Nokia ESB26 User Manual

Gigabitethernet.
Hide thumbs
   
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421
Nokia
ESB26 GigabitEthernet Switch
© 2004 by Nokia

   Related Manuals for Nokia ESB26

   Summary of Contents for Nokia ESB26

  • Page 1: User Guide

    Nokia ESB26 GigabitEthernet Switch User Guide © 2004 by Nokia...

  • Page 2

    Document History I S S U E D A T E C O M M E N T S I S S U E D MN700004 Rev 01 15 Jan 2004 First draft.

  • Page 3: Table Of Contents

    Table of Contents PREFACE..............................A INTRODUCTION..........................1 OVERVIEW ............................1 SPECIFICATIONS..........................3 GETTING STARTED ........................6 OVERVIEW ............................6 UNPACKING............................6 FRONT PANEL ..........................6 USING THE CLI TO CONFIGURE THE SWITCH ................7 PLANNING THE CONFIGURATION ....................9 BASIC CLI OPERATING CONVENTIONS ..................9 SPECIAL KEYS..........................

  • Page 4: Table Of Contents

    DEFAULT LINK AGGREGATION CONFIGURATION ............... 53 CONFIGURING AND DISPLAYING LAGS .................. 54 CONFIGURATION EXAMPLES..................... 58 TRAFFIC MONITORING......................66 INTRODUCTION ..........................66 FEATURE OVERVIEW ........................66 SUPPORTED STANDARDS, MIBS AND RFCS................69 PREREQUISITES ..........................69 DEFAULT TRAFFIC MONITORING CONFIGURATION............69 CONFIGURING AND DISPLAYING MONITOR SESSION............70 CONFIGURATION EXAMPLES.....................

  • Page 5: Table Of Contents

    CONFIGURING QUALITY OF SERVICE FEATURES .............. 218 RELATED COMMANDS....................... 233 19. DHCP CLIENT ..........................234 DHCP OVERVIEW ........................234 THE ESB26 STARTUP PROCESS ....................235 THE DHCP NEGOTIATION PROCESS..................236 CONFIGURING THE DHCP CLIENT ..................239 CONFIGURATION EXAMPLE..................... 242 20. IGMP SNOOPING......................... 243 INTRODUCTION ...........................

  • Page 6: Table Of Contents

    SUPPORTED STANDARDS, MIBS AND RFCS................305 STATISTICS MONITORING ......................306 RMON ALARMS..........................307 27. PERIODIC MONITORING ......................312 INTRODUCTION ........................... 312 FEATURE OVERVIEW ......................... 312 SUPPORTED STANDARDS, MIBS AND RFCS................314 DEFAULT PERIODIC MONITORING CONFIGURATION............315 CONFIGURING AND DISPLAYING PERIODIC MONITORING ..........316 CONFIGURATION EXAMPLES....................

  • Page 7: Table Of Contents

    35. BUILT-IN SELF TEST (BIST)..................... 378 OVERVIEW ............................ 378 STARTUP EXECUTION OF BIST ....................378 BIST COMMANDS ........................379 36. DIAGNOSTIC TESTS........................382 ESB26 DIAGNOSTICS-RELATED COMMANDS............... 382 THE DIAGNOSTICS-RELATED COMMANDS ................382 37. DNS RESOLVER........................... 390 INTRODUCTION ........................... 390 FEATURE OVERVIEW ......................... 390 SUPPORTED STANDARDS, MIBS AND RFCS................

  • Page 8: Conventions Used In This Guide

    Preface This guide provides the required information to setup and configure the ESB26 switch, firmware version 3.3.0. It is intended for network administrators who are responsible for installing and setting up network equipment. It assumes a basic working knowledge of the following: •...

  • Page 9

    Preface part: > keyword(s), in boldface characters, stands for one or more standard CLI command keywords. The first keyword may optionally be preceded by no to indicate a negation of the command. > parameter(s) may be one or more optional or requisite values, depending on the requirements of the specific command.

  • Page 10

    Preface 100Base-TX 100Mbit/s Ethernet link that works over standard UTP copper cabling. 1000Base-T 1000Mbit/s Ethernet link that works over standard UTP copper cabling. 1000Base-SX 1000Mbit/s Ethernet link that works over optical, 850nm multimode cabling. Summary of Version 3.3.0 Features The Version 3.3.0 includes the following features: VLANs (Virtual local area networks) including support for IEEE 802.1Q and IEEE ●...

  • Page 11

    Preface RADIUS ● CLI user privilege levels ● Resilient link for port redundancy ● Script file system ● Up to 1.7 MB size of the configuration file ● More accurate CPU utilization measurement ● Inform requests for SNMPv2c ● MAC address per port in BPDU for xSTP ●...

  • Page 12: Introduction, Overview

    1000Base-T ports in gigabit mode while the other runs in 100Mbit mode. The intended use of the ESB26 is to collect the Ethernet links of different computer units and preprocessor units of DX200-based network elements, and allow access to them from the upper levels.

  • Page 13

    3550 ESB26 ESB26 ESB26 ESB26 ESB26 ESB26 ESB26 ESB26 IPET IPET IPET IPET Figure 1-1 Example of Operational Environment for the ESB26 with L2 OSRs TGSU TGSU Rapid- ESB26 ESB26 ESB26 ESB26 Legend Cisco 3550s or ESB26s (possible Forwarding 3550...

  • Page 14: Specifications

    Introduction The switch is managed via BiNOS Command Language Interface (CLI) commands typed in by the user by either of the following means: • By direct connection, through a VT-100 compatible terminal connected to the console port on the unit’s front panel; •...

  • Page 15: Physical Characteristics, Environmental Characteristics, Power Characteristics

    233.4x220mm with PCB thickness of 1.6mm and spacing of 20.34mm (4T) Supported chassis CC3C-ACC4C-ACM2C-ALASWC-AIPETC-A models: Environmental Characteristics Operating Temperature: According to Nokia Environmental Specification (Commercial Range 0-70°C) Humidity: Complying to Nokia Environmental Specification Power Characteristics Voltage: +3.3Vand +5V (±5% voltage tolerances)

  • Page 16

    Introduction Subnet mask: 255.255.255.128 Default gateway: 192.168.0.10 Password: nokia Telnet: enabled SNMP: disabled RMON: enabled 802.1p priority recognition: enabled 802.1q tagging: disabled on the default VLAN Forwarding database aging 300 seconds (5 minutes) period: GVRP: disabled GMRP: disabled SSH: disabled...

  • Page 17: Getting Started, Overview, Unpacking, Front Panel

    2. Getting Started Overview ESB26 installation consists of inserting the card into the appropriate slot in the system, turning the unit power on, and setting the IP Address in order to enable remote management. All other management procedures may be performed remotely via Terminal Interface management applications that are integrated into the unit.

  • Page 18: Using The Cli To Configure The Switch

    Getting Started ETH3, ETH4 Two 1000Base T ports interface connectors ETH5, ETH6 Two 10/100Base T/TX ports interface connectors Operation Indicator. A single two-color LED (Green/Red) • Green: the unit is operational • Red: during power up and in faulty condition. •...

  • Page 19

    : 3.2.89 ER created Dec 17 2003 - 11:32:40 //////////////////////////////////////////////////////////////////////// User Access Verification Password: Step 5. Enter your password, which is nokia by default. The device-name prompt is > displayed, allowing you to begin the configuration process. MN700004 Rev 01...

  • Page 20: Planning The Configuration, Basic Cli Operating Conventions, Special Keys

    Getting Started If the password has been lost or cannot be configured, please contact Nokia support. Planning the Configuration Before starting the configuration process, determine the following: • The protocols you plan to use and their specific parameters • The types of interfaces installed: Ethernet or Serial •...

  • Page 21: Cli Modes

    The View mode allows viewing capabilities only. Its prompt is an angle bracket (>): device-name> View mode is password protected. The password is nokia by default. You can change this password by using the password command in global Configuration mode.

  • Page 22: Messages

    Getting Started device-name# By default, Privileged mode is not password protected. However, you can configure password protection by using the password command from the Configure prompt. To access Privileged mode from View mode, use the enable command. (That is why this mode is also referred as "Enable"...

  • Page 23: Getting System Help, Using The List Command, Command History, Using Telnet

    A memory buffer in the ESB26 retains the last 20 commands you entered. Using Telnet Any workstation with a telnet facility should be able to communicate with the ESB26 over a TCP/IP network. Up to five active telnet sessions can access the ESB26 concurrently. The telnet session will be disconnected after a specified time of inactivity.

  • Page 24: Configuring The Device's Ip Parameters

    Getting Started Configuring the Device's IP Parameters To manage the ESB26 by a telnet connection or by using an SNMP Network Manager, you must first configure the IP parameters of the ESB26 switch and the default gateway. Step 1. Change to Global Configuration mode by typing...

  • Page 25: General Commands, View Mode And Privileged Mode

    Getting Started Argument Description destination-address A.B.C.D Route’s IP destination address, in format, used in conjunction with netmask to define a network address. netmask A.B.C.D Destination network mask, in format, used in conjunction with destination-address. destination-prefix A.B.C.D/M Route’s destination prefix, in format.

  • Page 26

    Getting Started Table 2-4 Privileged Mode Command Summary clear Clears a specified entry or entries from one of the tables (the command is available only in Privileged mode). configure Configuration from VTY interface (the command is available only in Privileged mode). copy Transfers file to the target base (the command is available only in Privileged mode).

  • Page 27: Configure Terminal, Terminal Length, Show Ip Arp

    --More-- Command Syntax device-name#terminal length show ip The show ip command, in View or Privileged (Enable) mode, displays the IP address of the ESB26 and its subnet mask. Command Syntax device-name#show ip Example device-name#show ip IP-ADDR : 212.29.220.136 NET-MASK : 255.255.255.192...

  • Page 28

    The traceroute command, in Privileged (Enable) mode, displays the routing path from the ESB26 to the targeted IP address. This command can help determine how routing is done in the network. The execution of the command can be stopped by pressing the ESC key.

  • Page 29: Configure Mode

    Getting Started Configure Mode The Configure mode allows full configuration capabilities. Its prompt is as follows: device-name(config)# Additional information can be displayed inside the parentheses, before the pound symbol, to indicate the present Configuration Mode. For example: device-name(cfg protocol)# indicates that you are in the Configure Protocol mode. Accessing Global Configuration Mode To access Global Configuration mode: Step 1.

  • Page 30

    Configuration Mode Sub-Modes Configuration mode has several sub-modes, each used to configure various entities in the ESB26. Each mode has its own unique prompt and list of commands. The following are the Configuration mode sub-modes. Table 2-5 Configure Mode Sub-Modes Summary...

  • Page 31: Configuring A Telnet Connection, Introduction, Configuring A Telnet Session

    3. Configuring a Telnet Connection Introduction The telnet protocol is designed to provide a general, bi-directional, eight-bit byte-oriented communications facility. Its primary goal is to allow a standard method of interfacing between terminal devices and terminal-oriented processes. It is envisioned that the protocol may also be used for terminal-terminal communication ("linking") and process-process communication (distributed computation).

  • Page 32: Description Of Commands

    Configuring a Telnet Connection Description of Commands telnet The telnet command, in Privileged (Enable) mode, initiates a telnet client’s connection to the specified remote host. If the TCP port number is not specified, the telnet session default port number is 23. To see the open telnet connections, use the session command in Privileged (Enable) mode.

  • Page 33

    Configuring a Telnet Connection If the session is terminated, the user with the telnet connection is notified that the session has been terminated. To view the open sessions, use the session command without arguments in Privileged (Enable) mode. Command Syntax device-name#session kill <session-number>...

  • Page 34: Line Vty

    Configuring a Telnet Connection Argument Description start Enables telnet connection to the switch. stop Disables telnet connection to the switch. line vty The line vty command, in Global Configuration mode, accesses VTY (Virtual Telnet Type) configuration mode. The VTY mode enables you to control the VTY connection to the switch. The prompt-line )# that follows the command indicates that VTY device-name(config-vty...

  • Page 35: Switching Between Sessions

    Configuring a Telnet Connection Switching Between Sessions The user can switch between sessions initiated from the same VTY by pressing <Ctrl+Shift+SESSION-NUMBER> <Ctrl+]>. Example device-name#telnet 192.0.103.13 connecting to 192.0.103.13... current session is 6. red hat linux release 7.1 (seawolf) kernel 2.4.2-2 on an i686 login: xxxx password: last login: thu mar...

  • Page 36: User Privilege Levels, Introduction

    4. User Privilege Levels Introduction The ESB26 Command Line Interface (CLI) supports privilege levels for allowing access to particular commands. You can use this feature to protect the system from unauthorized access. There are 16 privilege levels - from level 15, which is the most restricted level (lowest privilege), to level 0, which is unrestricted (highest privilege).

  • Page 37

    1. Copy an additional file, for example with name dictionary.nokia, to the same folder in which the RADIUS configuration files are installed. 2. For all user, assign a privilege in the users file (refer to the example in dictionary.nokia file).

  • Page 38: Supported Standards, Mibs And Rfcs, Default User Privilege Levels Configuration, Configuring And Displaying User Privileges

    User Privilege Levels Supported Standards, MIBs and RFCs Standards No Standards are supported by this feature. MIBs No MIBs are supported by this feature. RFCs No RFCs are supported by this feature. Default User Privilege Levels Configuration Table 4-2 shows the default user privilege levels configuration. Table 4-2 User Privilege Level Default Configuration P a r a m e t e r D e f a u l t...

  • Page 39

    User Privilege Levels Creating a New User with a Privilege Level The username command, in Global Configuration mode, establishes a username-based authentication system. The command creates a new user, assigns a password to this user, and specifies the access privilege level for this user. If a password confirmation is required, the second password must be identical to the first.

  • Page 40: Displaying Users

    User Privilege Levels Example device-name#show privilege Current user privilege is ADMIN Displaying Users The show users command, in either View or Privileged (Enable) mode, lists the users configured on the device that have lower or same user privileges as the current user. This means that only users with Administrator privilege can see all other users.

  • Page 41: Ethernet Interface Configuration, Introduction

    Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet. The ESB26 solves congestion problems caused by high-bandwidth devices and a large number of users by assigning each device to its own 100 or 1000 Mbps segment.

  • Page 42: Default Fast And Giga Ethernet Ports Configuration, Supported Standards, Mibs And Rfcs

    Ethernet Interface Configuration Supported Standards, MIBs and RFCs Standards IEEE 802.3 Ethernet IEEE 802.3u Fast Ethernet IEEE 802.3x Flow Control IEEE 802.3z Gigabit Ethernet MIBs RFC 1213, Management Information Base for Network Management of TCP/IP-based internets:MIB-II (interface table) RMON MIB Private MIB, batm_switch.mib RFCs RFC 1213, Management Information Base for Network Management of TCP/IP-based...

  • Page 43: Configuring And Displaying Fast And Giga Ethernet Ports

    Changes the flow control mode. default vlan Changes the default VLAN (PVID) of the configured interface. remote-fault-detect Enables remote fault detection on the configured interface that is connected to a 100Base Fiber pair. (Not relevant for ESB26.) crossover Enables crossover detection...

  • Page 44

    Ethernet Interface Configuration The command changes the switch’s configuration mode into Interface Configuration mode. Following execution of the command, the prompt line displays the interface unit, slot and port numbers. If you apply this command when the switch is in Interface Configuration mode, the mode is changed to the specified Interface Configuration mode (for example, you can use this command to change the mode from Interface 1/1/1 Configuration mode to Interface 1/1/2 Configuration mode).

  • Page 45

    Ethernet Interface Configuration Setting a Name to the Fast Ethernet or Giga Ethernet Port The name command, in Interface Configuration mode, assigns a name to the Fast Ethernet or Giga Ethernet port to facilitate switch administration. The no form of the command removes the port name.

  • Page 46

    Ethernet Interface Configuration Setting the Backpressure Mode The backpressure command, in Interface Configuration mode, changes the backpressure mode. Backpressure is a technique for ensuring that a transmitting port does not send too much data to a receiving port at a given time. When the buffer capacity of a receiving port is exceeded, it sends a Jam message to the transmitting port to halt transmission.

  • Page 47

    When remote fault detection is enabled on such an interface, the switch indicates link down on the port if the remote peer detects link down. NOTE The remote-fault-detect command is available only on 100Base Fiber ports. (Not relevant for ESB26.) Command Syntax device-name(config-if UU/SS/PP)#remote-fault-detect device-name(config-if UU/SS/PP)#no remote-fault-detect...

  • Page 48

    Ethernet Interface Configuration In order to feed the transmitted data from one end of the connection to the receive pins on the other end: MDI (computers and uplink) ports are connected to MDIX (hub or switch) ports via straight- through twisted pairs. MDIX (normal) ports on switches or hubs are connected to each other via a crossover cable.

  • Page 49

    Ethernet Interface Configuration Command Syntax device-name#show interface [UU/SS/PP] Argument Description UU/SS/PP (Optional). Represent the Unit, Slot and Port numbers respectively, each in one or two decimal digits. Example 1 The following example displays the settings of all the switch's interfaces: device-name#show interface ==================================================================== |port |name |type |state|link|duplspeed |flow |backpres|default vlan...

  • Page 50

    Ethernet Interface Configuration Argument Description UU/SS/PP (Optional) Interface unit, slot and port number. extended (Optional). Displays additional packet counters. Example 1 The following example uses the show interface statistics command for a specified interface to display various packet counters: device-name#show interface 1/1/1 statistics Octets In/OutPkts 64 Collisions...

  • Page 51

    Ethernet Interface Configuration C o u n t e r D e s c r i p t i o n Oversize This counter is incremented once for every received packet that meets all the following conditions: Packet data length is greater than MaxFrameSize. Packet has valid CRC.

  • Page 52

    Ethernet Interface Configuration C o u n t e r D e s c r i p t i o n Down Count This counter is incremented once for every disconnection of the port. The counter is initialized in any of the following cases: When the switch starts running (provided that the link to the port is connected), the counter is initialized to zero.

  • Page 53

    Ethernet Interface Configuration C o u n t e r D e s c r i p t i o n OutDiscards Not supported. OutErrors Not supported. Clearing the Interface Statistics Table 5-7 lists the Fast Ethernet and Giga Ethernet interfaces commands for clearing the interfaces statistics.

  • Page 54

    Ethernet Interface Configuration show port management Displays which ports provide management access. Setting Management Ports The port management command, in Global Configuration mode, controls access to/from switch management on specified ports. The no form of this command blocks access to the switch’s management on specified ports for both outgoing and incoming management packets.

  • Page 55: Related Commands

    Ethernet Interface Configuration Displaying the Management Ports The show port management command, in Privileged (Enable) mode, displays which ports provide management access. Command Syntax device-name#show port management Example device-name#show port management Management ports: 1/1/2,1/1/5 Related Commands Table 5-9 shows the commands related to Fast and Giga Ethernet port configuration. Table 5-9 Fast and Giga Ethernet Port Configuration Related Commands C o m m a n d D e s c r i p t i o n...

