 5 Layer 2 Switching This section describes the Layer 2 switching features on the Rapier Series Switch, and how to configure them. Switch Ports Each Ethernet switch port is uniquely identified by a port number. The switch supports a number of features at the physical level that allow it to be connected in a variety of physical networks.
  • Page 66 Resetting Ethernet ports at the hardware level discards all frames queued for reception or transmission on the port, and restarts autonegotiation of port speed and duplex mode. Ports are reset using the command: RESET SWITCH PORT={port-list|ALL} [COUNTER] To display information about switch ports, use the command: SHOW SWITCH PORT[={port-list|ALL}] Figure 12: Example output from the SHOW SWITCH PORT command.
  • Page 67 Layer 2 Switching Table 7: Parameters in the output of the SHOW SWITCH PORT command Parameter Meaning Actual speed/duplex The port speed and duplex mode that this port is actually running at. A combination of a speed (one of “10 Mbps”, “100 Mbps”...

  • Page 68: Autonegotiation Of Port Speed And Duplex Mode

    Autonegotiation of Port Speed and Duplex Mode Each of the switch ports can operate at either 10 Mbps or 100 Mbps, in either full duplex or half duplex mode. In full duplex mode a port can transmit and receive data simultaneously, while in half duplex mode the port can either transmit or receive, but not at the same time.

  • Page 69: Port Trunking

    Layer 2 Switching Table 8: Port speed and duplex settings for Ethernet Ports . Rapier 24 Rapier 48 Rapier 24i Rapier 48i Speed 10/100 Rapier G6f Rapier G6 10MHALF 10MFULL 100MHALF 100MFULL 1000MHALF 1000MFULL 10MHAUTO 10MFAUTO 100MHAUTO 100MFAUTO 1000MHAUTO 1000MFAUTO AUTONEGOTIATE The SHOW SWITCH PORT command displays the port speed and duplex mode settings.
  • Page 70 All the ports in a trunk group must belong to the same VLAN. Ports in a trunk group can be added to other VLANs, either as individual ports or as an entire group. A port in a trunk group cannot be deleted from any of the VLAN(s) to which the whole trunk group belongs, unless it is first removed from the trunk group.

  • Page 71: Packet Storm Protection

    Layer 2 Switching Packet Storm Protection The packet storm protection feature allows the user to set limits on the reception rate of broadcast, multicast and destination lookup failure packets. The software allows separate limits to be set for each port, beyond which each of the different packet types are discarded.

  • Page 72: Port Mirroring

    the BCLIMIT parameter description for important information about packet rate limiting. The default value for this parameter is NONE. If packet storm protection limits are set on the switch, the PORT parameter must specify complete processing blocks. The ability of the switch to limit packet reception rates for different classes of packets is dependent on the particular switch hardware.

  • Page 73: Port Security

    Layer 2 Switching To send packets that match particular criteria to the mirror port, first create a classifier or classifiers using the command: CREATE CLASSIFIER Then create a hardware filter with the ACTION parameter set to SENDMIRROR, using the command: ADD SWITCH HWFILTER CLASSIFIER=classifier-list By default mirroring is disabled, no mirror port is set, and no source ports are set to be mirrored.

  • Page 74: Virtual Local Area Networks (Vlans)

    Figure 13: Example output from the SHOW SWITCH PORT INTRUSION command. Switch Port Information ---------------------------------------------------------------------------- Port 2 - 13 intrusion(s) detected 00-00-c0-1d-2c-f8 00-90-27-87-a5-22 00-d0-b7-4d-93-c0 08-00-5a-a1-02-3f 00-b0-d0-20-d1-01 00-90-99-0a-00-49 00-00-cd-00-45-9e 00-00-c0-ad-a3-d0 00-90-27-32-ad-61 ---------------------------------------------------------------------------- A switch port can be manually locked before it reaches the learning limit, by using the command: ACTIVATE SWITCH PORT={port-list|ALL} LOCK Addresses can be manually added to a port locked list up to a total of 256 MAC...