  • Page 56: Port Security, Introduction, Configuring And Displaying Port Security Settings

    6. Port Security Introduction You can use port security to block input to a port when the MAC address of the station attempting to access the port does not match any of the MAC addresses specified for that port. Alternatively, you can use port security to filter traffic destined to or received from a specific host based on the host MAC address.

  • Page 57: Show Port Security

    Port Security Command Syntax device-name(config-if UU/SS/PP)#port security [action {shutdown| trap}|max- mac-count <number-of-addresses>] device-name(config-if UU/SS/PP)#no port security [action {shutdown| trap}] Argument Description action shutdown Disable the port when a security violation occurs. action trap Generate an SNMP trap when a security violation occurs. The MAC address that will pass the maximum allowed will be learned as filtered.

  • Page 58

    Port Security device-name(config-if 1/1/4)#interface 1/1/4 device-name(config-if 1/1/8)#port security action shutdown device-name(config-if 1/1/8)#port security max-mac-count 10 The configured settings are displayed by the show command in Privileged mode as follows: device-name#show port security |port num |action |max-mac-count |current mac-count| |------------+------------+----------------+-----------------| |1/1/2 |trap |not-limited |1/1/3...

  • Page 59

    Port Security 0002 00:02:55:98:52:f4| 1/1/2 secure 0002 00:40:95:30:0b:f8| 1/1/3 dynamic • Finally, check the port security definitions: device-name#show port security 1/1/2 Depending on previous settings, the screen should display results as follows: The port is : secured Action on security violation :send a trap Max secured addresses : 3 Current secured addresses : 3 MN700004 Rev 01...

  • Page 60: Link Aggregation Groups (lags), Introduction

    7. Link Aggregation Groups (LAGs) Introduction Link Aggregation Groups (LAGs), also known as trunks, provide increased bandwidth and high reliability while saving the cost of upgrading the hardware. By combining several interfaces into one logical link, LAGs offer network channels tailored to need, filling the gaps between 10 Mbps, 100 Mbps and 1 Gbps with intermediate bandwidth values.

  • Page 61: Feature Overview

    Link Aggregation Groups (LAGs) Feature Overview Static Link Aggregation Groups (LAGs) Static LAGs provide the ability to treat multiple switch ports as one switch port. These port groups act as a single logical port for high-bandwidth connections between two network devices.

  • Page 62

    Link Aggregation Groups (LAGs) Passive: The switch does not initiate the LAG, but understands the LACP packet. The switch will reply to the received LACP packet to eventually form the LAG if the other end (in active state) requests it to do so. Active: The switch is willing to form an aggregate link, and initiate the negotiation.

  • Page 63

    Link Aggregation Groups (LAGs) MAC Addresses Learned on LAG Ports You can see in the MAC address table the physical ports and the LAGs on which the MAC addresses were learned. Each MAC address is shown with the number of the port on which it was physically learned and the name of the LAG group to which the port belongs.

  • Page 64: Prerequisites, Default Link Aggregation Configuration

    Link Aggregation Groups (LAGs) Prerequisites The following guidelines apply to LAG configuration: • You do not need to do any changes to existing higher-layer protocols or applications in order to use Link Aggregation. • Links that cannot take part in Link Aggregation - due to their inherent capabilities or the capabilities of the devices to which they attach, or due to management configuration -operate as normal, individual links.

  • Page 65: Configuring And Displaying Lags

    Link Aggregation Groups (LAGs) P a r a m e t e r D e f a u l t V a l u e LACP port mode Active LACP port priority 32768 Configuring and Displaying LAGs Configuring Static LAGs To set the static LAG, set the ports participating in the static LAG.

  • Page 66

    Link Aggregation Groups (LAGs) 2. You can change the LACP system priority. See Setting a Name for a Static LAG. 3. You can change the LACP port definitions (port mode and priority). See Enabling and Configuring an Interface for LACP Aggregation. Table 7-3 lists the LACP configuration commands, used for configuring dynamic links.

  • Page 67

    Link Aggregation Groups (LAGs) Argument Description priority Priority value, in the range 1 (highest priority) to 65535 (lowest priority). Example The following command sets the LACP system priority to 1 (the highest priority). device-name(cfg protocol)#link-aggregation lacp system-priority 1 device-name(cfg protocol)#link-aggregation lacp system-priority System priority = 1 Enabling and Configuring an Interface for LACP Aggregation The link-aggregation lacp command, in Interface Configuration mode, enables the...

  • Page 68

    Link Aggregation Groups (LAGs) Specifying the STP/RSTP/MSTP Path Cost STP/RSTP/MSTP path cost can be specified for aggregate ports in the same way as for normal ports. For details, refer to the respective (STP/RSTP/MSTP) chapter. Displaying Link Aggregation Groups Table 7-4 lists the commands to display the static LAG and LACP configuration. Table 7-4 Commands to Display the Static LAG and LACP Configuration C o m m a n d D e s c r i p t i o n...

  • Page 69: Configuration Examples

    Link Aggregation Groups (LAGs) Displaying the LACP Interfaces The show link-aggregation lacp command, in Privileged (Enable) mode, displays a list of all LACP enabled interfaces on the switch with the configured LACP parameters. Command Syntax device-name#show link-aggregation lacp Example device-name#show link-aggregation lacp System ID = 00 a0 12 02 02 02 System priority = 32768...

  • Page 70

    Link Aggregation Groups (LAGs) On each of the two switches, LACP is enabled in active mode on interfaces 1/1/17 and 1/1/20 as an aggregated link. The configuration of Switch2 is identical to that of Switch1. 1. Display the LACP status: device-name#show link-aggregation lacp LACP disabled on the system 2.

  • Page 71

    Link Aggregation Groups (LAGs) Complex LACP Configuration The following example establishes two dynamic link aggregation groups between three switches, as shown in Figure 7-3. Figure 7-3: Example of Two LAGs Configured on the Same Switch Configuring Switch 1: On Switch 1, LACP is enabled in active mode on the following interfaces: •...

  • Page 72

    Link Aggregation Groups (LAGs) 4. Display the LACP configuration: Switch1#show link-aggregation lacp System ID = 00 00 02 03 04 05 System priority = 32768 ========+========+=======+========= Port Mode Prty --------+--------+-------+--------+ 1/1/1 | active | 1 | 32768 1/1/2 | active | 1 | 32768 1/1/3 | active |...

  • Page 73

    Link Aggregation Groups (LAGs) Configuring Switch 3: On Switch 3, LACP is enabled in active mode on interfaces 1/1/3 and 1/1/4, as an aggregated link to Switch 1. 1. Enter into Protocol Configuration mode and enable the LACP on switch 3: Switch3#configure terminal Switch3(config)#protocol Switch3(cfg protocol)#link-aggregation lacp enable...

  • Page 74

    Link Aggregation Groups (LAGs) ----------+--------+-----------------+--------------------+ AG01 | LACP | LACP1 | 1/1/1-1/1/4 ==========+========+=================+===================== Switch 3: Switch3#show interface link-aggregation ==========+========+=================+===================== Aggregate |Type | Management Name | Ports ----------+--------+-----------------+--------------------+ AG05 | LACP | LACP5 | 1/1/3-1/1/4 ==========+========+=================+===================== Example of Static Link Aggregation with RSTP The following example shows how to establish two static link aggregation groups between two switches with fast Ethernet interfaces, as shown in Figure 7-4.

  • Page 75

    Link Aggregation Groups (LAGs) Switch1(config)#protocol Switch1(cfg protocol)#rapid-spanning-tree enable Switch1(cfg protocol)#end 2. Enabling Static LAG on interfaces 1/1/1 and 1/1/4 Switch1#configure terminal Switch1(config)#interface 1/1/1 Switch1(config-if 1/1/1)#link-aggregation static id 1 Switch1(config-if 1/1/1)#interface 1/1/4 Switch1(config-if 1/1/4)#link-aggregation static id 1 3. Enabling Static LAG on interfaces 1/1/17 and 1/1/20 Switch1(config-if 1/1/4)#interface 1/1/17 Switch1(config-if 1/1/17)#link-aggregation static id 3 Switch1(config-if 1/1/17)#interface 1/1/20...

  • Page 76

    Link Aggregation Groups (LAGs) Displaying the Configuration on Switch 2 (After Configuring as Described for Switch 1): 1. Display the static LAG configuration: Switch2#show interface link-aggregation static =========+======+=======================+======================= Aggregate| Type | Management Name | Ports ---------+------+-----------------------+----------------------- AG01 |static|TRUNK1 |1/1/1,1/1/4 AG03 |static|TRUNK3 |1/1/17,1/1/20 2.

  • Page 77: Traffic Monitoring, Introduction, Feature Overview

    8. Traffic Monitoring Introduction Traffic monitoring extends the monitoring capabilities of existing network analyzers in a switched Ethernet environment. Traffic can be monitored on switch's ports and VLANs by configuring another port to "mirror" the traffic on the ports or VLANs you want to monitor. By attaching an analyzer to the mirror port, the system administrator can observe the traffic on the monitored ports and analyze the traffic on the network.

  • Page 78

    Traffic Monitoring Figure 8-1 Example of Monitor Session Configuration on Interface Figure 8-2 Example of Monitor Session Configuration on VLANs MN700004 Rev 01...

  • Page 79: Traffic Types, Source Port, Destination Port

    Traffic Monitoring Traffic Types A monitor session includes the following traffic types: • Receive (Rx) - The goal of receive (or ingress) monitoring is to monitor the packets received by the source interface or VLAN before any modification or processing is performed by the switch.

  • Page 80: Default Traffic Monitoring Configuration, Supported Standards, Mibs And Rfcs, Prerequisites

    Traffic Monitoring Supported Standards, MIBs and RFCs Standards No standards are supported by this feature. MIBs No MIBs are supported by this feature. RFCs No RFCs are supported by this feature. Prerequisites You cannot define different monitoring directions (transmit, receive) for both a VLAN list and an interface list concurrently (such as the transmit source defined to be a VLAN list and the receive source defined to be an interface list in the same monitoring session).

  • Page 81: Configuring And Displaying Monitor Session

    Traffic Monitoring Table 8-1 Default Traffic Monitoring Configuration P a r a m e t e r D e f a u l t V a l u e Monitor Disabled Session Configuring and Displaying Monitor Session Table 8-2 lists the monitor session commands. Table 8-2 Monitor Session Commands C o m m a n d D e s c r i p t i o n...

  • Page 82

    Traffic Monitoring Example The following example shows how to configure a monitor session to monitor ingress traffic on multiple source VLANs. device-name(config)#monitor session rx source vlan 5-10,100 device-name(config)#monitor session rx destination 1/1/3 Displaying Monitor Session Configuration The show monitor session command, in Privileged (Enable) mode, displays the monitor session configuration.

  • Page 83

    Traffic Monitoring Configuration Example for Monitor Session on VLAN The following example is based in Figure 8-2 and shows how to configure the monitor session on VLAN, interface 1/1/4 is mirroring the traffic on VLANs 100 and 101. The traffic is monitored both for Rx and Tx.

  • Page 84: Resilient Link, Introduction, Configuring And Displaying A Resilient Link

    9. Resilient Link Introduction A resilient link provides a secondary backup link to protect a network against failure of an individual link or device. The backup link becomes active only if a failure on the main link occurs. A resilient link comprises a resilient link pair that contains a main link and a standby link.

  • Page 85

    Resilient Link prefer port Designates the preferred port of the resilient link. active port Designates the active port of the resilient link. show Displays a table of the configured resilient links. show counter Produces a table showing how many swaps each resilient link has undergone in the current session.

  • Page 86

    Resilient Link 3. Removing a specified resilient link from the list of defined resilient links: device-name(config)#no resilient-link 1 ports The ports command, in Resilient-link Configuration mode, adds a port pair as a resilient link. This adds a new resilient link to a list of already defined resilient links. Ports are defined in unit/slot/port notation.

  • Page 87

    Resilient Link prefer port The prefer port command, in Resilient-link Configuration mode, sets one of the ports of the resilient link as preferred. A port is said to be preferred if it is always the main port as long as it has the link. Traffic will be switched back to the main port as soon as its connection is recovered.

  • Page 88

    Resilient Link show The show command, in Resilient-Link Configuration mode, displays a table of the configured resilient links. The table specifies the resilient-link ID numbers, the resilient link ports, which port is preferred (if any), and which port is currently active. You can specify by ID number or by a range of ID numbers which configured resilient links to display.

  • Page 89

    Resilient Link This command is identical in effect to the show resilient-links counter command Privileged (Enable) mode, as described below. Command Syntax device-name(config-resil-link N)#show counter [N1|N1 N2] Argument Description (Optional) ID number of resilient link to be displayed. N1 N2 (Optional) Range of ID numbers of resilient link to be displayed.

  • Page 90

    Resilient Link Command Syntax device-name#show resilient-links [N1 | N1 N2] Argument Description (Optional) ID number of resilient link to be displayed N1 N2 (Optional) Range of ID numbers of resilient link to be displayed Examples 1. Displaying information on all currently configured resilient links: device-name#show resilient-links =========================================== | RLink | Port1 | Port2 | Prefer | Active |...

  • Page 91

    Resilient Link N1 N2 (Optional) Range of ID numbers of resilient link to be displayed Examples 1. Displaying the swap count on all currently configured resilient links: device-name#show resilient-links counter ====================== | RLink | Swap count | +-------+------------+ ====================== 2. Displaying the swap count on all resilient link #5: device-name#show resilient-links counter 5 ====================== | RLink | Swap count |...

  • Page 92: Snmp Server Configuration, Introduction, Configuring And Displaying The Snmp Server Settings

    10. SNMP Server Configuration Introduction SNMP (Simple Network Management Protocol) is the Network management protocol that is used almost exclusively in TCP/IP networks. The Nokia ESB26 switch is fully manageable via SNMP. Configuring and Displaying the SNMP Server Settings SNMP Configuration Commands...

  • Page 93

    SNMP Server Configuration NOTE You must configure your management system with the same parameters that are assigned to the users in the agent. Table 10-1 lists the configuration commands for the SNMPv3 Agent. Table 10-1 SNMPv3 Agent Configuration Commands C o m m a n d D e s c r i p t i o n snmp-server engineID Changes the agent’s SNMP engine ID.

  • Page 94

    SNMP Server Configuration By default, the engine ID is 00 00 02 DB 03 [MAC-ADDR] 00 00, where [MAC-ADDR] represents the switch’s MAC address. Command Syntax device-name(config)#snmp-server engineID ENGINE-ID device-name(config)#no snmp-server engineID Argument Description ENGINE-ID A string of 10 to 64 characters (represented internally by 5 to 32 bytes) that represents the agent’s Engine ID as a hexadecimal number.

  • Page 95

    SNMP Server Configuration The MIB definition represents a tree where each node in the tree is identified by a number. To identify a branch in the tree, the usual convention is to use a series of numbers separated by dots, where each number represents a node in the tree. The view name is created if it does not exist.

  • Page 96

    SNMP Server Configuration The following command grants access to all conceptual rows in ipCidrRouteTable that have next-hop 192.168.5.1. The destination, mask and the TOS entered in the OID have no match (the bits of the mask are ‘0’ at these OIDs). If an Object ID does not match any rule in a view, its access is denied.

  • Page 97

    SNMP Server Configuration Argument Description NAME Configures a new SNMP group on the device. The name of the group is limited to 32 characters. Version 1 of the SNMP protocol. Version 2 of the SNMP protocol. Version 3 of the SNMP protocol. Requires you to select an authentication level (auth, noauth or priv).

  • Page 98

    SNMP Server Configuration stop responding for several seconds (depending on the switch model). Users with security level AuthNoPriv and AuthPriv are stored in NVRAM when the write command is executed. The configured users will not be seen in the configuration file. For a remote user, the ID of the remote SNMP engine must be specified.

  • Page 99

    SNMP Server Configuration Example 3 The following example shows how to remove a defined user named IVAN from an associated group ACC: device-name(config)#no snmp-server user IVAN group ACC v3 Configuring the SNMP Notification Log The snmp-server log-notify command in Privileged (Enable) mode, enables the SNMP notification log.

  • Page 100

    SNMP Server Configuration • Telnet access to the switch. For the use of named access list by telnet see "Configuring a Telnet Connection". • Access of the SNMP users. For the use of named access list by SNMP see "SNMP Server Configuration".

  • Page 101

    SNMP Server Configuration exact-match Only the IPs with an exact match of the specified argument (used only for routing protocols). Example The following example shows a basic filtering configuration: device-name(config)#access-list filter deny 10.0.0.0/9 device-name(config)#access-list filter permit 10.0.0.0/8 Displaying the Named Access Lists The show access-lists command, in Privileged (Enable) mode, displays the defined named access lists.

  • Page 102

    SNMP Server Configuration Notification Configuration Commands In order to send notifications to the management station, perform the following steps: 1. Enable the SNMP agent (if it is disabled). 2. Create a view, group and user that includes the notification variables with notify access right 3.

  • Page 103

    SNMP Server Configuration specified in Table 10-5. TAG-NAME The notification tag. Example device-name(config)#snmp-server notify linkUp tag1 Table 10-5 Notification Argument Values A r g u m e n t V a l u e D e s c r i p t i o n resilientLinkStatusChange Indicates that the resilient link status was changed, identified by the resilientLinkIndex.

  • Page 104

    SNMP Server Configuration A r g u m e n t V a l u e D e s c r i p t i o n topologyChange Indicates that the topology change has been detected by the Spanning Tree algorithm. unauthorizedAccessViaCLI Indicates an attempt for unauthorized access via CLI.

  • Page 105

    SNMP Server Configuration Argument Description WORD The name of the target parameter. SEC-NAME The security name. v1, v2c, v3 The security model of the target-parameter. It specifies the version of the protocol in which the traps would be sent (v1, with TRAP-V1 PDU type or v2c and v3, with TRAP- V2 PDU type).

  • Page 106

    SNMP Server Configuration TAG-NAME The name of the added/removed tag. Example 1 device-name(config)#snmp-server target-address XYZ 192.168.0.121 162 param1 tag1 Example 2 device-name(config)#snmp-server target-address XYZ addtag tag2 Enabling Sending Authentication Failure Traps The snmp-server authentication-failure-trap command, in Global Configuration mode, enables sending authentication-failure traps. The no form of this command disables the authentication-failure trap.

  • Page 107

    SNMP Server Configuration MASK (Optional) The bit-mask that defines Object ID wildcard characters. SNMP MIB-II System Group Elements Commands Table 10-6 lists the configuration commands for the SNMP MIB-II system group elements. Table 10-6 SNMP MIB-II System Group Elements Configuration Commands C o m m a n d D e s c r i p t i o n snmp-server contact...

  • Page 108

    .LINE-TEXT System name, up to 80 characters long. Example device-name(config)#snmp-server system-name Nokia Defining the System Location The snmp-server location command, in Global Configuration mode, sets the MIB-II system location string. The no form of this command removes the SNMP system location string.

  • Page 109

    SNMP Server Configuration C o m m a n d D e s c r i p t i o n show snmp-server target-addr Displays the notification target address. show snmp-server access- Displays the access list assigned to a user.Displays the SNMP listshow snmp-server log-notify notification log.

  • Page 110

    SNMP Server Configuration Command Syntax device-name#show snmp-server group Example device-name#show snmp-server group group name: security model: v3 auth read view: READ write view: WRITE notify view: NOTIFY row status: active device-name# Displaying the SNMP Users The show snmp-server user command, in Privileged (Enable) mode, displays the users and their associated engine ID.

  • Page 111

    SNMP Server Configuration The view is displayed in the following format: ipCidrRouteEntry.192.168.0.0.255.255.0.0.0.192.168.4.1 device-name#show snmp-server view View name: MyView OID: mib-2 included Row status: Active Storage type:Volatile View name: MyView OID: sysUpTime excluded Row status: Active Storage type:Volatile device-name# If the file batm_oid_table is loaded in the hidden directory of the flash file system, the OIDs will be shown with symbolic names.

  • Page 112

    SNMP Server Configuration Profile name: profile OID: internet included Profile name: profile OID: risingAlarm excluded device-name# Displaying the SNMP v2c/v3 Notification Type The show snmp-server notify command, in Privileged (Enable) mode, displays the SNMPv2c and SNMPv3 notification parameters (name, type and tag). The notification type can be either "trap"...

  • Page 113

    SNMP Server Configuration Command Syntax device-name#show snmp-server access-list Displaying the Pending Informs The show snmp-server informs command, in Privileged (Enable) mode, displays the pending informs. Command Syntax device-name#show snmp-server informs Example device-name#show snmp-server informs Number of pending informs :0 device-name# Configuration Examples Configuring SNMP v2c inform notifications: 1.

  • Page 114

    SNMP Server Configuration Configuring SNMP v3 inform notifications: 1. Enable the SNMP server: device-name(config)#snmp-server enable 2. Define the notification with name NAME, tag TAG and create the notification as an inform: device-name(config)#snmp-server notify NAME TAG inform 3. Define a notification target address with name ADDRESSNAME and IP address 193.124.13.6.

  • Page 115: Forwarding Database (fdb), Introduction, Mac-table Entry Types

    11. Forwarding Database (FDB) Introduction The MAC Address table contains the information that is in the forwarding database. The switch uses the forwarding database to forward packets to the appropriate bridge in the bridge group. The FDB has both static entries, which are created by the user, and dynamic entries (learned entries), which are added and removed by the learning process.

  • Page 116: How Entries Are Added To The Fdb, Configuring And Displaying Fdb Settings, Description Of Commands

    Forwarding Database (FDB) How Entries Are Added to the FDB You can add entries into the FDB in the following two ways: • The switch learns MAC addresses at the FDB with the following parameters: source MAC address, VLAN, interface and the VLAN priority (if any). •...

  • Page 117: Deleting Entries

    Forwarding Database (FDB) Command Syntax device-name(config)#mac-address-table {static|dynamic|secure} HH:HH:HH:HH:HH:HH interface UU/SS/PP vlan <vlan-id> Argument Description static Add static entry. dynamic Add dynamic entry statically. secure Add secure entry for secured port (see Port Security). HH:HH:HH:HH:HH:HH 48-bit hardware address interface UU/SS/PP The interface number vlan <vlan-id>...

  • Page 118

    Forwarding Database (FDB) dynamic (Optional) Only dynamic MAC addresses are cleared. filtered (Optional) Only filtered MAC addresses are cleared. secure (Optional) Only secure MAC addresses are cleared. static (Optional) Only static MAC addresses are cleared. multicast (Optional) Only multicast MAC addresses are cleaned. NOTE If any argument is omitted, the command clears all MAC addresses complying with the arguments that are specified.

  • Page 119

    Forwarding Database (FDB) Displaying FDB Table Entries show mac-address-table The show mac-address-table command, in Privileged (Enable) mode, displays the FDB entries stored in the switch, and other data pertaining to the FDB table, as specified by the command arguments. Command Syntax device-name#show mac-address-table [dynamic|filtered|secure|static] [address HH:HH:HH:HH:HH:HH] [vlan <vlan-id>] [interface UU/SS/PP] device-name#show mac-address-table count...

  • Page 120

    Forwarding Database (FDB) 0001 00:a0:12:05:36:80 self Setting the MAC Address Aging Time The MAC address aging time is the time interval that a dynamic MAC address is allowed to remain on the FDB table without sending any frame to the device. If the aging time expires, the address of the network is removed from the FDB table.

  • Page 121: Spanning Tree Protocol (stp), Introduction, Configuring And Debugging Stp

    12. Spanning Tree Protocol (STP) Introduction The Spanning Tree Algorithm and Protocol are part of the ANSI/IEEE Std 802.1D MAC Bridges specifications sponsored by the LAN/MAN Standards Committee of the IEEE Computer Society. STP (Spanning-Tree Protocol) provides fault tolerance on networks, by allowing you to implement parallel paths for network traffic.

  • Page 122

    Spanning Tree Protocol (STP) Table 12-1 STP Commands in Protocol Configuration Mode C o m m a n d D e s c r i p t i o n spanning-tree Displays the current STP parameter settings. spanning-tree enable/disable Enables/disables the STP option. spanning-tree priority Sets the STP bridge priority spanning-tree hello-time...

  • Page 123

    Spanning Tree Protocol (STP) STP Configuration Commands in Protocol Configuration Mode spanning-tree The spanning-tree command, in Protocol Configuration mode, displays the current STP parameter configuration. To display Spanning-Tree topology for a specified port or all ports, use the show spanning-tree interface command or the show spanning-tree command in Privileged mode.

  • Page 124

    Spanning Tree Protocol (STP) spanning-tree priority The spanning-tree priority command, in Protocol Configuration mode, assigns the specified value to the STP bridge priority. The default value is 32768. The no form of this command resets the default value. Command Syntax device-name(cfg protocol)#spanning-tree priority <0-65535>...

  • Page 125

    Spanning Tree Protocol (STP) device-name(cfg protocol)#no spanning-tree forward-delay Argument Description forward-delay The time in seconds that the switch stays in each of the Listening and Learning states that precede the Forwarding State. The default value is 15 seconds. spanning-tree max-age The spanning-tree max-age command, in Protocol Configuration mode, sets the time in seconds that learned Spanning Tree information is kept before being discarded.

  • Page 126

    Spanning Tree Protocol (STP) PortPriority = 128 PortState = disabled PortEnable = disabled PortPathCost = 10 DesignatedRoot = 08192.00:A0:12:00:00:03 DesignatedCost = 19 DesignatedBridge = 32768.00:A0:12:11:29:82 DesignatedPort = 128.1 FrwrdTransitions TopChangeDetection = Enabled device-name(config-if 1/1/1)#spanning-tree priority 100 2. Displaying the spanning-tree topology for all interfaces: device-name(cfg protocol)#spanning-tree interface all ============================================================================ Port...

  • Page 127

    Spanning Tree Protocol (STP) to the spanning-tree interface all command in Protocol Configuration mode. See also Displaying Port Spanning-Tree Topology Settings. Command Syntax device-name(config-if UU/SS/PP)#spanning-tree all Example device-name(config-if 1/1/1)#spanning-tree all ============================================================================ Port |Pri|State|PCost | DCost |Designated bridge |DPrt |FwrdT|DtctTc --------+---+-----+------+-----------+------------------+------+-----+------ 01/01/01 128 listn 32768.00A012000003 128.01 2 Disabled...

  • Page 128: Displaying Port Spanning-tree Topology Settings

    Spanning Tree Protocol (STP) Command Syntax device-name(config-if UU/SS/PP)#spanning-tree defaults NOTE This command replaces the no spanning-tree command in Interface Configuration mode. spanning-tree detect-tc The spanning-tree detect-tc command, in Interface Configuration mode, enables topology change detection on the configured interface. Use the no form of the command to disable the topology change detection.

  • Page 129

    Spanning Tree Protocol (STP) Example When the bridge is not the root bridge: device-name#show spanning-tree Spanning tree enabled ProtocolSpecification = ieee8021d Priority = 32768 TimeSinceTopologyChange = 60 (sec) TopChanges DesignatedRoot = 08192.00:A0:12:00:00:03 RootPort = 01/01/15 RootCost = 19 MaxAge (sec) HelloTime (sec) ForwardDelay...

  • Page 130: Debugging Stp

    Spanning Tree Protocol (STP) PortPriority = 128 PortState = disabled PortEnable = disabled PortPathCost = 10 DesignatedRoot = This bridge is the root DesignatedCost DesignatedBridge = This bridge DesignatedPort = 128.1 FrwrdTransitions TopChangeDetection = Enabled Debugging STP Table 12-5 lists the STP debugging commands. Table 12-5 STP Debugging Commands C o m m a n d D e s c r i p t i o n...

  • Page 131

    Spanning Tree Protocol (STP) Displaying the Status of the STP Debug The show debug stp command, in Privileged (Enable) mode, displays the debug status for the Spanning Tree protocol (STP). The debug commands can help the network manager to monitor a session as it proceeds on the switch. Command Syntax device-name#show debug stp MN700004 Rev 01...

  • Page 132: Rapid Spanning Tree Protocol (rstp), Introduction

    13. Rapid Spanning Tree Protocol (RSTP) Introduction RSTP (Rapid Spanning Tree Protocol) performs the roles of the STP protocol considerably faster by enabling rapid transitions of ports from Alternate state to Root state, and from Backup state to Designated state. In certain cases, RSTP enables rapid transitions of ports to Forwarding states.

  • Page 133: Selection Of The Root Bridge And Root Port

    Rapid Spanning Tree Protocol (RSTP) The RSTP port roles are determined automatically by the following parameters: • a unique Bridge Identifier associated to each bridge; • a Path Cost associated to each bridge port; • a unique Port Identifier associated to each bridge port. Selection of the Root Bridge and Root Port RSTP automatically selects the bridge that has the best Bridge Identifier as the Root Bridge.

  • Page 134: Changing Port States

    Rapid Spanning Tree Protocol (RSTP) • a Backup Port - if the Bridge is the Designated Bridge for the attached LAN OR OTHERWISE • an Alternate Port. Alternate and Backup Ports An Alternate Port offers a path in the direction of the Root Bridge alternate to that provided by the Bridge’s Root Port.

  • Page 135: Configuring And Debugging Rstp

    Rapid Spanning Tree Protocol (RSTP) contradictory information to be received from any Bridge following the change in Spanning Tree information that first caused this Port to be assigned the Root Port or Designated Port role. 2. The Port is now a Root Port AND: any Ports on the Bridge that have been Root Port too recently for Spanning Tree information to have definitely reached all Bridges in the network any Ports have been contradicted if necessary, are not and will not be put in the...

  • Page 136

    Rapid Spanning Tree Protocol (RSTP) Argument Description UU/SS/PP Unit, slot and port number of an interface (i.e. – 1/1/8). The (config-if UU/SS/PP)# prompt-line indicates interface UU/SS/PP Configuration mode. Table 13-2 summarizes the RSTP commands available in Protocol Configuration mode. Table 13-3 summarizes the RSTP commands available in interface configuration mode. Table 13-4 summarizes the RSTP debug commands.

  • Page 137

    Rapid Spanning Tree Protocol (RSTP) rapid-spanning-tree defaults Sets the RSTP parameters to their defaults for the configured interface. rapid-spanning-tree detect protocols Recalculates the protocol migration state. rapid-spanning-tree point_to_point_mac Set RSTP port point_to_point_mac. Table 13-4 RSTP Debug Commands C o m m a n d D e s c r i p t i o n debug rstp Displays the RSTP debug messages as specified by the command argument.

  • Page 138

    Rapid Spanning Tree Protocol (RSTP) rapid-spanning-tree enable/disable The rapid-spanning-tree enable/disable command, in Protocol Configuration mode, enables/disables the Rapid-Spanning Tree option. When RSTP is disabled, you can still use the other commands to set the RSTP configuration. These settings are preserved when RSTP is enabled. By default, RSTP is disabled.

  • Page 139

    Rapid Spanning Tree Protocol (RSTP) Argument Description hello-time The time interval, in seconds, between BPDU transmissions from the ports of this unit. The default value is 2 seconds. rapid-spanning-tree forward-delay The rapid-spanning-tree forward-delay command, in Protocol Configuration mode, sets the time, in seconds, that the switch stays in each of the Listening and Learning states that precede the Forwarding State.

  • Page 140

    Rapid Spanning Tree Protocol (RSTP) rapid-spanning-tree interface The rapid-spanning-tree interface command, in Protocol Configuration mode, changes the mode to interface configuration mode. This mode enables you to set the RSTP interface configuration. If the argument all is specified, this command displays the Rapid-Spanning- Tree topology for all ports and does not change the configuration mode.

  • Page 141

    Rapid Spanning Tree Protocol (RSTP) RSTP Configuration Commands in Interface Configuration Mode rapid-spanning-tree all The rapid-spanning-tree all command, in Interface Configuration mode, displays the current status of rapid-spanning-tree parameters for all the switch’s logical interfaces. The command is equivalent to the rapid-spanning-tree interface all command in Protocol Configuration mode.

  • Page 142

    From the point of view of determining the value of the link-type, the switch is considered to be connected to a point-to-point LAN segment if any of the following conditions are true: The ESB26 switch supports autonegotiation, and the autonegotiation function has determined that the LAN segment is to be operated in full duplex mode.

  • Page 143

    Rapid Spanning Tree Protocol (RSTP) If Admin link-type is set to Auto, then the value of Operational link-type is determined in accordance with the specific procedures defined for the switch entity concerned, as defined in Admin link-type (auto). If these procedures determine that the switch entity is connected to a point-to-point LAN segment, then Operational link-type is set to point-to-point, otherwise it is set to Shared.

  • Page 144

    Rapid Spanning Tree Protocol (RSTP) device-name(config-if UU/SS/PP)#no rapid-spanning-tree path-cost Argument Description 1-200000000 RSTP path-cost value assigned to the configured interface. Table 13-5 displays the default value that calculated from the link speed of the interface. Table 13-5 Default Path cost values (IEEE8021w) L i n k R e c o m m e n d e d R e c o m m e n d e d...

  • Page 145: Displaying Port Rapid-spanning-tree Topology Settings

    Rapid Spanning Tree Protocol (RSTP) rapid-spanning-tree detect-protocols The rapid-spanning-tree detect-protocols command, in Interface Configuration mode, forces the port to work by the Rapid Spanning Tree Protocol (RSTP) and not by the Spanning Tree Protocol (STP). A switch running RSTP supports a built-in protocol migration mechanism that enables RSTP to interoperate with legacy 802.1D STP.

  • Page 146

    Rapid Spanning Tree Protocol (RSTP) Example device-name#show rapid-spanning-tree Rapid spanning tree = enabled ProtocolSpecification = ieee8021w Priority = 32768 TimeSinceTopologyChange = 32 (Sec) TopChanges DesignatedRoot = 04096.00:A0:12:00:00:03 RootPort = 01/01/03 RootCost = 200000 MaxAge = 20 (Sec) HelloTime (Sec) ForwardDelay = 15 (Sec) BridgeMaxAge = 20 (Sec)

  • Page 147

    Rapid Spanning Tree Protocol (RSTP) PortPathCost = 200000 DesignatedRoot = This bridge is the root DesignatedCost DesignatedRoot = This bridge DesignatedPort = 128.62 FrwrdTransitions Admin EdgePort = disabled EdgePort = disabled AdminLink-Type = Auto Link-Type = P2P MigrationTimer Debugging RSTP Table 13-7 lists the RSTP debugging commands.

  • Page 148

    Rapid Spanning Tree Protocol (RSTP) 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): End-Roles-Selection tSpanRecv: 1970/01/01 04:11:06 : link up on port 1/2/4 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): Select-Port-Roles 0xa1391880 (tSpanPRS): ================= 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): Port 1/2/1 Is DesignatedPort 0xa1391880 (tSpanPRS): Port 1/2/4 Is DesignatedPort 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): End-Roles-Selection...

  • Page 149

    Rapid Spanning Tree Protocol (RSTP) 0xa1391880 (tSpanPRS): 0xa1391880 (tSpanPRS): End-Roles-Selection By default, the debug is disabled. Command Syntax device-name#debug rstp {all | handshake | roles | flush} device-name#no debug rstp {all | handshake | roles | flush} Argument Description Activates all RSTP debug options. handshake Activates Hand Shake protocol debugging (IEEE 802.1w).

  • Page 150: Multiple Spanning Tree Protocol (mstp), Introduction

    14. Multiple Spanning Tree Protocol (MSTP) Introduction The Multiple Spanning Tree (MST) protocol carries the concept of the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) a leap forward by allowing you to group and associate VLANs to multiple spanning tree instances (forwarding paths) over Link Aggregation Groups (LAGs).

  • Page 151

    Multiple Spanning Tree Protocol (MSTP) topology for frames classified as belonging to VLANs that are mapped to the MSTI by the MST Configuration Table used by the MST Bridges of each MST Region. The IST is numbered 0, and the MSTIs are numbered 1, 2, 3, and so on. Each MSTI is local to the MST region and is independent of MSTIs in the other regions, even if the MST regions are interconnected.

  • Page 152

    Multiple Spanning Tree Protocol (MSTP) T e r m A c r o n y m D e f i n i t i o n MST Region A set of LANs and MST Bridges physically connected via Ports on those MST Bridges, where each LAN’s CIST Designated Bridge is an MST Bridge, and each Port is either the Designated Port on one of the LANs, or else a non-Designated Port of an MST Bridge that is connected...

  • Page 153

    Multiple Spanning Tree Protocol (MSTP) independent of MST instance 1 in region B, even if regions A and B are interconnected. • CIST - A common and internal spanning tree, which is a collection of the ISTs in each MST region, and the common spanning tree (CST) that interconnects the MST regions and single spanning trees.

  • Page 154

    Multiple Spanning Tree Protocol (MSTP) network. The MST instances combine with the IST at the boundary of the region to become the CST. The IST connects all the MSTP switches in the region and appears as a subtree in the CST that encompasses the entire switched domain, with the root of the subtree being the IST master.

  • Page 155

    Multiple Spanning Tree Protocol (MSTP) The message-age and maximum-age information in the RSTP portion of the BPDU remain the same throughout the region, and the region’s designated ports at the boundary propagate the same values. MST-to-SST Interoperability A virtual bridged LAN may contain interconnected regions of SST and MST bridges. To enable running STP in the SST region, an MST region appears as a single SST or pseudobridge, which operates as follows: •...

  • Page 156: Boundary Ports, Edge Ports

    Multiple Spanning Tree Protocol (MSTP) If you connect two MST regions with different MST configurations, the MST regions do the following: • Load balance across redundant paths in the network. If two MST regions are redundantly connected, all traffic flows on a single connection with the MST regions in a network. •...

  • Page 157

    Multiple Spanning Tree Protocol (MSTP) Link Type Rapid connectivity is established only on point-to-point links. If you connect a port to another port through a point-to-point link and the local port becomes a designated port, the RSTP negotiates a rapid transition with the other port by using the proposal-agreement handshake to ensure a loop-free topology.

  • Page 158

    Multiple Spanning Tree Protocol (MSTP) designated switch. Also, a switch might continue to assign a boundary role to a port when the switch to which it is connected has joined the region. If all the legacy switches on the link are RSTP switches, they can process MSTP BPDUs as if they are RSTP BPDUs.