  • Page 75: Vlan Tagging

    Layer 2 Switching Devices that are members of the same VLAN only exchange data with each other through the switch’s switching capabilities. To exchange data between devices in separate VLANs, the switch’s routing capabilities are used. The switch passes VLAN status information, indicating whether a VLAN is up or down, to the Internet Protocol (IP) module.
  • Page 76 Figure 14: Format of user priority and VLAN data in an Ethernet frame. Table 10: Reserved VID values . VID value (hexadecimal) Meaning and use of reserved VID values Ethernet packets which contain a VLAN tag are referred to as tagged frames, and switch ports that transmit tagged frames are referred to as tagged ports.
  • Page 77 Layer 2 Switching Every frame admitted by the switch has a VID associated with it. If a frame arrives on a tagged port, the associated VID is determined from the VLAN tag the frame had when it arrived. If a frame arrives on an untagged port, it is associated with the VID of the VLAN for which the incoming port is untagged.

  • Page 78: Vlan Membership Of Untagged Packets

    Figure 15: VLANs with tagged ports. Table 11: VLAN membership of example of a network using tagged ports. VLAN Training Marketing Admin VLAN Membership of Untagged Packets A VLAN that does not send any VLAN-tagged frames is a logical grouping of ports.

  • Page 79: Creating Vlans

    Layer 2 Switching If the network includes VLANs that do not need to share network resources or span several switches, VLAN membership can usefully be based on untagged ports. Otherwise, VLAN membership should be determined by tagging (see “VLAN Tagging” on page 75). Figure 16 on page 79 shows two port-based VLANs with untagged ports belonging to them.
  • Page 80 To add tagged ports to a VLAN, use the command: ADD VLAN={vlan-name|1..4094} PORT={port-list|ALL} A port can be tagged for any number of VLANs. To add untagged ports to a VLAN, use the command: ADD VLAN={vlan-name|1..4094} PORT={port-list|ALL} A port can be untagged for zero or one VLAN. A port can only be added to the default VLAN as an untagged port if it is not untagged for another VLAN.

  • Page 81: Summary Of Vlan Tagging Rules

    Layer 2 Switching Summary of VLAN tagging rules When designing a VLAN and adding ports to VLANs, the following rules apply. Each port, except for the mirror port, must belong to at least one static VLAN. By default, a port is an untagged member of the default VLAN. A port can be untagged for zero or one VLAN.

  • Page 82: Generic Vlan Registration Protocol (Gvrp)

    Rapier Switch User Guide Generic VLAN Registration Protocol (GVRP) The GARP application GVRP allows switches in a network to dynamically share VLAN membership information, to reduce the need for statically configuring all VLAN membership changes on all switches in a network. See the Generic Attribute Registration Protocol (GARP) chapter in the Rapier Switch Software Reference.

  • Page 83: The Learning Process

    Layer 2 Switching The default settings for the Ingress Rules are to Admit All Frames, and for Ingress Filtering to be OFF. This means that if no VLAN configuration has been done, all incoming frames pass on to the Learning Process, regardless of whether or not they are VLAN tagged.

  • Page 84: The Forwarding Process

    If the frame’s source address is not already in the Forwarding Database for the VLAN, the address is added and an ageing timer for that entry is started. If the frame’s source address is already in the Forwarding Database, the ageing timer for that entry is restarted.

  • Page 85: Layer 2 Filtering

    Layer 2 Switching the switch floods the frame on all ports in the VLAN except the port on which the frame was received. If the destination address is found, the switch discards the frame if the port is not in the STP ‘Forwarding’ state, if the destination address is on the same port as the source address, or if there is a static filter entry for the destination address set to DISCARD (“Layer 2 Filtering”...
  • Page 86 Figure 17: Example output from the SHOW SWITCH FILTER command. Switch Filters --------------------------------------------------------------------------- Entry VLAN --------------------------------------------------------------------------- default (1) default (1) marketing (2) marketing (2) --------------------------------------------------------------------------- Table 12: Parameters in the output of the SHOW SWITCH FILTER command Parameter Entry Destination Address VLAN Port Action...

  • Page 87: The Egress Rules

    Layer 2 Switching The Egress Rules Once the Forwarding Process has determined which ports and transmission queues to forward a frame from, the Egress Rules for each port determine whether or not the outgoing frame is VLAN-tagged with its numerical VLAN Identifier (VID).
  • Page 88 To display the mapping of user priority to QOS egress queues, use the command: SHOW SWITCH QOS Figure 18: Example output from the SHOW SWITCH QOS command Priority Level ------------------------------------- 0 ... 1 1 ... 0 2 ... 0 3 ... 1 4 ...