  • Page 159: Default Mstp Configuration, Prerequisites

    Multiple Spanning Tree Protocol (MSTP) Prerequisites The MSTP implementation operates over MSTIs which are, in turn, mapped into groups of VLANs. However, since the MSTP does not enforce VLAN membership state for ports, a situation of inconsistency between the MSTP port’s state and the real state of the port may arise.

  • Page 160: Configuring And Displaying Mstp

    Multiple Spanning Tree Protocol (MSTP) Edge Port Disable Link Type Auto Cisco MSTP compliance Disable (IEE 802.1s-2002 compliance is enabled) MSTP debug Disable Table 14-3 Default Path Cost Values (IEEE8021s) L i n k R e c o m m e n d e d R e c o m m e n d e d R a n g e S p e e d...

  • Page 161: Enabling Mstp

    Multiple Spanning Tree Protocol (MSTP) Table 14-4 MSTP Configuration Commands C o m m a n d D e s c r i p t i o n mstp Enables/disables the MSTP, or changes the mode from Protocol Configuration to Protocol MSTP Configuration mode. name Defines the configuration name revision...

  • Page 162

    Multiple Spanning Tree Protocol (MSTP) Argument Description NAME The configuration name. The name length up to 31 characters (case sensitive). Example device-name(cfg protocol mstp)#name region1 Setting the Configuration Revision The revision command, in Protocol MSTP Configuration mode, sets the MST configuration revision number.

  • Page 163

    Multiple Spanning Tree Protocol (MSTP) NOTE The apply command has the same effect as the exit command, or the shortcut key <Ctrl+D>. Command Syntax device-name(cfg protocol mstp)#apply Setting the Hello Time The mstp hello-time command, in Protocol Configuration mode, configures hello time for all MST instances.

  • Page 164

    Multiple Spanning Tree Protocol (MSTP) Command Syntax device-name(cfg protocol)#mstp max-age <seconds> device-name(cfg protocol)#no mstp max-age Argument Description seconds Sets the RSTP maximum age time. The range is <6-40>. Setting the Switch Maximum Hop Count The mstp max-hops command, in Protocol Configuration mode, specifies the number of hops in a region before the BPDU is discarded, and the information held for a port is aged.

  • Page 165: Setting The Bridge Priority

    Multiple Spanning Tree Protocol (MSTP) Table 14-5 MSTI Configuration Commands C o m m a n d D e s c r i p t i o n instance vlan Maps an MSTP instance to a VLAN. mstp priority Sets the MSTP priority. Mapping an MST Instance to a VLAN The instance vlan command, in Protocol MSTP Configuration mode, maps VLANs to an MST instance.

  • Page 166

    Multiple Spanning Tree Protocol (MSTP) Argument Description instance-id The MST instance ID. The range is 0 to 15. priority Determines the likelihood that the switch will be chosen as the root switch. <priority> The range is 0 (highest likelihood) to 61440 (lowest likelihood) at increments of 4096.

  • Page 167

    Multiple Spanning Tree Protocol (MSTP) port-priority <priority> The port priority value, range is 0 (highest priority) to 255 (lowest priority). The default is 128. Example device-name(config)#interface ag2 device-name(config-if AG02)#mstp 0 port-priority device-name(config-if AG02)#mstp 0 port-priority 208 device-name(config-if AG02)# NOTE The port-priority command can be used on aggregate ports as well, as shown in the example above.

  • Page 168

    Multiple Spanning Tree Protocol (MSTP) Setting the Edge Port The mstp edge-port command, in Interface Configuration mode, changes the admin status. The no form of this command disables the admin status. The EdgePort parameter is controlled by the MSTP state machine and the Command Line Interface (CLI): •...

  • Page 169

    Multiple Spanning Tree Protocol (MSTP) Auto From the point of view of determining the value of the link-type, an MSTP port is considered to be connected to a point-to-point LAN segment if any of the following conditions are true: a) The port’s link-type is set to Auto, and the MST algorithm has determined that the LAN segment is to be operated in full duplex mode.

  • Page 170

    Example Comparison Between Nokia ESB26 and Cisco BPDU Formats: The following is an example of parsing two BPDUs. Table 14-7 displays a Nokia ESB26 generated BPDU that matches IEEE 802.1s. The BPDU includes two M-records. Table 14-8 displays an example of a Cisco BPDU.

  • Page 171

    Multiple Spanning Tree Protocol (MSTP) a2 00 00 00 00 00 14 00 01 69 60 01 00 07 eb d5 a2 00 00 00 00 00 60 01 00 07 eb d5 a2 00 80 01 14 00 Table 14-7 BiNOS BPDU Parsed Exactly According to IEEE 8021s B P D U F i e l d C o n t e n t ETH Dest.

  • Page 172

    Multiple Spanning Tree Protocol (MSTP) MSTI Regional Root Identifier 80 01 00 a0 12 11 29 92 MSTI Internal root path cost 00 00 00 00 MSTI Bridge Priority MSTI Port Priority MSTI Remaining hops MSTI2 Flags MSTI Regional Root Identifier 80 02 00 a0 12 11 29 92 MSTI Internal root path cost 00 00 00 00...

  • Page 173

    Multiple Spanning Tree Protocol (MSTP) MSTI configuration Identifier 00 00 00 00 00 00 00 00 00 00 first byte (Key, Revision, Name) 50 configuration is called selector, 00 00 00 00 00 00 00 00 00 00 Bytes. and is omitted (or over-ridden by the version 3 length field) 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 b1 f4 bb 1f 3c...

  • Page 174

    Multiple Spanning Tree Protocol (MSTP) Displaying the Temporary Configuration The show pending command, in Protocol MSTP Configuration mode, displays the temporary Multiple Spanning Tree Protocol (MSTP) configuration. The configuration displayed includes the region name, the MTSP revision number and the VLAN ID to MSTI mapping. Command Syntax device-name(cfg protocol mstp)#show pending Example...

  • Page 175

    Multiple Spanning Tree Protocol (MSTP) Example device-name#show mstp configuration Name [man] Revision 56 Instance Vlans mapped --------- -------------- 1-10,12-13 14-4094 ------------------------ Displaying the MSTP Configuration The show mstp command, in Protocol MSTP Configuration mode and Privileged (Enable) mode, displays the MSTP configuration and the MSTP ports state. Table 14-10 describes the parameters displayed by the show mstp command.

  • Page 176

    Multiple Spanning Tree Protocol (MSTP) ===================================================================== Port |Pri|Prt role|State|PCost |DCost |Designated bridge |DPrt --------+---+--------+-----+------+-------+------------------+------- 01/01/02 128 Boundary block 200000 0 32768.00A0120B0AFA 128.002 Table 14-10 MSTP Show Command Parameters P a r a m e t e r D e s c r i p t i o n Multiple spanning trees Indicates whether MSTP is enabled or disabled on the switch.

  • Page 177

    Multiple Spanning Tree Protocol (MSTP) MaxHopCount The number of hops in a region before the BPDU is discarded, and the information held for a port is aged. TxHoldCount The value used to limit the rate of at which packets are sent. This value is connected to the Port Transmit State Machine.

  • Page 178

    Multiple Spanning Tree Protocol (MSTP) Table 14-11 MSTP Show Instance Command Parameters P a r a m e t e r D e s c r i p t i o n Port Enable Indicates whether the port is enabled or disabled. Port Priority The port priority for this MST Instance.

  • Page 179

    Multiple Spanning Tree Protocol (MSTP) An example of the debug output is: tMstPIM: 1970/01/01 03:43:59 : Root port is now 1/1/11 For more information about the debug commands see "Debug Commands for Troubleshooting Network Problems". Table 14-12 MSTP Debug Commands C o m m a n d D e s c r i p t i o n debug mstp flush...

  • Page 180

    Multiple Spanning Tree Protocol (MSTP) By default, MSTP port roles debugging is disabled. Command Syntax device-name#debug mstp roles {all | <instance-id>} device-name#no debug mstp roles {all | <instance-id>} Argument Description Displays logs for all instances. instance-id The MST instance ID, the range is 0 to 15. Example device-name#debug mstp roles all MST MSTI...

  • Page 181

    Multiple Spanning Tree Protocol (MSTP) By default, MSTP PIM debugging is disabled. Command Syntax device-name#debug mstp pim {all|flags|events|stats} from <P > to <P > device-name#no debug mstp pim {all|flags|events|stats} Argument Description Displays logs of all three PIM options (flags, events, stats) for the specified port range. flags Displays only the PIM flags logs for the specified port range.

  • Page 182

    Multiple Spanning Tree Protocol (MSTP) Example device-name#debug mstp bpdu rx MstPRX: 1970/01/01 02:11:46 : Rcvd Mstp bpdu on port 1/2/2 tMstPRX: 1970/01/01 02:11:46 : ------------------------------- tMstPRX: 1970/01/01 02:11:47 : BPDU Protocol = 0 tMstPRX: 1970/01/01 02:11:47 : BPDU Version = 3 tMstPRX: 1970/01/01 02:11:47 : BPDU Type = 2 tMstPRX: 1970/01/01 02:11:47 : tMstPRX: 1970/01/01 02:11:47 : BPDU Flags = 0x6c...

  • Page 183

    Multiple Spanning Tree Protocol (MSTP) Debugging the MSTP TCM The debug mstp tcm command, in Privileged (Enable) mode, displays logs of the port Topology Change state Machine in the Multiple Spanning Tree Protocol (MSTP) for a specified port range. Use the no form of this command to disable the MSTP TCM debugging. The debug mstp tcm command will not be saved after reload.

  • Page 184

    Multiple Spanning Tree Protocol (MSTP) Example device-name#debug mstp roles all tSpanRecv: 1970/01/01 02:27:14 : link up on port 1/1/1 tMstPIM: 1970/01/01 02:27:14 : MST Cist Select-Port-Roles ========================== tMstPIM: 1970/01/01 02:27:14 : This bridge is the root tMstPIM: 1970/01/01 02:27:14 : Port 1/1/1 Is DesignatedPort tMstPIM: 1970/01/01 02:27:14 : Port 1/1/2 Is DesignatedPort tMstPIM: 1970/01/01 02:27:14 : End-Roles-Selection...

  • Page 185: Mstp Port Configuration

    Multiple Spanning Tree Protocol (MSTP) device-name(cfg protocol)#mstp device-name(cfg protocol mstp)#instance 1 vlan 1-10 2. Assign to the MSTP region the name region 1 and the revision number 1: device-name(cfg protocol mstp)#name region1 device-name(cfg protocol mstp)#revision 1 3. Display the temporary (pending) configuration: device-name(cfg protocol mstp)#show pending Pending MST configuration Name...

  • Page 186

    Multiple Spanning Tree Protocol (MSTP) Forward Transitions Port Role = Root Port Path Cost = 200000 CIST Root = 00000.000000000000 ExternalPortPathCost = 200000 Designated Root = 32768.00A012110708 Port Path Cost = 200000 Designated Bridge = 32768.00A01211227A Designated Port Id = 128.2 AdminEdgePort = disabled OperEdgePort...

  • Page 187: Network Configuration

    32768.00A01211227A 128.013 Network Configuration In the following example, four Nokia ESB26 switches are interconnected via VLANs V100 and V200 that are mapped to two MST instances on each switch. The example shows how redundancy is achieved with MSTP Figure 14-3 displays the connections schematically.

  • Page 188

    2. Enter into Protocol Configuration mode and enable the MSTP: device-name(config)#protocol device-name(cfg protocol)#mstp enable 3. Set priority 0 to MSTI 1 in order to force ESB26 1 to be the root of MSTI1: device-name(cfg protocol)#mstp 1 priority 0 4. Enter into Protocol MSTP Configuration mode: device-name(cfg protocol)#mstp 5.

  • Page 189

    Multiple Spanning Tree Protocol (MSTP) device-name(cfg protocol mstp)#instance 0 vlan 1-99,101-199,201-4094 device-name(cfg protocol mstp)#instance 1 vlan 100 device-name(cfg protocol mstp)#instance 2 vlan 200 Configuring Switch 3: 1. VLANs V100 and V200 are created on the switch and the appropriate ports are added to each VLAN: device-name#configure terminal device-name(config)#vlan...

  • Page 190

    Multiple Spanning Tree Protocol (MSTP) device-name(cfg protocol)#mstp 4. Add VLANs to MTSIs 0, 1 and 2: device-name(cfg protocol mstp)#instance 0 vlan 1-99,101-199,201-4094 device-name(cfg protocol mstp)#instance 1 vlan 100 device-name(cfg protocol mstp)#instance 2 vlan 200 After applying the configuration commands on all the switches as shown above and connecting the switches as shown in Figure 14-3, the following information will be displayed by the show mstp command on each of the switches: Displaying the Configuration on Switch 1:...

  • Page 191

    Multiple Spanning Tree Protocol (MSTP) TopChanges ========================================================================== Port |Pri|Prt role|State|PCost |DCost |Designated bridge |DPrt --------+---+--------+-----+---------+---------+------------------+------- 01/01/01 128 Designat frwrd 200000 0 32768.00A0120A0168 128.001 01/01/02 128 Designat frwrd 200000 0 32768.00A0120A0168 128.002 01/01/03 128 Root frwrd 200000 0 00000.00A00001090B 128.003 01/01/10 128 Designat frwrd 200000 0 32768.00A0120A0168 128.010 Displaying the Configuration on Switch 2:...

  • Page 192

    Multiple Spanning Tree Protocol (MSTP) Displaying the Configuration on Switch 3: device-name#show mstp Multiple spanning trees = enabled ProtocolSpecification = ieee8021s Priority TimeSinceTopologyChange = 0 (Sec) TopChanges CIST Root = 32768.00:A0:00:01:09:0B CIST Port = 01/01/02 CIST Cost MaxAge = 20 (Sec) HelloTime (Sec) ForwardDelay...

  • Page 193

    Multiple Spanning Tree Protocol (MSTP) TimeSinceTopologyChange = 0 (Sec) TopChanges CIST Root = 32768.00:A0:00:01:09:0B CIST Port = 01/01/01 CIST Cost MaxAge = 20 (Sec) HelloTime (Sec) ForwardDelay = 15 (Sec) BridgeMaxAge = 20 (Sec) BridgeHelloTime (Sec) BridgeForwardDelay = 15 (Sec) ProtoMigratioDelay (Sec) MaxHopCount...

  • Page 194

    Multiple Spanning Tree Protocol (MSTP) Figure 14-4 Link Failure Between Two Switches In this case, the show mstp command will show the following. On Switch 2 and Switch 4: The output displayed by the show mstp command will not be affected by the change. On Switch 1: device-name#show mstp Multiple spanning trees...

  • Page 195

    Multiple Spanning Tree Protocol (MSTP) VLAN mapped = 100 Regional Root = This bridge is the root RemainingHopCount = 40 TopChanges ========================================================================== Port |Pri|Prt role|State|PCost |DCost |Designated bridge |DPrt --------+---+--------+-----+---------+---------+------------------+------- 01/01/02 128 Designat frwrd 200000 0 00000.00A0120A0168 128.002 01/01/03 128 Designat frwrd 200000 0 00000.00A0120A0168 128.003 01/01/10 128 Designat frwrd...

  • Page 196

    Multiple Spanning Tree Protocol (MSTP) MST02 VLAN mapped = 200 Regional Root = 00002.00:A0:00:01:09:0B RemainingHopCount = 39 TopChanges ========================================================================== Port |Pri|Prt role|State|PCost |DCost |Designated bridge |DPrt --------+---+--------+-----+---------+---------+------------------+------- 01/01/02 128 Root frwrd 200000 0 00000.00A00001090B 128.001 01/01/10 128 Designat frwrd 200000 0 32768.00A012BBBBBB 128.010 MN700004 Rev 01...

  • Page 197: Garp Multicast Registration Protocol (gmrp), Introduction, Feature Overview

    15. GARP Multicast Registration Protocol (GMRP) Introduction GARP Multicast Registration Protocol (GMRP) is a Generic Attribute Registration Protocol (GARP) application that provides a constrained multicast flooding facility similar to IGMP snooping. GMRP and GARP are industry-standard protocols defined by the IEEE 802.1p. Feature Overview GMRP can register and deregister multicast group addresses at the MAC layer throughout the Layer 2 connected network.

  • Page 198: Default Gmrp Configuration, Supported Standards, Mibs And Rfcs, Prerequisites

    GARP Multicast Registration Protocol (GMRP) Supported Standards, MIBs and RFCs Standards IEEE 802.1Q IEEE 802.1D MIBs IEEE 802.1Q RFCs No RFCs are supported by this feature. Prerequisites When Link Aggregation is configured, all the multicast traffic is passed on the master port. For more information about Link Aggregation, refer to the Link Aggregation Groups (LAGs) chapter.

  • Page 199: Configuring And Displaying Gmrp

    GARP Multicast Registration Protocol (GMRP) Configuring and Displaying GMRP Table 15-2 lists the GMRP commands. Table 15-2 GMRP Commands C o m m a n d D e s c r i p t i o n show gmrp Displays GMRP status. gmrp Changes the GMRP status.

  • Page 200

    GARP Multicast Registration Protocol (GMRP) Argument Description enable Enable GMRP. disable Disable GMRP. Example device-name(config)#protocol device-name(cfg protocol)#gmrp enable device-name(cfg protocol)#end device-name#show gmrp GMRP enabled Related Commands The table below shows the GMRP-related commands. Table 15-3 GMRP-Related Commands C o m m a n d D e s c r i p t i o n D e s c r i b e d i n garp timer...

  • Page 201: Garp Vlan Registration Protocol (gvrp), Introduction, Configuring And Displaying Gvrp Settings

    16. GARP VLAN Registration Protocol (GVRP) Introduction GVRP (GARP VLAN Registration Protocol) is part of the IEEE 802.1Q standard for Virtual Bridged LANs, sponsored by the LAN MAN standards Committee of the IEEE Computer Society. The GVRP protocol allows a LAN device to notify neighbors that it is prepared to receive packets for one or more VLANs.

  • Page 202: Show Gvrp

    GVRP enabled The message that appears on the screen reports the number of VLANs that the switch can support. The ESB26 is limited to 64 VLANs. To enable GVRP, enter y (otherwise, GVRP will not be enabled). MN700004 Rev 01...

  • Page 203: Garp Timer, Show Garp Timer

    GARP VLAN Registration Protocol (GVRP) no gvrp The no gvrp command, in Protocol Configuration mode, changes the switch’s GVRP status to disable. This command is equivalent to gvrp disable. Command Syntax device-name(cfg protocol)#no gvrp garp timer The garp timer command, in Protocol Configuration mode, sets the GARP timer values. The no form of this command resets the specified timer to its default vallue if possible (see the <300- argument parameter described below).

  • Page 204

    GARP VLAN Registration Protocol (GVRP) Example device-name#show garp timer GARP enabled =============================== Timer | Value (milliseconds) ------------------------------- Join Leave LeaveAll 10000 device-name# port gvrp enable / disable The port gvrp enable/disable command, in Interface Configuration mode, changes the port GVRP status to enable or disable, respectively. Disabling GVRP on a port will disable GVRP packets transmit from that port.

  • Page 205: Virtual Lans (vlans), Introduction, Benefits Of Using Vlans, Vlan Types

    17. Virtual LANs (VLANs) Introduction A VLAN is a logical collection of endpoint devices, typically referred to as either clients or servers that can be located anywhere in a network, but communicate as if they were on the same physical segment. Segments are flexible user groups that you create with the command- line interface.

  • Page 206: Uses Of Tagged Vlans

    Virtual LANs (VLANs) based VLAN, BiNOS follows the 802.1Q standard that lets you assign a single switch port to two or more VLANs. Tagging VLANs Tagging is a process that inserts a marker (called a tag) into the Ethernet frame. The tag contains the identification number of a specific VLAN, called the VLAN ID.

  • Page 207: Assigning A Vlan Tag

    Virtual LANs (VLANs) Figure 17-1 VLAN Spanning Two Switches The switch-to-switch connections are typically called trunks. Using tags, multiple VLANs can span multiple switches using one or more trunks. In a port-based VLAN, each VLAN requires its own pair of trunk ports. Using tags, multiple VLANs can span two switches with a single trunk.

  • Page 208: Description Of Commands

    Virtual LANs (VLANs) Description of Commands Commands to Display the VLAN Configuration Figure 17-1 summarizes the commands available for displaying the VLANs. You can use the show command (with no arguments) in the general VLAN configuration mode or in a specific VLAN configuration mode to display the VLAN configuration.

  • Page 209

    Virtual LANs (VLANs) show vlan dynamic The show vlan dynamic command, in Privileged (Enable) mode, displays information regarding the dynamic VLANs learned by the GVRP. Command Syntax device-name#show vlan dynamic Commands to Configure VLAN Settings BiNOS allows you to configure 802.1Q-compatible VLANs. Compatibility with the 802.1Q standard lets you assign a single switch port to two or more VLANs, while still allowing for interfacing with older switches that require a separate port for each VLAN.

  • Page 210

    Virtual LANs (VLANs) In port-based VLAN classification within a switch, the VLAN ID associated with an untagged or priority-tagged frame (i.e., a frame without a tag header, or with a tag header that carries the null VLAN ID) is determined, based on the frame’s port of arrival into the switch. This classification mechanism requires the association of a specific VLAN ID, the Port VLAN Identifier, or PVID, with each of the switch’s ports.

  • Page 211

    Virtual LANs (VLANs) Table 17-4 summarizes the commands that are available in the global Configuration mode. Table 17-4 Commands in Global Configuration Mode C o m m a n d D e s c r i p t i o n vlan Changes the mode from the global Configuration to VLAN Configuration mode.

  • Page 212

    Virtual LANs (VLANs) Argument Description NAME VLAN name of an existing VLAN. Example device-name(config vlan)#delete accounting This example deletes the VLAN named accounting. delete id The delete id command, in VLAN Configuration mode, deletes the VLAN specified by its VLAN ID. Command Syntax device-name(config vlan)#delete id <vlan-id>...

  • Page 213

    Virtual LANs (VLANs) UU – (1 or 2-digit unit number) specifying all ports on unit; UU/SS – (unit and slot number) specifying all ports on slot; A hyphenated range of ports, e.g. - 1/1/9-1/1/16 or 1/2-1/3. Several port numbers and/or ranges, separated by commas, e.g. 1/1, 1/1/3-1/1/6, 1/1/8.

  • Page 214

    Virtual LANs (VLANs) ====================================================================== Name |VTag| Tagged ports | Untagged ports --------------------+----+---------------------+--------------- default |1/1/1-1/1/26 Vlan_19 |1/1/1-1/1/3 Vlan_20 |1/1/1-1/1/3 config The config command, in VLAN Configuration mode, changes the mode to Configuration mode of a specific VLAN. You can also use this command in a specific VLAN Configuration mode to switch the Configuration mode to another specific VLAN.

  • Page 215

    Virtual LANs (VLANs) • UU – (1 or 2-digit unit number) specifying all ports on unit; • UU/SS – (unit and slot number) specifying all ports on slot; • A hyphenated range of ports, e.g. - 1/1/9-1/1/16; • Several port numbers and/or ranges, separated by commas, e.g. – 1/1/1, 1/1/3- 1/1/6, 1/1/8.

  • Page 216

    Virtual LANs (VLANs) Example The following commands configure port 1/1/1 as an untagged member in vlan_2, vlan_3 and vlan_4, that have VLAN IDs 2, 3 and 4 respectively. The add ports command in vlan_3 configuration mode assigns the VLAN ID of vlan_3, (which is 3) as PVID of port 1/1/1. device-name(config vlan)#create range 2 4 device-name(config vlan)#config vlan_2 device-name(config-vlan vlan_2)#add ports 1/1/1-1/1/3 untagged...

  • Page 217

    Virtual LANs (VLANs) Command Syntax device-name(config-vlan VLAN-NAME)#remove ports default PORT-LIST config-dynamic The config-dynamic command, in VLAN Configuration mode, changes the mode to configuration mode of a specific dynamic VLAN to static mode. You can also use this command in a specific VLAN Configuration mode. This command will switch the Configuration mode to the new VLAN configuration mode.

  • Page 218

    Virtual LANs (VLANs) If VLAN management is disabled, the following will be disallowed: • Telnet to the switch • SSH to the switch • SNMP management • Ping to the switch • TFTP download or upload Command Syntax device-name(config vlan)#management VLAN-list Argument Description VLAN-list List of VLAN IDs, in the form {k|k1-k2} [, {l | l1-l2}[,{m|m1-m2}[,…...

  • Page 219

    Virtual LANs (VLANs) device-name(config)#vlan device-name(config vlan)#no management 1,3-4094 device-name(config vlan)#create manage 2 device-name(config vlan)#config manage device-name(config-vlan manage)#add ports 1/1/2 untagged device-name(config-vlan manage)#add ports default 1/1/2 device-name(config-vlan manage)#exit device-name(config vlan)#create v100 100 device-name(config vlan)#config v100 device-name(config-vlan v100)#add ports 1/1/3 untagged device-name(config-vlan v100)#add ports default 1/1/3 device-name(config-vlan v100)#add ports 1/1/10 tagged device-name(config-vlan v100)#exit device-name(config vlan)#create v101 101...

  • Page 220: Quality Of Service, Introduction, Feature Overview

    18. Quality of Service Introduction Today’s networks transmit data streams for various applications using many different protocols. Different types of traffic sharing a data path through the network can interact in ways that affect their application performance. Traffic prioritization becomes especially important when delay-sensitive, interactive applications are supported across the network.

  • Page 221

    Sorting Packets for QoS Handling Packet Sorting by 802.1p Priority Values Nokia ESB26 supports the standard 802.1p priority bits that are part of a tagged Ethernet packet. The 802.1p bits can be used to prioritize the packet. When a packet arrives at the switch, the switch examines the 802.1p priority field and assigns the packet to a specific QoS queue for transmission.

  • Page 222

    Quality of Service Figure 18-1 802.1p Priority Header Fields When the switch detects ingress traffic that contains 802.1p prioritization information, the traffic is mapped to various hardware queues on the egress port of the switch. The transmitting hardware queue determines the bandwidth management and priority characteristics used when transmitting packets.

  • Page 223

    Quality of Service NOTE When changing the priority on the port the priority of the dynamic MAC address is also changes. Traffic Scheduling Congestion management features allow you to control congestion by determining the order in which packets are transmitted based on priorities assigned to those packets. Congestion management entails the creation of queues, assignment of packets to those queues based on the packet’s classification, and scheduling of the packets in a queue for transmission.

  • Page 224

    Quality of Service Figure 18-2 Strict Priority Queuing Benefits of SP Queuing SP provides absolute preferential treatment to high priority traffic, ensuring that mission- critical traffic traversing various WAN links gets priority treatment. In addition, SP provides a faster response time than do other methods of queuing. Weighted Round Robin (WRR) In this scheduling method, a weighting factor for each queue determines how many bytes of data the system delivers from the queue before it moves on to the next queue.

  • Page 225

    Quality of Service is serviced again. A better solution is to specify 500-byte, 600-byte, and 500-byte counts for the queue. This configuration results in a ratio of 31/38/31, which may be acceptable. In order to service queues in a timely manner and ensure that the configured bandwidth allocation is as close as possible to the required bandwidth allocation, you should cross-check the byte count resulting from each protocol’s packet size, otherwise the results may not match what you wish to configure.

  • Page 226

    Quality of Service respectively, from each queue. These are the byte counts you would specify in your custom queuing configuration. To determine the bandwidth distribution this ratio represents, first determine the total number of bytes sent after traffic serviced on all of the three queues: (1 x 1086) + (12 x 291) + (2 x 831) = 1086 + 3492 + 1662 = 6240 Then determine the percentage of the total number of bytes sent from each queue: 1086/6240, 3492/6240, 1662/6240 = 17.4, 56, and 26.6 percent...

  • Page 227: Default Qos Configuration, Supported Standards, Mibs And Rfcs

    Quality of Service impaired, since UDP does not use the "slow start" flow control mechanism that is used by TCP. Output Traffic Shaping When congestion occurs, the packets are transmitted on the outgoing interface and the assigned queues. Traffic shaping allows you to shape output traffic (egress traffic) on a per- port basis and also per queue on the port.

  • Page 228

    Quality of Service QoS scheduling algorithm Strict Priority Port Priority Port override Port’s congestion-avoidance algorithm. Tail-drop Drop level per user priority Green MAC address priority Traffic shaping Disabled Table 18-2 Default Queue to Priority Assignment P r i o r i t y Q u e u e MN700004 Rev 01...

  • Page 229: Configuring Quality Of Service Features

    Quality of Service Table 18-3 Default Priority to Queue Assignment Q u e u e P r i o r i t y Configuring Quality of Service Features To set the QoS, proceed as follows: • To configure mapping of the 802.1p priroity levels to internal transmit queue values, see "Configuring Priority Value Mapping to QoS Queues".

  • Page 230

    Quality of Service qos remark Changes the 802.1p priority of each tagged outgoing packet as it leaves the switch, by assigning an 802.1p priority level to each transmission queue. show qos priority-txq- Displays the priority mapping assignments. Configuring Priority Value Mapping to QoS Queues The qos map command, in Global Configuration mode, assigns 802.1p priority level to the Transmit-Queue mapping.

  • Page 231

    Quality of Service Replacing 802.1p Priority Information in Transmitted Packets The qos remark command, in Global Configuration mode, changes the 802.1p priority of each tagged outgoing packet as it leaves the switch, by assigning an 802.1p priority level to each transmission queue. All tagged packets leaving the switch through this queue are re- marked with the specified priority.

  • Page 232

    Quality of Service device-name(config)#qos remark 3 txq1 device-name(config)#qos remark 5 txq2 device-name(config)#exit device-name#show qos priority-txq-map remark ================================= priority-level | txq ----------------+---------------- Displaying the Mapping Assignments The show qos priority-txq-map command, in Privileged (Enable) mode, displays the priority mapping. When the argument remark is in use the command will display the reassigned priority level (for re-marking) per each output queue.

  • Page 233

    Quality of Service level. Untagged frames (that have no assigned priority) will obtain the priority assigned to them by this command. By default, all the ports are assigned with priority 0, no override option is assigned and the congestion-avoidance algorithm is Tail-drop. Command Syntax device-name(config-if UU/SS/PP)#qos priority <priority>...

  • Page 234

    Quality of Service • To view the priority assignment for the MAC addresses, use the show mac-address- table command in Privileged (Enable) mode. • To clear the MAC addresses with the priority assignment you can also use the clear mac-address-table command in Privileged (Enable) mode and the no mac-address- table command in Global Configuration mode.

  • Page 235

    Quality of Service Command Syntax device-name(config)#qos drop-level priority <priority> {green|yellow|red} device-name(config)#no qos drop-level priority Argument Description priority Priority level value in the range <0-7>. green Conforming precedence level. yellow Last conforming precedence level. Non conforming precedence level. Example The following example configures the drop level priority 1, 2 and 3 and sets the precedence level.

  • Page 236

    Quality of Service device-name(config-if UU/PP/SS)#no qos shaper [queue <value>] Argument Description queue <value> (Optional). The transmit queue with value in range of <0-7>. rate <rate-size> The shaping rate in bps, represented by an integer followed by k, m or g (Kilobits, Megabits or Gigabits per second) in the range <650Kbps –...

  • Page 237

    Quality of Service ============================================================ Interface | priority-level | txq | override | Drop Algorit ----------+-----------------+------+----------+------------- 1/ 1/ 1 | yes | GRED 1/ 1/ 2 | no | Tail-Drop 1/ 1/ 3 | no | Tail-Drop … 1/ 1/48 | no | Tail-Drop 1/ 2/ 1 | no...

  • Page 238

    Quality of Service QoS Scheduling Commands A QoS scheduling command overrides any previous QoS scheduling command applied to the configured interface, globally or specifically. This means that: If you configure QoS in Global Configuration mode, and subsequently configure a specific port in Interface Configuration mode, the last configuration is applied to the specific interface.

  • Page 239

    Quality of Service Command Syntax device-name(config)#qos scheduling wrr <txq0-weight> <txq1-weight> <txq2- weight> <txq3-weight> <txq4-weight> <txq5-weight> <txq6-weight> <txq7-weight> Argument Description <txq0-weight> … The weights assigned to the transmit queues. The eight values must be <txq7-weight> positive and add up to 10 or 100. Example The following example assigns weights 1, 1, 1, 1, 2, 2, 1, 1 to transmit queues txq0 to txq7 respectively on all ports.

  • Page 240

    Quality of Service Example The following example configures hybrid-1 scheduling on port 1/1/3. The show qos scheduling command displays the results on the specified port. device-name(config)#int 1/1/3 device-name(config-if 1/1/3)#qos scheduling hybrid-1 1 1 2 2 2 1 1 device-name(config-if 1/1/3)#end device-name#show qos scheduling 1/1/3 =============================================================== Interface | scheduling |txq0|txq1|txq2|txq3|txq4|txq5|txq6|txq7...

  • Page 241

    Quality of Service In the third hybrid algorithm, txq5, txq6 and txq7 are set to behave according to strict priority scheduling, and the rest of the queues behave according to Weighted Round Robin (WRR). According to this configuration: • tqx7 is serviced as long as it has packets for transmission. •...

  • Page 242

    Quality of Service Argument Description <txq0-weight> … The weights assigned to the weighted transmit queues. The values must be <txq3-weight> positive and add up to 10 or 100. Example The following example configures hybrid-4 scheduling on port 1/1/4. The show qos scheduling command displays the results on the specified port.

  • Page 243

    Quality of Service Configuring Hybrid-6 QoS Queue Handling The qos scheduling hybrid-6 command, in Global Configuration or Interface Configuration mode, is used to apply and configure the sixth hybrid QoS algorithm. In the sixth hybrid algorithm, txq2, txq3, txq4, txq5, txq6 and txq7 are set to behave according to strict priority scheduling, and the rest of the queues behave according to Weighted Round Robin (WRR).

  • Page 244

    Quality of Service Related Commands Table 18-8 shows commands related to QoS configuration. Table 18-8 QoS Related Commands C o m m a n d D e s c r i p t i o n D e s c r i b e d i n clear mac-address- Clears the specified MAC addresses.

  • Page 245: Dhcp Client, Dhcp Overview

    IP address assignments outside of the DHCP mechanisms. The Nokia ESB26 switch uses two bytes in the client-identifier field of the DHCP message to identify the location of the chassis and the slot that contains the switch. The location is specified by a twelve-bit number and the slot number is specified by a four-bit number.

  • Page 246: The Esb26 Startup Process

    DHCP Client The ESB26 Startup Process When the Nokia ESB26 switch resets or is powered on, it first checks whether it has a valid startup configuration file. If the configuration file exists and verifies OK, the further startup process depends on whether or not DHCP is enabled on the switch.

  • Page 247: The Dhcp Negotiation Process

    DHCP Client The No IP Error Scenario The above behavior of the DHCP client assumes that it has successfully received an IP address from the DHCP server. If, however, the IP address has not been received, the DHCP client will keep re-sending the request at predefined time intervals until it eventually manages to negotiate an IP address.

  • Page 248

    DHCP Client Figure 19-2 Schematic Representation of the Boot Process (continued on the next page) MN700004 Rev 01...

  • Page 249

    DHCP Client The client may suggest values for the IP address and lease time in the DHCPDISCOVER message. The client may include the requested IP address option to suggest that a particular IP address be assigned, and may include the IP address lease time option to suggest the lease time it would like to have.

  • Page 250: Configuring The Dhcp Client

    Sets the DHCPDISCOVER message retransmission timeout. show dhcp-client Displays the DHCP client configuration. show positioning Displays the slot and location of the Nokia ESB26 switch. dhcp-client save-config Saves the configuration file that is loaded from a TFTP server. Enabling the DHCP Client The ip address dhcp command, in Global Configuration mode, provides the switch with its IP configuration information dynamically.

  • Page 251

    DHCP Client form of this command stops the DHCP client and restores the IP address, subnet mask and IP gateway to their default values (using the command ip address). By default, the dynamic address allocation is enabled. To see the allocated IP address, use the show ip command in Privileged (Enable) mode. Command Syntax device-name(config)#ip address dhcp [A.B.C.D] device-name(config)#no ip address dhcp...

  • Page 252

    DHCP Client Command Syntax device-name(config)#dhcp-client save-config [on|off] Displaying the DHCP Client Configuration The show dhcp-client command, in Privileged (Enable) mode, displays the DHCP client status and the DISCOVER message timeout. Command Syntax device-name#show dhcp-client Example device-name(config)#ip address dhcp device-name(config)#exit device-name#show dhcp-client DHCP client is active IP address is acquired by DHCP DISCOVER messages retransmission timeout is infinite...

  • Page 253: Configuration Example

    DHCP Client Configuration Example Figure 19-3 shows a simple network diagram of a DHCP client on an Ethernet LAN. Figure 19-3 Topology Showing DHCP Client with Ethernet Interface 1. The following command enables DHCP client configuration: device-name(config)#ip address dhcp 2. The following command displays the DHCP Client Configuration: device-name(config)#exit device-name#show dhcp-client DHCP client is active...

  • Page 254: Igmp Snooping, Introduction, Joining A Multicast Group, Leaving A Multicast Group

    20. IGMP Snooping Introduction The BiNOS switch can use IGMP (Internet Group Management Protocol) snooping to constrain the flooding of multicast traffic. This is done by dynamically configuring physical interfaces to forward multicast traffic only to interfaces that are associated with IP multicast devices.

  • Page 255: Immediate-leave Processing, Igmp Snooping Commands

    IGMP Snooping traffic to the VLAN. The switch forwards multicast group traffic only to those hosts listed in the forwarding table for that multicast group. When hosts want to leave a multicast group, they can leave silently or send a leave message. When the switch receives a leave message from a host, it sends out a MAC-based general query to determine if any other devices connected to that interface are interested in traffic for the specific multicast group.