  • Page 89: Spanning Tree Protocol (Stp)

    Layer 2 Switching Table 15: The different QoS-type controls available on the switch. Command set Use for Hardware packet filters Priority queueing of classified traffic flows. Replacing TOS or DSCP byte of IP header. Replacing User Priority in VLAN tag header. Forwarding a flow that is marked to be dropped (for example, because bandwidth allocation is exceeded).

  • Page 90: Spanning Tree And Rapid Spanning Tree Port States

    A spanning tree running in standard mode can take up to one minute to rebuild after a topology or configuration change. The Rapid Spanning Tree algorithm provides for a more rapid recovery of connectivity following the failure of a bridge, bridge port, or a LAN. For information about RSTP see the Rapid Mode Spanning Tree Types section, Switch chapter in the Rapier Switch Software Reference.

  • Page 91: Overlapping Vlans Belonging To Multiple Spanning Tree Instances

    Layer 2 Switching To specify whether the STP will operate in STANDARD mode or RAPID mode, use the command: SET STP={stp-name|ALL} [MODE={STANDARD|RAPID}] [other The default is STANDARD. If the mode is changed while the algorithm is running then the STP is re-initialised. To display the STP state of the switch ports (Figure 21 on page 98), use the command: SHOW STP[={stp-name|ALL}] PORT={port-list|ALL}...

  • Page 92: Configuring Stp

    Configuring STP By default, the switch has one default STP which cannot be destroyed. In most situations this default STP will suffice. By default, all VLANs, and therefore all ports, belong to the default STP. To add or delete a VLAN and all the ports belonging to it from any other STP, use the commands: ADD STP=stpname VLAN={vlan-name|2..4094} DELETE STP=stpname VLAN={vlan-name|2..4094|ALL}...
  • Page 93 Layer 2 Switching switches. The Bridge Identifier parameter is used in all configuration Spanning Tree Protocol packets transmitted by the switch. The first two octets, specified by the PRIORITY parameter, determine the switch’s priority for becoming the root bridge or a designated bridge in the network, with a lower number indicating a higher priority.
  • Page 94 Figure 20: Example output from the SHOW STP command. STP Information ------------------------------------------------------------ Name ... grey Mode ... Rapid RSTP Type ... Normal VLAN members ... vlan4 (4) Status ... ON Number of Ports ... 2 Bridge Identifier ... 32768 : 00-00-cd-05-19-28 Bridge Priority ...
  • Page 95 Layer 2 Switching Table 18: Parameters in the output of the SHOW STP command . Parameter STP Name Mode RSTP Type VLAN members Status Number of Ports Number Enabled Number Disabled Bridge Identifier Bridge Priority Designated Root Root Bridge Designated Bridge Root Port Root Path Cost Max Age...
  • Page 96 Table 18: Parameters in the output of the SHOW STP command (Continued). Parameter Switch Max Age Switch Hello Time Switch Forward Delay Hold Time Transmission Limit The various parameters used by the Spanning Tree Algorithm for the specified ports, or all ports within the specified STP, or all STPs, are set with the SET STP PORT command: SET STP={stp-name|ALL} PORT={port-list|ALL} A port can belong to a single STP, except on the Rapier i series switches.
  • Page 97 Layer 2 Switching Each port also has a path cost, which is used if the port is the root port for the STP on the switch. The path cost is added to the root path cost field in configuration messages received on the port to determine the total cost of the path to the root bridge.
  • Page 98 Figure 21: Example output from the SHOW STP PORT command. STP Port Information ------------------------------------------------------------ STP ... grey STP ... default STP Status ... ON Port ... 3 RSTP Port Role ... Disabled State ... Discarding Point To Point ... No (Auto) Port Priority ...
  • Page 99 Layer 2 Switching Table 19: Parameters displayed in the output of the SHOW STP PORT command . Parameter STP Status Port RSTP Port Role State Point To Point Port Priority Port Identifier Pathcost Designated Root Designated Cost Designated Bridge Designated Port Edge Port VLAN membership The spanning tree algorithm can be recalculated at any time, and all timers and...
  • Page 100 Figure 22: Example output from the SHOW STP COUNTER command STP Counters ------------------------------------------------------------ STP Name: default Discarded: ------------------------------------------------------------ Table 20: Parameters in the output of the SHOW STP COUNTER command . Parameter STP Name Receive Total STP Packets Configuration BPDU TCN BPDU RST BPDU Invalid BPDU...