  • Page 256: Ip Igmp Snooping, Ip Igmp Snooping Vlan

    IGMP Snooping show ip igmp snooping router-timers Displays the multicast router timer (RFC 2236) to synchronize IGMP snooping. show ip igmp snooping send-query Displays Query sending parameters. show mac-address-table multicast Displays MAC address table entries for a VLAN. igmp show ip igmp snooping statistics Displays Statistics from IGMP snooping.

  • Page 257: Ip Igmp Snooping Vlan Mrouter, Ip Igmp Snooping Vlan Static

    IGMP Snooping Example device-name(config)#ip igmp snooping vlan 200 ip igmp snooping vlan mrouter The ip igmp snooping vlan mrouter command, in Global Configuration mode, adds a multicast router port (adds a static connection to a multicast router) to a specific VLAN. To remove the multicast router port definition on the specific VLAN, use the no form of this command.

  • Page 258

    IGMP Snooping PORT-LIST Port list, of the form: u[[/s[/p]]][-u[[/s[/p]]][,u[[/s[/p]]]]]... Where u, s and p represent a 1- or 2-digit unit number, slot number and port number respectively. You can specify: u for all ports on unit number u; u/s for all ports on slot number s on unit u; u/s/p for port p on slot s on unit u;...

  • Page 259

    IGMP Snooping Argument Description PORT-LIST Port list, of the form u[[/s[/p]]][-u[[/s[/p]]][,u[[/s[/p]]]]]... Where u, s and p represent a 1- or 2-digit unit number, slot number and port number respectively. You can specify: • u for all ports on unit number u; •...

  • Page 260

    IGMP Snooping 1. Sends a specific query for that group, with the response time field set to 10 seconds. 2. Waits 120 seconds 3. If no join packet is received – the switch sends a specific query for that group with the response time field set to 10 seconds.

  • Page 261: Show Ip Igmp Snooping

    IGMP Snooping Command Syntax device-name(config)#ip igmp snooping send-query vlan <vlan-id> interface PORT-LIST [group A.B.C.D] [query-interval <query-interval-value>] [response-time <response-time-value>] device-name(config)#no ip igmp snooping send-query vlan <vlan-id> interface PORT-LIST Argument Description vlan <vlan-id> Query VLAN tag number in range <1-4094>. interface PORT-LIST Query port list distribution.

  • Page 262: Show Ip Igmp Snooping Mrouter

    IGMP Snooping Argument Description vlan-id (Optional) <1-4094> VLAN id value Example device-name#show ip igmp snooping vlan 1 IGMP snooping is globally enabled. IGMP snooping is enabled on this VLAN. IGMP snooping immediate-leave is disabled on this Vlan. Group Addr Port Type 235.80.68.83 1/1/1...

  • Page 263

    IGMP Snooping Argument Description query Displays the time interval, in seconds, between two specific queries. responses Displays the expected response time, in seconds, for answering a specific query. robustness Displays the number specific query packets sent by the switch. Example The following example displays static and dynamic multicast router interfaces for all VLANs.

  • Page 264: Show Ip Igmp Statistics

    IGMP Snooping vlan mac address ! type !ports -------+-------------------------+-----------+-------------- 0001 01:00:5e:00:00:00 user 1/1/2 0001 01:00:5e:00:00:00 igmp 1/1/5 0001 01:00:5e:00:01:29 igmp 1/1/2,1/1/4,1/1/5,1/1/8 0001 01:00:5e:11:11:11 user 1/1/1,1/1/3 0001 01:00:5e:11:11:11 igmp 1/1/2 device-name#show mac-address-table multicast igmp count multicast mac entries : 5 device-name#show mac-address-table multicast igmp vlan 1 count multicast mac entries for vid 1 : 5 Commands to Show and Clear IGMP Statistics Counters To display the IGMP Statistics Counters use the following commands.

  • Page 265

    IGMP Snooping leaves Clears the leave packets received counter ports Clears the registered ports counter queries Clears the query packets received counter reports Clears the report packets received counter MN700004 Rev 01...

  • Page 266: Multicast Vlan Registration (mvr), Introduction

    21. Multicast VLAN Registration (MVR) Introduction MVR (Multicast VLAN Registration) is designed to serve two purposes: • To enable efficient, secure multicast data flow across VLANs in a simple configuration. • To support dynamic join to multicast groups, in order to enable channel zapping.

  • Page 267

    Multicast VLAN Registration (MVR) Figure 21-1 Example of an MVR Configuration This setup allows cross-VLAN multicast frames to be sent from VLAN 2 to users on other VLANs through registered receiver ports. Description of Commands MVR Global Configuration Commands Table 21-1 summarizes the MVR configuration commands available in global Configuration mode.

  • Page 268: Mvr Mode

    Multicast VLAN Registration (MVR) The mvr command, in Global Configuration mode, enables MVR. The no form of this command disables MVR. By default, MVR is disabled. When you disable MVR, the entire MVR configuration is erased. Command Syntax device-name(config)#mvr device-name(config)#no mvr Example See the examples below.

  • Page 269: Mvr Group, Mvr Querytime

    Multicast VLAN Registration (MVR) mvr group The mvr group command, in Global Configuration mode, statically configures an MVR group IP multicast address on the switch. form of this command, with an IP address specified, removes the specified statically configured IP multicast. If no IP address is specified, the form of this command removes all statically configured MVR IP multicast addresses.

  • Page 270: Mvr Vlan

    Multicast VLAN Registration (MVR) Argument Description value The response time in seconds. The default is 10 seconds. The allowed range is 1-25 seconds. Example See the examples below. mvr vlan The mvr querytime command, in Global Configuration mode, specifies the ID of the VLAN on which reception of MVR multicast data is expected (the source-port VLAN ID).

  • Page 271: Mvr Type

    Multicast VLAN Registration (MVR) address: device-name(config)#no mvr group 228.1.23.1 7. The following example shows how to delete all previously configured IP multicast addresses: device-name(config)#no mvr group 8. The following example shows how to set the maximum query response time to 15 seconds: device-name(config)#mvr querytime 15 9.

  • Page 272: Mvr Immediate

    Multicast VLAN Registration (MVR) See the Note below. receiver Configure the port as a subscriber port that can receive multicast data. NOTE If mvr type is not specified, this port is a receiver port. If the queries and the multicast data are received from different ports, configure the port from which the queries are received as the source port.

  • Page 273: Show Mvr

    Multicast VLAN Registration (MVR) Example See the examples below. no mvr The no mvr command, in Interface Configuration mode, removes the MVR configuration from the specified port. Command Syntax device-name(config-if UU/SS/PP)#no mvr Examples 1. The following example shows how to configure port 1/1/1 as an MVR receiver port: device-name(config)#interface 1/1/1 device-name(config-if 1/1/1)#mvr type receiver 2.

  • Page 274: Show Mvr Interface, Show Mvr Members

    Multicast VLAN Registration (MVR) • MVR multicast vlan ID • Maximum number of MVR multicast groups • Current number of MVR multicast groups • Current MVR Query response time (configured or received online from the query router) • Configured MVR mode (Static or Dynamic) Command Syntax device-name#show mvr Example...

  • Page 275

    Multicast VLAN Registration (MVR) MVR Group | Active Interface List ------------+------------------------------------------------ 224.0.0.3 1/1/1, 1/1/2, 1/1/4 224.0.0.4 none MN700004 Rev 01...

  • Page 276: Transparent Lan Services (tls), Introduction, Feature Overview

    22. Transparent LAN Services (TLS) Introduction Service providers are discovering significant new revenue opportunities with Layer 2 services that extend customer LANs across geographically dispersed sites. Using metro Ethernet technology, service providers can offer services that connect multiple enterprise customer offices at Ethernet’s 10-Mbps up to 1-Gbps LAN speeds.

  • Page 277

    Transparent LAN Services (TLS) Figure 22-1 Schematic TLS Representation The 802.1Q VLAN-ID tag (VID) in the user's traffic is transparent to the switches. This allows all the CE switches to behave as if attached to a shared LAN. Two types of ports are defined in the network switches deployed by the service provider: •...

  • Page 278: Default Tls Configuration, Prerequisites, Configuring And Displaying Tls

    Transparent LAN Services (TLS) MIBs No MIBs are supported by this feature. RFCs No RFCs are supported by this feature. Prerequisites When TLS is enabled, the priority classification on the received traffic is disabled and all the packets are assigned the port's default priority. The packet's priority can also be based on the IP ToS field.

  • Page 279

    Transparent LAN Services (TLS) Configuring TLS To set the TLS, proceed as follows: 1. Enable TLS. See Enabling/Disabling the TLS. 2. Set the EtherType if you want settings other than the default. See Error! Reference source not found.. 3. Set the uplink ports. See Assigning the TLS Uplink to an Interface. NOTE By default, all the ports are set as TLS users.

  • Page 280

    Transparent LAN Services (TLS) NOTE The TLS must be enabled before executing this command. To enable the TLS use the tls enable command in Global configuration mode. Command Syntax device-name(config)#tls ethertype <number> Argument Description number Hexadecimal VLAN EtherType value. Assigning the TLS Uplink to an Interface The tls uplink command in Interface Configuration mode, assigns the TLS uplink to the configured interface.

  • Page 281: Jumbo Frame Commands

    Transparent LAN Services (TLS) Example device-name#show tls TLS is enabled TLS EtherType 0x7000 interface 1/2/1 TLS uplink Jumbo Frame Commands Table 22-4 Jumbo Frame Commands lists the jumbo frame configuring and displaying commands. Table 22-4 Jumbo Frame Commands C o m m a n d D e s c r i p t i o n tls jumbo-frame Enables jumbo frame.

  • Page 282

    Transparent LAN Services (TLS) Example device-name#show tls jumbo-frame tls Jumbo frame is on Configuration Example Figure 22-2 shows an example of an interface TLS configuration. The configuration for the PE switches is the same. In this example, the users cannot communicate with each other. Figure 22-2 TLS Interface Example 1.

  • Page 283: Software Upgrade And Reboot Options, Overview, Description Of Commands

    23. Software Upgrade and Reboot Options Overview The following kinds of commands are discussed in this chapter: • Copy commands – These commands allow you to download or save startup and running configurations. • Write commands – These commands allow you to display information on the current configuration, store the current configuration on the switch's NVRAM, or reload the factory-default configuration settings.

  • Page 284

    Software Upgrade and Reboot Options C o m m a n d D e s c r i p t i o n copy running-config Loads a running-configuration with the specified file name, from a download-from remote server with the specified IP address. copy running-config Saves the running configuration on the remote server with the upload-to...

  • Page 285

    Software Upgrade and Reboot Options Example The following command downloads the new software-version file named VER123 located on C:/ on the TFTP server at IP address 192.192.54.0 and saves it as a primary application. device-name#copy application primary 192.192.54.0 c:/VER123 copy startup-config download-from The copy startup-config download-from command, in Privileged (Enable) mode, loads a start-up configuration specified by file name from a remote server specified by IP address.

  • Page 286

    Software Upgrade and Reboot Options copy running-config startup-config The copy running-config startup-config command, in Privileged (Enable) mode, saves the running-configuration as the startup configuration. This is the configuration that will be saved and loaded each time power to the unit is turned on. The command is equivalent to the write memory command.

  • Page 287

    Software Upgrade and Reboot Options TARGET_FILE The path and name given to the target file on the TFTP server. Note that the path specification and any file-name limitations may depend on the software running on the TFTP server. Example The following command uploads the running-configuration to a new file named RUN002, on C:/ on the TFTP server at IP address 192.192.54.0.

  • Page 288: Write Terminal

    Software Upgrade and Reboot Options • Reload factory-default configuration settings; • Store the unit’s current configuration on the NVRAM of the switch. Table 23-2 Write Commands C o m m a n d D e s c r i p t i o n write terminal Displays detailed information regarding the current configuration of the unit on the terminal monitor.

  • Page 289: Write Erase, Write Memory

    Software Upgrade and Reboot Options write erase The write erase command, in Privileged (Enable) mode, erases the current configuration of the unit stored on the NVRAM of the switch. The start-up configuration file is set to factory- default values. This command is similar to reload to-defaults, except that it does not restart the switch. Command Syntax device-name#write erase write memory...

  • Page 290: Boot Mode

    Software Upgrade and Reboot Options saving the current configuration to the NVRAM. When used without arguments, the command functions as the reload save command. When you use the reload command, the software requests confirmation before it closes down. Command Syntax device-name#reload [save|no-save] Argument Description save...

  • Page 291: Show Commands

    NVRAM (configured information that is saved when the power to the switch is turned off). Command Syntax device-name#show startup-config Example device-name#show startup-config ! NVRAM Configuration: ! ESB26 Version 3.3.0 Further information displayed includes the following: • IP Address • SNMP Server Configuration •...

  • Page 292

    The command is equivalent to the write terminal command. Command Syntax device-name#show running-config Example device-name#show running-config building the configuration ... ! current configuration: ! ESB26 Version 3.3.0 Further information displayed includes the following: • IP Address • SNMP Server Configuration •...

  • Page 293: File System For Configuration Script Files, Introduction, Script-file Commands

    • View the contents of script files. Script files are stored in the ESB26 file system. You can show a list of the files stored in the file system, and you can clean the entire file system. The reload to-defaults command (in Privileged mode - clears system data from NVRAM and reboots) does not affect the contents of the file system.

  • Page 294

    File System for Configuration Script Files C o m m a n d D e s c r i p t i o n delete Deletes the specified file from the file system. Displays the names and lengths of all files in the script file system. This command is an alias of the show script file system command.

  • Page 295

    File System for Configuration Script Files saving script file "running_config" to file system... done copy-from startup-config The copy-from startup-config command, in Script-file-system Configuration mode, copies the startup configuration into the specified file. If a file name is not specified, the command copies the startup configuration into a file with a default name (startup-config), created in the script file system.

  • Page 296

    File System for Configuration Script Files This command is equivalent to the show script-file-system command, but is available only in script file system configuration mode. Command Syntax device-name(config script-file-system)#dir Example device-name(config script-file-system)#dir ==================================================== name size ------+--------------------------------------------- 1 | run_cnf1 2 | run_cnf2 3 | test1 ==================================================== display...

  • Page 297

    File System for Configuration Script Files Argument Description A.B.C.D The IP address of the TFTP server. SOURCE-FILE The name of the source file that is copied from the TFTP server. DEST-FILE (Optional) The name of the destination file, in the script file system. If the name is not specified, the file is stored with the SOURCE-FILE name.

  • Page 298

    File System for Configuration Script Files The run command, in Script-file-system Configuration mode, executes the CLI commands contained in the specified script file (as a batch file). Before execution, a warning is issued requesting your confirmation to execute the batch configuration commands.

  • Page 299

    File System for Configuration Script Files Command Syntax device-name(config script-file-system)#upload-to A.B.C.D SOURCE-FILE [DEST- FILE] Argument Description A.B.C.D The IP address of the TFTP server. SOURCE-FILE The name of the source file that is copied from the script file system. DEST-FILE (Optional) The name of the destination file, in the TFTP server.

  • Page 300: Status Monitoring, Statistics And General Commands, Overview

    25. Status Monitoring, Statistics and General Commands Overview The commands described in this chapter are grouped in sections as summarized in Table 25-1. Table 25-1 Status Monitoring, Statistics and General Commands S e c t i o n C o m m a n d s System Information show version show cpu utilization...

  • Page 301

    Example device-name#show version N O K I A Switch model : NOKIA ESB26 SW version : 3.3.0 created Jan 14 2004 - 15:59:00 Java version : Java image not loaded Loader version : 2.4 created Jan 30 2003 - 09:51:45 Up time : 0 days, 1 hours, 21 min, 40 sec.

  • Page 302: Show Cpu Utilization, Show System

    The show cpu utilization command, in Privileged (Enable) mode, displays the CPU usage real time from switch startup. ESB26 employs the lowest priority task scheduling mechanism to measure CPU utilization. This technique works by queuing a task that is supposed to run at the lowest possible priority in the system.

  • Page 303: Enable Password

    Status Monitoring, Statistics and General Commands Command Syntax device-name(config)#password PASSWORD PASS_CONFIRM Argument Description PASSWORD A character string without blank spaces. PASS_CONFIRM Confirm password string Example device-name(config)#password switch123 switch123 enable password The enable password command, in Global Configuration mode, sets a password to access Privileged mode from View mode.

  • Page 304

    Status Monitoring, Statistics and General Commands banner motd default The banner motd default command, in Global Configuration mode, sets the default motd (message-of-the-day) string. This is the string that will be displayed before User hello Access Verification and the password prompt. Command Syntax device-name(config)#banner motd default banner set...

  • Page 305

    Status Monitoring, Statistics and General Commands switch_area1(config)# service advanced-vty The service advanced-vty command, in Global Configuration mode, enables advanced mode VTY. The no form of this command disables advanced mode VTY. When advanced mode VTY is enables, the switch bypasses View mode at login and accesses Privileged mode directly.

  • Page 306: Show Clock

    Status Monitoring, Statistics and General Commands time-server Sets the switch to synchronize with the specified remote host. date The date command, in Global Configuration mode, sets the system time and date. Command Syntax device-name(config)#date HH:MM:SS <DAY> MONTH <YEAR> Argument Description HH:MM:SS The current time (hours in 24-hour format, minutes and seconds).

  • Page 307

    Status Monitoring, Statistics and General Commands Argument Description detail (Optional) If detail is specified, the command also displays the type of the currently used synchronization client. If detail is not specified, the command displays the current system time Examples 1. The following example displays the date and time. device-name(config)#show clock Current system time TUE APR 10 13:45:04 2004 2.

  • Page 308

    The old style of this command, wherein the IP address argument (A.B.C.D) NOTE precedes the time|daytime is supported for backward compatibility. However, Nokia strongly recommends using only the new style of the command for setting up time synchronization clients. For details on command, refer to "Configuring...

  • Page 309

    Status Monitoring, Statistics and General Commands Daytime Protocol. Synchronization will be performed every 10 minutes. Local time is two hours ahead of the server’s time. device-name(config)#time-server daytime 192.168.0.1 10 2 show time-server The show time-server command, in Privileged (Enable) mode, displays the timeserver configuration.

  • Page 310

    Status Monitoring, Statistics and General Commands Command Syntax device-name(config)#log telnet-console device-name(config)#no log telnet-console log trap The log trap command, in Global Configuration mode, limits log output to the specified priority level. The no form of this command permits all logging information. The priority is inversely related to the specified level (0 represents highest priority, 7 represents lowest priority).

  • Page 311: Web Server Commands

    Status Monitoring, Statistics and General Commands Command Syntax device-name(config)#log remote A.B.C.D device-name(config)#no log remote [A.B.C.D] Argument Description A.B.C.D IP address of the syslog host. Example The following command enables remote logging to host 192.1.22.14. device-name(config)#log remote 192.1.22.14 Web Server Commands Table 25-4 summarizes the web server commands.

  • Page 312

    Status Monitoring, Statistics and General Commands Example device-name#show web-server web-server enable Debug Information The following debugging commands can be used by support personnel to monitor a session as it proceeds on the switch. debug mstp The debug mstp command, in Privileged (Enable) mode, displays the information related to port roles, handshaking protocol, pim, prt, tcm and MAC address flush debugging in the Multiple Spanning Tree Protocol (MSTP).

  • Page 313: Show Debug

    Status Monitoring, Statistics and General Commands debug rstp The debug rstp command, in Privileged (Enable) mode, displays the RSTP debug messages. The no form of the command disables the debug messages. The RSTP debug commands will not be saved after reload. To view the debug messages you also need to enable log cli-console (for more information, see Managing the Session Log).

  • Page 314

    Status Monitoring, Statistics and General Commands Command Syntax device-name#show debug [mstp|rstp|stp] Argument Description mstp Multiple Spanning Tree Protocol debugging information. rstp Rapid Spanning Tree Protocol debugging information. Spanning Tree Protocol debugging information. MN700004 Rev 01...

  • Page 315: Remote Monitoring, Introduction, Feature Overview

    Start of Frame Delimiter SFD), but have a bad Cyclic Redundancy Check (CRC) or are either shorter than 64 octets or longer than 1518 octets. RMON Groups The ESB26 switch supports the following four RMON groups: • Statistics •...

  • Page 316

    Remote Monitoring The Ethernet Statistics Group The Ethernet Statistics group contains statistics of packets, bytes, broadcasts, multicasts, and errors, measured by the probe for each monitored Ethernet interface on the switch. Information from the Statistics group is used to detect changes in traffic and error patterns in critical areas of the network.

  • Page 317: Statistics Monitoring

    Remote Monitoring RFCs RFC 1757, Remote Network Monitoring Management Information Base There are two RMON groups that can be used from the CLI: • Statistics Monitoring; • RMON Alarms. The commands for each of them are featured in details below. Statistics Monitoring show rmon statistics The show rmon statistics command, in Privileged (Enable) mode, displays statistics...

  • Page 318: Rmon Alarms

    Remote Monitoring octets 9048 jabbers collisions pkts broadcast pkts <=64 multicast pkts 65-127 crcalignerrors pkts 128-255 undersize pkts 256-511 oversize pkts 512-1023 fragments pkts 1024-1518 dropevents -- more -- RMON Alarms Using CLI commands, the network administrator can define specific alarms indicating that some counters have passed the critical threshold.

  • Page 319: Show Rmon Event

    Remote Monitoring none No notification. Log notification. snmp-trap SNMP-trap notification. (See the SNMP Server Configuration chapter) trap-and-log Log and trap notification. COMM Trap community (character string without blank spaces). OWNER Event owner (character string without blank spaces). Examples 1. To define an RMON event description: device-name(config)#rmon event 1 the_tank_is_full snmp-trap PUBLIC STN1 In this example: •...

  • Page 320

    Remote Monitoring description : the_tank_is_full type : snmp-trap, lasttimesent: 01:36:29 community : public 2. To display a particular RMON event: device-name#show rmon event 1 Defining Alarm Conditions rmon alarm counter The rmon alarm counter command, in Global Configuration mode, defines RMON alarm conditions.

  • Page 321: Show Rmon Alarm

    Remote Monitoring 17 Pkts1024to1518Octets UU/SS/PP Interface unit/slot/port 1-4294967295 Polling interval, seconds absolute Use absolute threshold values. The trap will be sent only once when the rising threshold value is met. delta Use threshold value differences. The agent will send the trap whenever the delta between the last and the current value reaches the rising or falling value.

  • Page 322

    Remote Monitoring Argument Description alarm-index (Optional) Alarm index, in the range <1-65535>. Examples 1. Displaying a specified RMON alarm, in Privileged mode: device-name#show rmon alarm 1 2. Displaying the currently defined RMON alarms, in Privileged mode: device-name#show rmon alarm alarm 1, status active, owned by STN1 counter octets, interface 1/1/3 sampling interval (h:m:s) 00:00:05, sampletype absolute current value...

  • Page 323: Periodic Monitoring, Introduction, Feature Overview

    SNMP traps, it can be used to trigger other diagnostic data polling based on the switch’s operational status. Table 27-1 displays the operational indicators that are monitored for ESB26: Table 27-1 Periodic Monitoring Operational Indicators I n d i c a t o r...

  • Page 324

    Periodic Monitoring • Measured values: What is the temperature? How many packet errors are there? The monitor function returns actual measured values for the port and temperature indicators. Temperature monitoring measures the temperature using the Fahrenheit or Celsius scale. Port monitoring measures error packets as CRC, Runts and Overrun. −...

  • Page 325

    Periodic Monitoring The delta command configures a scale centered on the limit value. The value of the delta command’s <difference> variable determines delta points, which are points located along the scale on both sides of the limit value at distances that are whole multiples of <difference>: …...

  • Page 326: Default Periodic Monitoring Configuration

    Periodic Monitoring Default Periodic Monitoring Configuration Table 27-2 shows the periodic monitoring default parameter values. Table 27-2 Periodic Monitoring Default Parameter Values P a r a m e t e r D e f a u l t V a l u e Temperature monitoring Enabled Temperature monitoring scale...

  • Page 327: Configuring And Displaying Periodic Monitoring

    Periodic Monitoring Limit value for RAM usage monitoring alert 1000Kbytes Table 27-4 Monitoring Period Default Values P a r a m e t e r D e f a u l t V a l u e Monitoring period for ports 10 seconds Monitoring period for power supply 60 seconds...

  • Page 328

    Periodic Monitoring If no argument is specified, the command enables/disables all the alert options (log and trap). If one of the arguments is specified, the command enables/disables only that alert option. By default, all the alert options are enabled. By default, monitoring is enabled. Command Syntax device-name(config)#monitor all [log| trap] {enable|disable} device-name(config)#no monitor all [log | trap]...

  • Page 329

    Periodic Monitoring Command Syntax device-name(config)#monitor ports {enable | disable} device-name(config)#no monitor ports device-name(config)#monitor ports device-name(config monitor ports)# Argument Description enable Enables monitoring of ports. disable Disables monitoring of ports. Monitoring the RAM (Memory) Usage The monitor ram-usage command, in Global Configuration mode, enables or disables monitoring of the RAM usage.

  • Page 330

    Periodic Monitoring device-name(config)#monitor temperature Argument Description enable Enables monitoring of the temperature. disable Disables monitoring of the temperature. celsius Sets the scale for temperature monitoring to Celsius. fahrenheit Sets the scale for temperature monitoring to Fahrenheit. Example device-name(config)#monitor temperature fahrenheit device-name(config)#monitor temperature device-name(config monitor temperature F)# NOTE...

  • Page 331

    Periodic Monitoring Command Syntax device-name(config monitor INDICATOR)#enable Example The following example enables port monitoring: device-name(config)#monitor ports device-name(config monitor ports)#enable Disabling Periodic Monitoring for a Specific Indicator The disable command, in Monitoring Configuration mode, disables the periodic monitoring for a specific indicator. For default values, see table 27-2.

  • Page 332

    Periodic Monitoring Example 1 The following example causes the ports to be checked every 3 seconds: device-name(config monitor port)#period seconds 3 device-name(config monitor port)# Example 2 The following example resets the temperature monitoring period to the default 60 seconds: device-name(config monitor temperature C)#no period device-name(config monitor temperature C)# Setting Log Alert Notifications for a Specific Indicator The log command, in Monitoring Configuration mode, enables logging alert notifications for...

  • Page 333

    Periodic Monitoring By default, the trap alert is enabled. Command Syntax device-name(config monitor INDICATOR)#trap {enable | disable} Argument Description enable Enables the monitoring alerts. disable Disables the monitoring alerts. Setting the Limit for Triggering Alerts The limit command, in Monitoring Configuration mode, defines the limit value that triggers alert notifications.

  • Page 334

    Periodic Monitoring Command Syntax device-name(config monitor INDICATOR)#delta <difference> [always|greater|less] device-name(config monitor INDICATOR)#no delta Argument Description difference The amount of change that triggers an alert. For temperature monitoring, the unit is degrees Fahrenheit or Celsius. always Triggers an alert when the measured value rises above or drops below any delta point (the limit, plus or minus a multiple of <difference>).

  • Page 335

    Periodic Monitoring Command Syntax device-name#show monitor INDICATOR | brief Argument Description INDICATOR (Optional) Restricts the display to the specified indicator, for the list of the indicator supported by your platform. See table 27-8. brief (Optional) Displays the monitoring periods for all indicators. Table 27-8 Indicator Parameters I n d i c a t o r D e s c r i p t i o n...

  • Page 336

    Periodic Monitoring Example 2 Use the brief option to display a summary of enabled indicators: device-name#show monitor brief On-board Power Test : Period 60 sec. Temperature Test : Period 20 sec. Port Statistics Test : Period 10 sec. CPU Resources Test : Period 10 sec.

  • Page 337

    Periodic Monitoring cpu temperature = 34C (93F) Example 2 device-name#show temperature high-limit cpu temperature high limit = 55C (131F) Configuration Examples CPU Usage Monitoring In the following example, CPU usage monitoring is enabled and configured with both limit and delta commands. 1.

  • Page 338

    Periodic Monitoring 7. To check CPU usage monitoring, the trap output can be routed to the console: device-name#configure terminal device-name(config)#log cli-console device-name(config)#log-history nvram trap errors Traps are displayed on the CLI console. Note that the CPU usage is checked at 10 second intervals, as specified with the period command: tHiSwMonitr: 1970/01/01...

  • Page 339

    Periodic Monitoring device-name#show monitor ram-usage Period : 5 sec. Traps : Enabled : Enabled Limit value : 10Kb Delta value : 3Kb Notify on delta if criteria less than limit 8. To check RAM usage monitoring, the trap output can be routed to the console: device-name#configure terminal device-name(config)#log cli-console device-name(config)#log-history nvram trap errors...

  • Page 340: Logging System Trap Messages To The Nvram, Introduction

    28. Logging System Trap Messages to the NVRAM Introduction The System stores trap messages on the NVRAM. You cannot switch this logging feature off, but you may configure it to set the minimal priority level of messages that will be stored in the NVRAM.

  • Page 341: Nvram System-trap Logging Commands

    Logging System Trap Messages to the NVRAM SOURCE-TASK is the name of a system task that generated the message. DATE and TIME indicate when the message has been issued. MESSAGE-TEXT is the textual content of the message. PRIORITY is the literal message’s priority level. The first three fields are always included in the message.

  • Page 342

    Logging System Trap Messages to the NVRAM Argument Description emergencies Sets the message log filter to the highest priority level (zero). alerts Sets the message log filter to priority level one. critical Sets the message log filter to priority level two. errors Sets the message log filter to the lowest allowable level.

  • Page 343

    Logging System Trap Messages to the NVRAM record> <1-65535> range is size (Optional) Displays the number of records in the system-message history. status (Optional) Displays the current trap-level status for history recording. Examples 1. Displaying the current contents of the stored system message history: device-name#show log-history nvram tcliuart: 2002/01/01 07:02:07 errors: test error message...

  • Page 344: Nvram Configuration History, Introduction, History Log Format And Generation, Configuring History Settings

    29. NVRAM Configuration History Introduction Configuration-history is a CLI feature, giving the user ability to record ALL the commands that were entered from Configuration mode into the device and changed the configuration. All the commands are recorded into the NVRAM even if the device configuration is not saved (with write command).

  • Page 345: Displaying The Configuration History

    NVRAM Configuration History Description of Commands record configuration-history nvram The record configuration-history nvram command, in Global Configuration mode, enables recording the configuration commands into the NVRAM. The no form of this command disables the recording, but does not clear it. If you enable configuration-history recording, you must exit configuration mode for the command to take effect.

  • Page 346

    NVRAM Configuration History Description of Commands show configuration-history The show configuration-history command, in Privileged (Enable) mode, displays all configuration commands stored in the NVRAM during the specified session. If no session number is specified, the command displays all configuration commands stored in the NVRAM during the last session.

  • Page 347

    NVRAM Configuration History device-name#show configuration-history all ! THU MAR 07 18:40:17 2002 :: vty :: console ! Configuration session 1 start configure terminal network 36.0.0.0/24 area 36.0.0.0 area 36.0.0.0 stub area 36.0.0.0 default-cost 20 ! configuration session 1 end ! MON MAR 11 07:18:03 2002 :: vty :: console ! Configuration session 2 start configure terminal ip address 131.119.251.201/24...

  • Page 348: Configuring The Watchdog Features, Overview, Accessing Watchdog Mode

    30. Configuring the Watchdog Features Overview The Watchdog is a set of system features for monitoring some tasks or processes on the switch that are either critical or their monitoring is very useful for the administration of the switch. Unlike the other monitoring features however, it also triggers some automated actions to correct the situation if a monitored event or process goes wrong adding thus a bit of artificial intelligence to your switch.

  • Page 349: Configuring The Reset-loop Detection Feature

    Configuring the Watchdog Features Configuring the Reset-Loop Detection Feature When this feature is enabled, the Watchdog detects when a reset-loop occurs and logs a notification about it to the NVRAM. The switch is considered to be in a rest loop when it resets more than 3 times in a certain time period.

  • Page 350: Configuring The Snmp Request Failure Detection Feature

    Configuring the Watchdog Features Configuring the SNMP Request Failure Detection Feature The SNMP Request Failure Detection feature monitors the timing and validity of the SNMP requests. If no valid SNMP request has been received within a specified time period, the request is considered lost and the feature resets the switch.

  • Page 351: Configuring The Application Suspension Detection Feature

    Configuring the Watchdog Features Configuring the Application Suspension Detection Feature The Application Suspension Detection monitors the switch for suspended applications and issues log notifications whenever an application is suspended. Application suspension usually means that the execution of that particular application has gone wrong so keeping track of suspended applications enables you detect and correct the problem in time.

  • Page 352: Displaying The Watchdog Configuration

    Configuring the Watchdog Features Argument Description Disables monitoring of all applications. <APPLICATION> Name of the application the monitoring of which is to be ceased, e.g. tLacp. Disables monitoring of individual applications. Example To disable monitoring of the tLacp application: device-name(sw-watchdog)#remove sw-watchdog application tLacp suspension tLacp_Susp removed from watchdog device-name(sw-watchdog)# Displaying the Watchdog Configuration...

  • Page 353: Ntp Client Description, Introduction, The Ntp Timeserver Commands

    NTP has become a standard for Internet time synchronization. Most importantly, there are more than 100000 free NTP timeservers in the world. Using the NTP protocol, the Nokia ESB26 switch time can be synchronized by the network administrator almost anywhere in the world with a minimal effort.

  • Page 354: Why Use Ntp Protocol, Configuring And Displaying Ntp Server Settings

    NTP Client Description Table 31-1 NTP Timeserver Commands C o m m a n d D e s c r i p t i o n time-server ntp add Adds a server to the NTP server list. time-server ntp delete Deletes a server from the NTP server list.

  • Page 355

    NTP Client Description An NTP client can use up to a maximum of five servers. This requires the system administrator to define the IP addresses of the desired NTP servers. The following commands are used for adding, deleting and displaying NTP servers. Description of Commands time-server ntp add The time-server ntp add command, in Global Configuration mode, adds a server to the NTP...

  • Page 356: Md5 Authentication

    NTP Client Description Command Syntax device-name(config)#time-server ntp show Example The following example displays the three existing NTP servers. device-name(config)#time-server ntp show Current NTP server(s): 186.102.20.11 182.21.2.31 128.11.24.6 MD5 Authentication NTP supports MD5 authentication. When using MD5 for the first time, you must assign it a key, consisting of a key ID and a plain text key.

  • Page 357: Running The Ntp Server

    NTP Client Description A string of 1 to 20 non-blank characters (some special characters, such as question marks, are not allowed). Case-sensitive. Example The following example adds an MD5 authentication key with key ID of 27 and plain-text key qwerty. device-name(config)#time-server ntp key add 27 qwerty time-server ntp key delete The time-server ntp key delete command, in Global Configuration mode, deletes the...

  • Page 358: Examples, Configuration Example

    NTP Client Description time-server ntp start The time-server ntp start command, in Global Configuration mode, starts the NTP-server polling. NOTE To end the NTP server polling use the no time-server command in Global Configuration mode. Command Syntax device-name(config)#time-server ntp start <polling-interval> ZONE Argument Description polling-interval The synchronization refresh period in minutes, in the range <10-44640>...

  • Page 359: Configuring Daylight Saving Time (dst)

    NTP Client Description device-name(config)#time-server ntp add A.B.C.D 2. Add an MD5 authentication key with key ID of 27 and plain-text key qwerty: device-name(config)#time-server ntp key add 27 qwerty 3. Start the NTP server polling with refresh period of 10 minutes and time zone 2: device-name(config)#time-server ntp start 10 2 Configuring Daylight Saving Time (DST) You can configure your switch to observe the daylight saving time in your area.

  • Page 360: Command Syntax

    NTP Client Description Argument Description first MONTH Configures the first week of as the start week for the DST. <N > Configures the week with the specified number (first, second, third, or forth of MONTH ) as the start week for the DST. The valid entries are the numbers from 1 to 4.

  • Page 361

    NTP Client Description MONTH Configures the month (Jan-Dec) of year yyyy as the start day for the DST. <yyyy > Configures the start year for the DST. The valid values are from 1993 to 2035. Configures the exact time of the day when the DST should begin.

  • Page 362: Remote Authentication Dial-in User Service (radius), Introduction, Binos Radius Features

    32. Remote Authentication Dial-In User Service (RADIUS) Introduction RADIUS (Remote Authentication Dial-In User Service) is a protocol for carrying authentication, authorization, and configuration information between a Network Access Server (switch), which requests to authenticate its links, and a shared Authentication Server. The current BiNOS RADIUS client supports login-type authentication only.

  • Page 363

    Remote Authentication Dial-In User Service (RADIUS) • ACCEPT---The user is authenticated. • REJECT---The user is not authenticated and is prompted to reenter the username and password, or access is denied. The ACCEPT or REJECT packets also contain: Reply message and user timeouts – session timeout and idle timeout. Description of Commands Commands to Configure a RADIUS Server Host To specify a RADIUS server host and a shared password:...

  • Page 364

    Remote Authentication Dial-In User Service (RADIUS) radius-server key The radius-server key command, in Global Configuration mode, specifies the password used between the switch and the RADIUS server. The no form of this command removes the password. Command Syntax device-name(config)#radius-server key STRING device-name(config)#no radius-server key Argument Description STRING...

  • Page 365: Using Radius To Configure Login Authentication

    Remote Authentication Dial-In User Service (RADIUS) over by requests for RADIUS authentication. The no form of this command sets the dead- time to zero (non-responding servers are not passed over). NOTE A configured RADIUS server is presumed dead, if timeout time is reached in three authentication sessions.

  • Page 366: A Radius Configuration Example

    Remote Authentication Dial-In User Service (RADIUS) Command Syntax device-name(config)#aaa authentication login default PRIMARY SECONDARY device-name(config)#no aaa authentication login default Argument Description PRIMARY Primary authentication method, either radius or local. SECONDARY Secondary authentication method must be local. A RADIUS Configuration Example Figure 32-2 RADIUS Configuration Example To demonstrate a RADIUS configuration, proceed as follows: 1.