  • Page 101: Interfaces To Layer 3 Protocols

    Layer 2 Switching Table 20: Parameters in the output of the SHOW STP COUNTER command Parameter Config BPDU length TCN BPDU length RST BPDU length If necessary, all the STP configuration that users have created on the switch can be removed, so that all STPs except the default STP are destroyed, and all other defaults are restored, using the command: PURGE STP The PURGE STP command should be used with caution, and generally only...
  • Page 102 out all ports. IGMP snooping is independent of the IGMP and Layer 3 configuration, so an IP interface does not have to be attached to the VLAN, and IGMP does not have to be enabled or configured. IGMP snooping is enabled by default. To disable it, use the command: DISABLE IGMPSNOOPING Disabling IGMP snooping may be useful if filters are used extensively, because IGMP snooping uses a Layer 3 filter.
  • Page 103 Layer 2 Switching Figure 23: Example output from the SHOW IP IGMP command. IGMP Protocol ---------------------------------------------------------------------------------- Status ... Enabled Default Query Interval ... 125 secs Default Timeout Interval ... 270 secs Last Member Query Interval ... 10 (1/10secs) Last Member Query Count ... 2 Robustness Variable ...

  • Page 104: Triggers

    Triggers The Trigger Facility can be used to automatically run specified command scripts when particular triggers are activated. When a trigger is activated by an event, global parameters and parameters specific to the event are passed to the script that is run. For a full description of the Trigger Facility, see the Trigger Facility chapter in the Rapier Switch Software Reference.

  • Page 105: Chapter 6 Layer

    Chapter 6 Layer 3 The Rapier Series Switch routes IP and IP multicasting traffic at wire speed between VLANs, and supports a number of other Layer 3 protocols. Once a VLAN has been created (see “Virtual Local Area Networks (VLANs)” on page 74), the VLAN name can be used wherever a logical interface is required in commands for configuring routing protocols.

  • Page 106: Internet Protocol (Ip)

    Internet Protocol (IP) The switch performs IP routing at wire speed between VLANs that have been configured as IP interfaces. For example, to add the admin VLAN as an IP interface, giving it an IP address of 192.168.163.39 in the subnet 192.168.163.0, first enable IP using the command: ENABLE IP Then use either of the following commands:...

  • Page 107: Routing Information Protocol (Rip)

    Layer 3 Routing Information Protocol (RIP) Routing protocols such as RIPv1 and RIPv2 can be enabled on a VLAN. For example, to enable RIPv2 on the admin VLAN, use the command: ADD IP RIP INTERFACE=vlan11 SEND=RIP2 RECEIVE=BOTH To display information about RIP (Figure 25 on page 107), use the command: SHOW IP RIP Figure 25: Example output from the SHOW IP RIP command.

  • Page 108: Appletalk

    Figure 26: Example output from the SHOW IPX CIRCUIT command. IPX CIRCUIT information Name ... Circuit 1 Status ... enabled Interface ... vlan11 Network number ... c0e7230f Station number ... 0000cd000d26 Link state ... up Cost in Novell ticks ... 1 Type20 packets allowed ...

  • Page 109: Resource Reservation Protocol (Rsvp)

    Layer 3 Figure 27: Example output from the SHOW APPLE PORT command. Appletalk Port Details ------------------------------------ ------------------------------------ Resource Reservation Protocol (RSVP) RSVP is enabled with a special feature license. To obtain a special feature license contact an Allied Telesyn authorised distributor or reseller. The Resource Reservation Protocol (RSVP) enables the receiver of a traffic flow to make the resource reservations necessary to ensure that the receiver obtains the desired QoS for the traffic flow.

  • Page 111: Chapter 7 Maintenance And Troubleshooting

    Chapter 7 Maintenance and Troubleshooting This Chapter If you are familiar with networking and switch operations, you may be able to diagnose and solve some problems yourself. This chapter gives tips on how to: ■ ■ ■ ■ ■ ■ ■...

  • Page 112: How The Switch Starts Up

    How the Switch Starts Up The sequence of operations that the switch performs when it boots are: Perform startup self tests. Perform the install override option. Load the EPROM release as the INSTALL boot. Inspect and check INSTALL information. Load the required release as the main boot. Start the switch.

  • Page 113: How To Avoid Problems

    Maintenance and Troubleshooting Table 22: Switch startup sequence keystrokes. Pressing key... [Ctrl/D] When you start the switch the EPROM release is always loaded first. The EPROM release contains all the code required to obtain and check the INSTALL information. This first boot is known as the INSTALL boot. The INSTALL information is inspected and the switch is setup to perform another load.
  • Page 114 Rapier Switch User Guide Backup switch If your network has many switches, you may wish to keep a backup switch ready to replace any switch that malfunctions. When you upgrade the software release or patch on the other switches in the network, upgrade the backup too. Store on it one current config script for each switch in your network, so that when it is needed, you need only set the configuration file with which it boots to match the switch it replaces.

  • Page 115: What To Do If You Clear Flash Memory Completely

    Maintenance and Troubleshooting What to Do if You Clear FLASH Memory Completely DO NOT clear the FLASH memory completely. The software release files are stored in FLASH, and clearing it would leave no software to run the switch. If you accidentally do this, you will need to: Boot with default configuration.

  • Page 116: What To Do If Isdn Fails To Connect

    What To Do if ISDN Fails to Connect Make sure the system territory is set to the country or region in which your switch is located. This is important because different countries use variations on the ISDN protocols, and the system territory setting on the switch ensures that the switch behaviour is compatible with the ISDN network.

  • Page 117: Getting The Most Out Of Technical Support

    Maintenance and Troubleshooting You can reset passwords for accounts with MANAGER privilege with the same command, provided the manager can login to at least one account with MANAGER privilege. If you require further assistance contact your authorised distributor or reseller. Getting the Most Out of Technical Support For online support for your switch, see our on-line support page at...

  • Page 118: Resetting Switch Defaults

    Resetting Switch Defaults To restart the switch at any time with no configuration, enter the command: RESTART SWITCH CONFIG=NONE boot.cfg the default dynamic configuration to the CREATE CONFIG=boot.cfg To set the switch to restart with the boot configuration file, enter the command: SET CONFIG=boot.cfg DO NOT clear the FLASH memory completely.

  • Page 119: Troubleshooting Ip Configurations

    Maintenance and Troubleshooting If PING to the end destination fails, PING intermediate network addresses. If you can successfully PING some network addresses, and not others, you can deduce which link in the network is down. Note that if Network Address Translation (NAT) is configured on the remote switch, PINGing devices connected to it may give misleading information.

  • Page 120: Troubleshooting Dhcp Ip Addresses

    Contact your authorised distributor or reseller for assistance If the route still does not appear, contact your authorised distributor or reseller for assistance. Telnet Fails If Telnet to switch fails Check that the IP address you used matches the one assigned to the switch. To check that RIP is configured correctly, enter the command: To check that the IP Telnet server is enabled on each switch, enter the command.

  • Page 121: Troubleshooting Ipx Configurations

    Maintenance and Troubleshooting In Microsoft® Windows™ 2000, click Settings → Control Panel → Network and Dial-up Connections → Local Area Connection → Properties. Select Internet connection (TCP/IP) and click Properties. Click Obtain an IP address automatically. Check that the DHCP server has a large enough range of addresses. To assign a range, enter the command: CREATE DHCP RANGE Troubleshooting IPX Configurations...
  • Page 122 configuration of the workstation or file server. Check with your Novell network administrator. Check NET.CFG file Take care with the workstation NET.CFG file. Always specify the encapsulation (frame) as different LAN card drivers use different default encapsulations. Check for file server on Remote Office switch Does the file server appear in the IPX service table of the Remote Office switch? If the server does not appear in the table, its presence is not advertised to the local LAN.

  • Page 123: Using Trace Route For Ip Traffic

    Maintenance and Troubleshooting Using Trace Route for IP Traffic You can use trace route to discover the route that packets pass between two systems running the IP protocol. Trace route sends an initial UDP packets with the Time To Live (TTL) field in the IP header set starting at 1. The TTL field is increased by one for every subsequent packet sent until the destination is reached.

This manual is also suitable for:

Rapier 24iRapier series

Table of Contents