  • Page 367

    Remote Authentication Dial-In User Service (RADIUS) device-name(config)#radius-server host 10.2.42.137 device-name(config)#radius-server key 123456 • Add local user with username of localUser and password MyPass: device-name(config)#username localuser password mypass NOTE Local authentication database is used for authentication if the configured RADIUS Server is not responding.

  • Page 368: Secure Shell (ssh), Introduction, Some Security Considerations

    The keys are configured with the ssh generate-key dsa command described below. When using an SSH client to log into a Nokia ESB26 device, avoid using a telnet client from that device to another host. This precaution is required to prevent making the secure connection vulnerable to anyone who may spy on both network connections.

  • Page 369: Commands For Managing The Ssh Server

    Secure Shell (SSH) Commands for Managing the SSH Server. The SSH commands are summarized in Table 33-1. All commands for managing the SSH server are available in the switch’s global Configuration mode. Table 33-1 SSH Commands C o m m a n d D e s c r i p t i o n ssh generate-key dsa Generates the starting public parameters for the DSS algorithm that is...

  • Page 370: Supported Clients, Supported Standards

    Secure Shell (SSH) ssh stop command, in Global Configuration mode, stops the BiNOS SSH server. Keep ssh stop in mind that by stopping the server, you close all current SSH connections to the device. Command Syntax device-name(config)#ssh stop Supported Clients You can use the BiNOS SSH server with SSH clients such as: •...

  • Page 371: X Port-based Authentication, Introduction, Feature Overview

    34. 802.1X Port-Based Authentication Introduction The IEEE 802.1X standard offers a method for controlling port access in a central location on a user or device basis. 802.1X helps to facilitate the control of networks. The 802.1X (or dot1x) standard relies on the supplicant (user or client that requests authentication) to provide credentials in order to gain access to the network.

  • Page 372: Mode Of Operation

    802.1X Port-Based Authentication Mode of Operation When a BiNOS switch is configured as an authenticator, the ports of the switch must be configured for authorization. When the authenticator detects that the link with the supplicant is active and an EAPOL start- packet is received, the authenticator port sends an EAP packet to the supplicant requesting the supplicant’s identification.

  • Page 373: Ports In Authorized And Unauthorized States

    802.1X Port-Based Authentication Table 34-1 802.1X Supplicant Modes M o d e D e s c r i p t i o n Single Host Only one supplicant may be authorized on a port. If several supplicants request authorization, the first one that authenticates successfully is authorized, and all the others are rejected without trying to authenticate them.

  • Page 374

    802.1X Port-Based Authentication successfully authenticated, the port transitions to the authorized state, allowing all traffic for the supplicant to flow normally. If a supplicant that does not support 802.1X is connected to an unauthorized 802.1X port, the switch requests the supplicant's identity. In this situation, the supplicant does not respond to the request, the port remains in the unauthorized state, and the supplicant is not granted access to the network.

  • Page 375: Default 802.1x Configuration

    802.1X Port-Based Authentication MIBs No MIBs are supported by this feature RFCs RFC 2856, Remote Authentication Dial In User Service (RADIUS) RFC 2869, Remote Authentication Dial In User Service (RADIUS) Extensions Default 802.1X Configuration The table below shows the default 802.1X configuration. Table 34-3 802.1X Default Configuration P a r a m e t e r D e f a u l t V a l u e...

  • Page 376: Configuring And Displaying 802.1x

    802.1X Port-Based Authentication Configuring and Displaying 802.1X The BiNOS 802.1X implementation consists of configuring the three participants for operation. Supplicants that connect to 802.1X authenticators are required to support EAP. The 802.1X implementation needs at least one RADIUS server to be configured. Dot1x works with every RADIUS server that is compatible with RFC 2865 and RFC 2869, as well as with every 802.1X supplicant that is compatible with the IEEE 802.1X standard.

  • Page 377

    802.1X Port-Based Authentication dot1x timeout re-authperiod Sets number seconds between re-authentication attempts. dot1x timeout quiet-period Sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange with the supplicant. dot1x timeout tx-period Sets the number of seconds that the switch waits for a response to an EAP-request/identity frame from the supplicant before retransmitting the request.

  • Page 378

    802.1X Port-Based Authentication Forcing the Process of Re-authentication The dot1x re-authenticate command, in Global Configuration mode, activates the process of re-authentication on all supplicants and for all ports. Automatic 802.1X supplicant re-authentication can be set globally or for supplicants connected to individual ports. By default, the re-authentication is disabled.

  • Page 379

    802.1X Port-Based Authentication Argument Description time The re-authentication period is a value in the range <1–4294967295>. Example device-name(config)#dot1x timeout re-authperiod 4200 Setting a Period of Time for the Quiet Timer The dot1x timeout quiet-period command, in Global Configuration mode, sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange with the supplicant.

  • Page 380

    802.1X Port-Based Authentication Example device-name(config)#dot1x timeout tx-period 60 Setting the Unicast Supplicant Compatibility The dot1x unicast-client-compatibility command, in Global Configuration mode, sets a mode that allows dot1x to work with supplicants, but without sending EAPOL packets to 802.1X group MAC addresses. The no form of this command sets a mode in which the dot1x does not work with supplicants and does not send EAPOL packets to 802.1X group MAC addresses.

  • Page 381

    802.1X Port-Based Authentication device-name(config-if UU/SS/PP)#no dot1x port-control Argument Description auto Sets 802.1X to auto mode on the specified port. Enables 802.1X on the specified interface with the default Single-Host mode. force-authorized Sets 802.1X in Force-Authorized mode on the specified port. Using this command is equivalent to stopping 802.1X.

  • Page 382

    802.1X Port-Based Authentication Setting the Traffic Mode The dot1x control-direction stop-in-traffic command, in Interface Configuration mode, sets the dot1x traffic mode to Bi-directional Traffic Control. The no form of this command sets the dot1x traffic mode to “Unidirectional traffic control”. By default, the Bi-directional Traffic Control is enabled.

  • Page 383

    802.1X Port-Based Authentication 1/1/1 Auto Per MAC 1/1/5 Auto Single Both Displaying the Configured RADIUS Servers The show dot1x radius command, in Privileged (Enable) mode, displays all RADIUS servers that are configured. Command Syntax device-name#show dot1x radius [statistic] Argument Description statistic (Optional).

  • Page 384

    802.1X Port-Based Authentication Example 1 device-name#show dot1x interface 1/1/5 Control Direction = Both Authentication Method = Auto Authentication Type = Single Host Host Limit = Unlimited Hosts Authorized Hosts UnAuthorized Hosts ===================================================================== Vlan State RadID Session time ReAuth --------------------------------------------------------------------- 00:40:95:31:80:6D 2 Authenticated 00:28:12 00:00:01 Example 2...

  • Page 385

    802.1X Port-Based Authentication Example device-name#show dot1x hosts ===================================================================== Vlan Port State RadID Session time ReAuth --------------------------------------------------------------------- 00:40:95:31:80:6D 2 1/1/5 Authenticated 00:59:02 00:00:01 Debugging 802.1X The table below lists the 802.1X debugging commands. Table 34-7 802.1X Debugging Commands C o m m a n d D e s c r i p t i o n debug dot1x Enables specific 802.1X debugging.

  • Page 386

    802.1X Port-Based Authentication The dot1x debug commands will not be saved after reload. By default, the debug is disabled. Command Syntax device-name#debug dot1x authsm {event | status | timers} device-name#no debug dot1x authsm {event | status | timers} Argument Description event Debug state machine events.

  • Page 387

    802.1X Port-Based Authentication radius Debug RADIUS packets. recv Debug packets sending and receiving. send Debug packets receiving. detail Debug packets sending. Displaying the 802.1X Debugging The show debug dot1x command, in Privileged (Enable) mode, displays the debug status for the 802.1X. The debug commands can help the network manager to monitor a session as it proceeds on the switch.

  • Page 388

    802.1X Port-Based Authentication Table 34-8 802.1X-Related Commands C o m m a n d D e s c r i p t i o n D e s c r i b e d i n radius-server host Defines the remote RADIUS server. Understanding and Configuring Remote Authentication Dial In User Service (RADIUS)

  • Page 389: Built-in Self Test (bist), Overview, Startup Execution Of Bist

    When the BIST detects a failure in any of the tests, it causes the Status LED indicator to blink. Table 35-1 summarizes the BIST tests for the ESB26 switch. Table 35-1 Description of the Built-in Tests T e s t...

  • Page 390: Bist Commands

    Built-In Self Test (BIST) ESB26#self-testProcessingBIST by request... CPUCore Test :CPUNotify RAM Test :CPUInterface Test UART Existence - PassedTestingSwitch Core Crossbar Existence - PassedOn-boardPower Test On-board Power PHY - Passed On-board Power CPU - Passed On-board Power OC PassedTemperatureTest Temperature - PassedBroadcastLimit...

  • Page 391

    Built-In Self Test (BIST) On-board Power PHY - Passed On-board Power CPU - Passed On-board Power OC - Passed Temperature Test Temperature - Passed show self-test The show self-test command, in Privileged (Enable) mode, issues a report on the current built-in test status (obtained by the last BIST).

  • Page 392

    Built-In Self Test (BIST) On-board Power Test On-board Power PHY - Passed On-board Power CPU - Passed On-board Power OC - Passed Temperature Test Temperature - Passed MN700004 Rev 01...

  • Page 393: Diagnostic Tests, Esb26 Diagnostics-related Commands, The Diagnostics-related Commands

    36. Diagnostic Tests ESB26 Diagnostics-Related Commands ESB26 device has an integrated procedure for self-testing and diagnostics. Diagnostic tests check the proper operation and integrity of certain parts of device. The self-testing is usefull for network administators, for troubleshooting and proper maintenance of the devices. The diagnostic module includes the following validation tests: •...

  • Page 394

    Diagnostic Tests test nvm-contents loader Validates the loader image. test nvm-contents prom-access Validates the operability of EPROM. test nvm-contents script-file-system Validates the script file system. test nvm-contents startup- Validates the startup configuration. configuration test switch-core Validates the switch core. test ram Tests the RAM.

  • Page 395

    Diagnostic Tests Argument Description primary The primary application image secondary The secondary application image Example device_name(self-test)#test nvm-contents application primary Image Size = 0x2D7313 CRC Value = 0xD78F9816 Application image in NVM is OK test nvm-contents java-image The test nvm-contents java-image command, in self-test mode, performs diagnostics of the java image.

  • Page 396

    Diagnostic Tests Command Syntax device_name(self-test)#test nvm-contents prom-access Example device_name(self-test)#test nvm-contents prom-access Validation of PROM passed OK test nvm-contents script-file-system The test nvm-contents script-file-system command, in self-test mode, performs diagnostics of script file system. This diagnostic is performed by checking the integrity of control structure of the script file system located on the internal Flash memory.

  • Page 397

    Diagnostic Tests test ram The test ram command, in self-test mode, validates the random access memory. During the test, the normal switch operation is interrupted and the device enters Debug self-test switch mode. Command Syntax device_name(self-test)#test ram Example device_name(self-test)#test ram Normal switch operation will be interrupted.

  • Page 398

    Diagnostic Tests Start primary application... Entering into self-test switch mode. Please wait... All ports --> OK test all The test all command, in self-test mode, performs all tests subsequiently. Command Syntax device_name(self-test)#test all Example device_name(self-test)#test all Normal switch operation will be interrupted. Proceed ? [y/n] : y Testing CPU: CPU validation -->...

  • Page 399

    Diagnostic Tests Address Bus Test: Walking One --> OK Address Bus Test: Walking Zero --> OK RAM Device Test : 100% --> OK Entering into self-test switch mode. Please wait... All ports --> OK clear test-results The clear test-results command, in self-test mode, clears the last self-test results. Command Syntax device_name(self-test)#clear test-results Example...

  • Page 400

    Diagnostic Tests Command Syntax device_name(self-test)#[DBG] test end Example device_name(self-test)#[DBG] test end Return to normal switch operation. Procceed ? [y/n] : y Verifying validity of primary application..OK Start primary application... Return to normal switch operation. Please wait... device_name(show system)# MN700004 Rev 01...

  • Page 401: Dns Resolver, Introduction, Feature Overview

    37. DNS Resolver Introduction The Domain Name System (DNS) is the means by which Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to- remember "handle" for an Internet address. Because maintaining a central list of domain name/IP address correspondences would be impractical, the lists of domain names and IP addresses are distributed throughout the Internet in a hierarchy of authority.

  • Page 402

    DNS Resolver Figure 37-1: Simplified Example of How DNS Works Supported Standards, MIBs and RFCs Standards No standards are supported by this feature. MN700004 Rev 01...

  • Page 403: Default Dns Resolver Configuration, Configuring And Displaying Dns Resolver

    DNS Resolver MIBs No MIBs are supported by this feature. RFCs RFC 1034, Domain Names – Concepts and Facilities RFC 1035, Domain Names – Implementation and Specification Default DNS Resolver Configuration Table 37-1 shows the default DNS Resolver configuration. Table 37-1 DNS Resolver Default Configuration Parameter Default Value DNS servers...

  • Page 404

    DNS Resolver Argument Description A.B.C.D The IP address of the DNS server. Displaying the DNS Resolver Configuration The show ip dns command, in Privileged (Enable) mode, displays the current configuration of the DNS Resolver. Command Syntax device-name#show ip dns Configuration Example In the following example, the first IP address in the ip dns server command becomes the primary gateway address and all others are secondary addresses.

  • Page 405

    DNS Resolver Table 37-3 DNS Resolver Related Commands C o m m a n d D e s c r i p t i o n D e s c r i b e d i n ping Allows pinging to another unit (e.g. Getting Started, View...

  • Page 406: Commands Summary

    Loader, Sysloader and Dual Boot Overview ESB26 has two separate special startup modes, called "Loader" and "Sysloader". They can be entered rignt after turning on or resetting the switch. They both have almost the same purpose and differ only in the commands provided and the way the commands function. The Loader/Sysloader modes are designed for: •...

  • Page 407

    APPENDIX Loader, Sysloader and Dual Boot quit Disconnects and logs out. start Starts execution of switch application. copy Files transfer to the target base. version Displays the switch's model and loader version. manufacturing- Displays manufacture details. details Table APPENDIX-2 Configuration Mode Commands more Filters command output.

  • Page 408

    APPENDIX Loader, Sysloader and Dual Boot serial-number Configures the manufacturing serial numberл show Displays board manufacturing details. Table APPENDIX-4 Memory Mode Commands more Filter command output copy Copy block of memory display Display block of memory End current mode and change to initial mode. exit Exit current mode and down to previous mode fill...

  • Page 409: Download Application

    APPENDIX Loader, Sysloader and Dual Boot ////////////////////////////////////////////////////////////// // Switch model : NOKIA ESB26 SW version : 3.3.0 created Oct 21 2003 - 14:59:16 ////////////////////////////////////////////////////////////// User Access Verification Password: download application The download application command, in Loader mode, copies the switch’s application from a source computer to the switch’s permanent storage memory, through a console connection by...

  • Page 410

    APPENDIX Loader, Sysloader and Dual Boot Commands to Configure the Switch from the Loader The table below summarizes the CLI commands available upon entering Loader mode. The commands are described in the subsections that follow. Table APPENDIX-5 Loader Configuration Commands C o m m a n d D e s c r i p t i o n config...

  • Page 411

    APPENDIX Loader, Sysloader and Dual Boot clean startup-configuration The clean startup-configuration command, in Loader Configuration mode, sets the startup configuration database in the permanent storage memory to the default values. Command Syntax Loader(config)#clean startup-configuration clean log-history The clean log-history command, in Loader Configuration mode, erases all the log history records.

  • Page 412

    APPENDIX Loader, Sysloader and Dual Boot show The show command, in Board Configuration mode, displays the manufacturing serial board number and manufacturing details . Command Syntax Loader(board)> show Example Loader(board)>manufacturing-details Serial number : 134569 Assembly No : 1234567 HW revision : 123 HW subrevision : 123 Memory Debug Tools The table below summarizes the CLI commands available at the Loader memory mode.

  • Page 413

    APPENDIX Loader, Sysloader and Dual Boot Argument Description SRC_ADDR Hexadecimal source address (optionally prefixed with 0x). DST_ADDR Hexadecimal destination address (optionally prefixed with 0x). BLK_LEN Hexadecimal or decimal block length (Use the 0x prefix for hexadecimal number). Example Loader(memory)#copy 0xF0000000 0xA0000000 10 Loader(memory)# display The display command, in Loader Memory mode, displays a block of memory, optionally...

  • Page 414

    Sysloader and Dual Boot Dual Boot ESB26 supports the dual boot feature that allows booting from either of two available images. Dual boot is used when you want to store two different software versions on the device. When it is needed to upgrade the software version, the old version may remain on the device.

  • Page 415

    APPENDIX Loader, Sysloader and Dual Boot Press any key to stop auto-boot... Nokia System Loader Switch model NOKIA ESB26 System Loader version 3.4.2 ER 8 2004 - 16:09:00 MAC address 00:A0:12:EE:01:47 User Access Verification Password: device_name> Sysloader Commands Application-Related Commands The table below lists the switch Sysloader application-related commands.

  • Page 416

    : Passed CPU Interface Test : Passed Testing Switch Core : Passed ///////////////////////////////////////////////////////////////////// N O K I A Switch model : NOKIA ESB26 SW version : 3.4.2 beta BG created Jan 8 2004 - 16:10:06 ///////////////////////////////////////////////////////////////////// User Access Verification Password:...

  • Page 417

    The version command, in Sysloader mode, displays the switch model type and the Sysloader version. Command Syntax device name>version Example device_name>version Nokia System Loader Switch model NOKIA ESB26 System Loader version 3.4.2 ER 8 2004 - 16:09:00 Primary version 3.4.2 ER...

  • Page 418

    APPENDIX Loader, Sysloader and Dual Boot Sysloader Configuration Commands The table below lists the Sysloader configuration commands. Table APPENDIX-8 Sysloader Configuration Commands C o m m a n d D e s c r i p t i o n config Switches from Loader mode to Loader Configuration mode.

  • Page 419

    APPENDIX Loader, Sysloader and Dual Boot device_name(config)#mac-address 00:a0:12:07:0f:78 New MAC Address of switch = 00:A0:12:07:0F:78 clean startup-configuration The clean startup-configuration command, in Sysloader Configuration mode, erases the Startup configuration file saved in internal Flash memory. Command Syntax device name(config)#clean startup-configuration clean java The clean java command, in Sysloader Configuration mode, erases the Java image saved in internal Flash memory.

  • Page 420

    APPENDIX Loader, Sysloader and Dual Boot Argument Description primary Boots the image from the first flash. secondary Boots the image from the secondary flash. auto Starts first the primary application and if it fails the second application is activated. If both applications fail to start, the device enters the Sysloader CLI.

  • Page 421

    APPENDIX Loader, Sysloader and Dual Boot Argument Description src-addr Hexadecimal source address (optionally prefixed with 0x). dst-addr Hexadecimal destination address (optionally prefixed with 0x). blk-len Hexadecimal or decimal block length (Use 0x prefix for hexadecimal number). display The display command, in Sysloader Memory mode, displays a block of memory, optionally specified by start address and block length in bytes.

Comments to this Manuals

Symbols: 0
Latest comments: