Allied Telesis AT-8800 SERIES User Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Switch
  5. AT-8800 Series
  6. User manual
Allied Telesis AT-8800 SERIES User Manual

Allied Telesis AT-8800 SERIES User Manual

Hide thumbs Also See for AT-8800 SERIES:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Network Manual
AT-8800 SERIES SWITCH
USER GUIDE
Software Release 2.6.1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AT-8800 SERIES and is the answer not in the manual?

Questions and answers

Related Manuals for Allied Telesis AT-8800 SERIES

Summary of Contents for Allied Telesis AT-8800 SERIES

  • Page 1 AT-8800 SERIES SWITCH USER GUIDE Software Release 2.6.1...
  • Page 2 AT-8800 Series Switch User Guide for Software Release 2.6.1 Document Number C613-02039-00 REV A. Copyright © 1999-2003 Allied Telesyn International, Corp. 960 Stewart Drive Suite B, Sunnyvale CA 94086, USA. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn.

  • Page 3: Table Of Contents

    Introducing the AT-8800 Series Switch .............. 7 Why Read this User Guide? ................7 Where To Find More Information ..............8 The AT-8800 Series Switch Documentation Set ........... 8 Online Technical Support ................9 Features of the AT-8800 Series Switch ............... 9 Management Features ................
  • Page 4 AT-8800 Series Switch User Guide The Diagnostics Menu ................36 Changing the Password ................36 Context Sensitive GUI Help ............... 36 Saving Configuration Entered with the GUI ..........37 Combining GUI and CLI Configuration ............. 37 Configuring Multiple Devices ..............37 Upgrading the GUI ..................
  • Page 5 The Forwarding Process ................82 Layer 2 Filtering ..................83 The Egress Rules ..................85 Quality of Service .................... 85 Spanning Tree Protocol (STP) ................86 Spanning Tree Modes ................86 Spanning Tree and Rapid Spanning Tree Port States ........87 Configuring STP ..................

  • Page 7: Chapter 1 Introduction

    Your AT-8800 Series Switch is supplied with default settings which enable it to operate as a Layer 2 switch immediately, without any configuration. Even if this is all you want to do, you should still gain access to the switch configuration, if only to change the manager password to prevent unauthorised access.

  • Page 8: Where To Find More Information

    Where To Find More Information Before installing the switch and any expansion options, read the important safety information in the AT-8800 Series Switch Safety and Statutory Information booklet. Follow the Quick Install Guide’s step-by-step instructions for physically installing the switch.

  • Page 9: Online Technical Support

    If you require further assistance, contact your authorised distributor or reseller. Features of the AT-8800 Series Switch There are two models in the AT-8800 Series, which provide either 48 or 24 10/100 TX Fast Ethernet ports. Both models also feature: •...

  • Page 10: Management Features

    ■ An HTTP client that allows the direct download of files from a web server to the router’s FLASH memory. For complete descriptions of these software features, see the AT-8800 Series Switch Software Reference. Software Features AT-8800 Series Intelligent Workgroup Switches provide efficient and cost- effective multiprotocol routing, terminal serving and integrated network management over wide area networks and LANs.

  • Page 11: Special Feature Licences

    Introduction ■ Sophisticated packet filtering. ■ Bridging. ■ Van Jacobson’s header compression, STAC LZS and Predictor compression, and DES encryption. ■ Terminal serving using Telnet, with local host nicknames. ■ Access to network printers via LPD or TCP streams. ■ Resource Reservation Protocol (RSVP) for delivering quality of service to application data streams.

  • Page 12: Warning About Flash Memory

    AT-8800 Series Switch User Guide Most software features that require a special feature licence are bundled into one of the following special feature licence packs: ■ Full Layer 3 Feature Licence ■ Advanced Layer 3 Feature Licence ■ Security Pack Feature Licence For more information about purchasing special feature licences, contact your Allied Telesyn authorised distributor or reseller.

  • Page 13: Chapter 2 Getting Started With The Command Line Interface (Cli)

    Chapter 2 Getting Started with the Command Line Interface (CLI) This Chapter This chapter describes how to access the switch’s CLI, and provides basic information about configuring the switch, including how to: ■ Physically connect a terminal or PC to the switch (see “Connecting a Terminal or PC”...

  • Page 14: Connecting A Terminal Or Pc

    For instructions on how to configure HyperTerminal, see the AT-8800 Series Switch Hardware Reference. To start a terminal session, connect to the switch in one of the following ways: ■...

  • Page 15: Logging In

    SET ASYN command. See the router’s online help or the Interfaces chapter in the AT-8800 Series Switch Software Reference for more information on how to configure the asynchronous port.

  • Page 16: Setting Routes

    For more information about switch ports and Virtual LANs (VLANs), see Chapter 5, Layer 2 Switching in this document, and the Switching chapter in the AT-8800 Series Switch Software Reference. For more information about IP addressing and routing, see Chapter 6, Layer 3 in this document, and the Internet Protocol (IP) chapter in the AT-8800 Series Switch Software Reference.

  • Page 17: Changing A Password

    SHOW IP ROUTE For more information about setting IP routes, see the Internet Protocol (IP) chapter in the AT-8800 Series Switch Software Reference. Changing a Password You should change this password to prevent unauthorised access to the switch.

  • Page 18: Using The Commands

    Make sure you remember the new password created as you cannot retrieve a lost password. Recovery of access to the switch is complex. Once you have logged into the manager account you are able to enter commands from this guide and from the AT-8800 Series Switch Software Reference. Using the Commands You control the switch with commands described in this document and in the AT-8800 Series Switch Software Reference.

  • Page 19: Aliases

    Getting Started with the Command Line Interface (CLI) Aliases The command line interface supports aliases. An alias is a short name for an often-used longer character sequence. When the user presses [Enter] to execute the command line, the command processor first checks the command line for aliases and substitutes the replacement text.

  • Page 20: Enabling Special Feature Licences

    AT-8800 Series Switch User Guide Enabling Special Feature Licences You must enable the special feature licence you have purchased before you can use the licenced features. You will need the password provided by your authorised distributor or reseller. The advanced upgrade licence and password are different from the standard software release licence and password.

  • Page 21: Chapter 3 Getting Started With The Graphical User Interface (Gui)

    Getting Started with the Graphical User Interface (GUI) Chapter 3 Getting Started with the Graphical User Interface (GUI) This Chapter This chapter describes how to access the switch’s HTTP-based Graphical User Interface (GUI), and provides basic information about using the GUI, including: ■...

  • Page 22: What Is The Gui

    AT-8800 Series Switch User Guide What is the GUI? The GUI (Graphical User Interface) is a web-based device management tool, designed to make it easier to configure and monitor the switch. The GUI provides an alternative to the CLI (Command Line Interface). Its purpose is to make complicated tasks simpler and regularly performed tasks quicker.
  • Page 23 Getting Started with the Graphical User Interface (GUI) To enable JavaScript in Netscape 6.2.x: From the Edit menu, select Preference Select the Advanced menu option. Ensure that the “Enable JavaScript for Navigator” checkbox is checked. The minimum screen resolution on the PC is 800x600. HTTP Proxy Servers An HTTP proxy server provides a security barrier between a private network’s PCs and the Internet.

  • Page 24: Establishing A Connection To The Switch

    AT-8800 Series Switch User Guide Establishing a Connection to the Switch Before you start, consider how the switch fits into your network. If you are installing a new switch, consider whether you want to configure it before deploying it into the LAN, or want to configure it in situ. If you want to access a switch that has already been configured, consider the relative positions of the PC and the switch.
  • Page 25 Getting Started with the Graphical User Interface (GUI) Option 1: Configuring the Switch before Installation Use this procedure if: ■ You want to configure the switch before installing it in your LAN. ■ You will be installing the switch at a remote office or a customer site and want to configure it first.
  • Page 26 AT-8800 Series Switch User Guide At the login prompt, enter the user name and password The default username is manager: User Name: manager Password: friend The System Status page is displayed (Figure 6 on page 31). Select options from the sidebar menu to configure and manage the switch.
  • Page 27 AT-8800 Series Switch You can browse to the switch through any VLAN, as long as you give that VLAN an IP address (see below). These instructions assume you will use vlan1. The switch ports all belong to vlan1 by default.
  • Page 28 AT-8800 Series Switch User Guide On the PC, bypass the HTTP proxy server, if necessary See “HTTP Proxy Servers” on page 23 for more information. Point your web browser at the LAN interface’s IP address For normal access, point your web browser to...

  • Page 29: Secure Access

    Getting Started with the Graphical User Interface (GUI) Browse to the switch For normal access, point your web browser to http://ip-address where ip-address is the interface’s IP address. To access the switch securely if SSL (Secure Sockets Layer) has been configured on the interface, point your web browser to https://ip-address For more information about secure access, see “Secure Access”...
  • Page 30 AT-8800 Series Switch User Guide Login as a Security Officer To login as the user with Security Officer privilege called “CIPHER”, use the command: LOGIN CIPHER And then enter the password for “CIPHER”, “sbr4y3”. Enable system security To enable system security, use the command: ENABLE SYSTEM SECURITY Create an RSA key pair for this switch.

  • Page 31: System Status

    Getting Started with the Graphical User Interface (GUI) 10. Configure an IP interface to run SSL over To configure an IP interface that SSL will be run over, first enable IP using the command: ENABLE IP To make the IP interface, and 172.30.1.105 the interface’s IP address, VLAN1 use the command: ADD IP INTERFACE=vlan1 IP=172.30.1.105...

  • Page 32: Using The Gui: Navigation And Features

    AT-8800 Series Switch User Guide Using the GUI: Navigation and Features The GUI consists of a large number of pages, which you navigate between using the menu on the left of the browser window. This section describes how to use the GUI, and gives an overview of its functionality.
  • Page 33 Getting Started with the Graphical User Interface (GUI) To modify an existing item, select it by clicking on the option button at the beginning of its entry in the selection table. Then click the Modify button. This opens the popup “modify” page, which lets you expand or change the configuration (for example, change the Hello interval for a PIM interface;...
  • Page 34 AT-8800 Series Switch User Guide Figure 9: An example of a popup “modify” page Non-editable field Editable Fields GUI pages allow you to enter values or select options through a range of field types. These include: • text fields, to enter character strings or numbers, especially for fields where there are few limits on the entries (such as names).

  • Page 35: The Management Menu

    Getting Started with the Graphical User Interface (GUI) Apply Button An Apply button applies the configuration settings on the page or the section of the page. The new settings will take effect immediately, but are not automatically saved. To save the settings after clicking Apply, click the Save button above the menu.

  • Page 36: The Diagnostics Menu

    AT-8800 Series Switch User Guide The Diagnostics Menu The GUI’s diagnostics pages enable you to troubleshoot network problems and observe traffic flow, including: • displaying the number of good and bad packets received and transmitted over each switch port •...

  • Page 37: Saving Configuration Entered With The Gui

    Getting Started with the Graphical User Interface (GUI) Saving Configuration Entered with the GUI Configuration changes applied using the GUI can be saved to a configuration script by clicking the Save button at the top of the sidebar menu. A pop-up Save window gives you the option of saving to the current configuration file, another existing file, or a new file.

  • Page 38: Upgrading The Gui

    AT-8800 Series Switch User Guide Upgrading the GUI You can download the latest GUI resource file from the support site at http://www.alliedtelesyn.co.nz. Before you start, ensure that the switch is running the most recent release and patch files. The GUI is not part of the firmware release file, but the most recent resource file will generally only be compatible with the most recent software release.

  • Page 39: Troubleshooting

    Getting Started with the Graphical User Interface (GUI) When the switch has loaded the file into its RAM, it displays the message “File transfer successfully completed”. It then writes the file to FLASH memory, which takes approximately 30 seconds after the message. Once the file has been copied to FLASH, you can enter commands that refer to it.

  • Page 40: Deleting Temporary Files

    AT-8800 Series Switch User Guide Deleting Temporary Files Browsers store local copies of web pages as temporary files. If you upgrade to a new GUI resource file, or if you encounter problems in browsing to the GUI, you may need to delete these files (clear the cache). To clear the cache in Internet Explorer: From the Tools menu, select Internet Options.

  • Page 41: Traffic Flow

    Getting Started with the Graphical User Interface (GUI) Problem The GUI is behaving inconsistently, or you cannot access some pages. ■ Solution Delete your browser’s temporary files (see “Deleting Temporary Files” on page 40) and try again. ■ Check that you are trying to access the GUI from a supported operating system and browser combination.

  • Page 42: Ip Addresses And Dhcp

    AT-8800 Series Switch User Guide IP Addresses and DHCP Problem The switch is enabled as a DHCP server, but cannot assign an IP address to a host. ■ Solution Reboot the host machine. ■ Check the host’s TCP/IP settings, to make sure that the host is set to obtain its IP address dynamically: In Windows 95/98, click Settings >...

  • Page 43: Loading Software

    Getting Started with the Graphical User Interface (GUI) Loading Software Problem You have attempted to load a new release file onto the switch, but the load has failed and you cannot access the switch through the GUI. Solution Access the switch’s CLI (see “Connecting a Terminal or PC” on page 14). If the switch has been switched off or has rebooted since you attempted to load the release file, it will boot up with the default installation.

  • Page 45: This Chapter

    Chapter 4 Operating the switch This Chapter This chapter introduces basic operations on the switch, including: ■ “User Accounts and Privileges” on page 45 ■ “Normal Mode and Security Mode” on page 47 ■ “Remote Management” on page 49 ■ “Storing Files in FLASH Memory”...
  • Page 46 AT-8800 Series Switch User Guide In normal mode, a user with manager privilege can create and delete accounts for users with any of these privilege levels. Users and passwords are managed by the User Authentication Facility. Users and passwords are authenticated...

  • Page 47: Normal Mode And Security Mode

    Operating the switch See the Operations chapter in the AT-8800 Series Switch Software Reference for: ■ More information about managing and using accounts with user, manager and security officer privileges ■ A full list of commands that require security officer privilege when the switch is in secure mode ■...
  • Page 48 48 lists commands that only a security officer can execute when the switch is in security mode. A complete list of commands limited by security mode are listed in the Operation chapter in the AT-8800 Series Switch Software Reference.

  • Page 49: Remote Management

    To return to the local switch and terminate the connection, enter the command: LOGOFF For more information about using Telnet, see the Terminal Server chapter in the AT-8800 Series Switch Software Reference. Storing Files in FLASH Memory When you purchase the switch, the switch software release, the online help files, and a default configuration file are stored in FLASH memory, where they are saved even if the switch is powered down.

  • Page 50: Using Scripts

    For more information about working with files see the Working With Files section, Operation chapter, AT-8800 Series Switch Software Reference. To display the files in FLASH, enter the command: SHOW FILE Figure 10: Example output from the SHOW FILE command.

  • Page 51: Saving The Switch's Configuration

    Manually edit a configuration file using the router’s built in editor (see “Using the Built-in Editor” on page 60), or upload it to a PC using the UPLOAD command (see the Operation chapter, AT-8800 Series Switch Software Reference), edit it using any text editor, and download it again. Give configuration script files an extension of .scp...

  • Page 52: Loading And Uploading Files

    AT-8800 Series Switch User Guide Loading and Uploading Files When you want to upgrade your switch to a new software patch or release, or use a new configuration file, load files onto the switch using the router’s LOADER module. You can also use the LOADER module to upload files, such as configuration files or log files, from the switch onto a host on the network.

  • Page 53: Loading Files

    Lightweight Directory Access Protocol (LDAP) to load PKI certificates or certificate revocation lists (CRLs), see the Operation chapter in the AT-8800 Series Switch Software Reference. The router’s default download method is TFTP. To load a file onto the switch...

  • Page 54: Setting Loader Defaults

    DEFAULT. For more information about setting the LOADER defaults on your switch, see the Operations chapter in the AT-8800 Series Switch Software Reference. Example: Load a Patch File Using HTTP This example loads a patch file onto the switch from an HTTP server on the network.

  • Page 55: Uploading Files From The Switch

    Allied Telesyn routers and layer 3 switches in your network. The TFTP Server, and a readme file describing how to install and use it, are provided on the AT-8800 Series Switch Documentation and Tools CD-ROM. Example: Upload a Configuration File Using TFTP This example uploads a configuration file from the switch to a TFTP server on the network.

  • Page 56: Upgrading Switch Software

    Make sure you download a patch or release file that matches your switch model. A patch or release file for AT-8800 Series Switch has 86 as the first two digits of the filename. Patch files have the file extension and release files .paz...

  • Page 57: Example: Upgrade To A New Software Release Using Tftp

    SHOW INSTALL For more information about INSTALL commands, see the Operations chapter in the AT-8800 Series Switch Software Reference. Example: Upgrade to a New Software Release Using TFTP This example assumes the switch is correctly configured to allow TFTP to function.
  • Page 58 AT-8800 Series Switch User Guide on page 52). To load the release file using your LOADER default settings, enter the command: LOAD FILE=86s-262.rez Wait for the release to load. This can take several minutes, even if you are loading the file over a high speed link. To see the progress of the load, enter...

  • Page 59: Example: Upgrade To A New Patch File

    Operating the switch Example: Upgrade to a new patch file Use this procedure to upgrade the software release currently running on the switch with a new patch. This example assumes that the current release, Software Release 2.6.1, is set as the preferred release. To upgrade to a new patch file: Load the new patch file onto the switch.

  • Page 60: Using The Built-In Editor

    AT-8800 Series Switch User Guide Using the Built-in Editor The AT-8800 Series Switch has a built-in full-screen text editor for editing script files stored on the switch file subsystem. Using the text editor you can run script files manually, or set script files to run automatically at switch restart, or on trigger events.

  • Page 61: For More About Operations And Facilities

    “vlan11”. For more information see the Simple Network Management Protocol (SNMP) chapter and the Interfaces chapter in the AT-8800 Series Switch Software Reference. To display the current state and configuration of the SNMP agent, enter the...
  • Page 62 AT-8800 Series Switch User Guide See other chapters in the AT-8800 Series Switch Software Reference for more information on how to: ■ Use the logging facility to monitor network activity and to select and display the results (see the Logging Facility chapter).

  • Page 63: Chapter 5 Layer 2 Switching

    Chapter 5 Layer 2 Switching This section describes the Layer 2 switching features on the AT-8800 Series Switch, and how to configure them. Switch Ports Each Ethernet switch port is uniquely identified by a port number. The switch supports a number of features at the physical level that allow it to be connected in a variety of physical networks.
  • Page 64 AT-8800 Series Switch User Guide To enable or disable a switch port, use the commands: ENABLE SWITCH PORT={port-list|ALL} DISABLE SWITCH PORT={port-list|ALL} Resetting Ethernet ports at the hardware level discards all frames queued for reception or transmission on the port, and restarts autonegotiation of port speed and duplex mode.
  • Page 65 Layer 2 Switching Table 7: Parameters in the output of the SHOW SWITCH PORT command Parameter Meaning Configured speed/duplex The port speed and duplex mode configured for this port. One of “Autonegotiate” or a combination of a speed (one of “10 Mbps”, “100 Mbps” or “1000 Mbps”) and a duplex mode (one of “half duplex”...

  • Page 66: Autonegotiation Of Port Speed And Duplex Mode

    AT-8800 Series Switch User Guide Autonegotiation of Port Speed and Duplex Mode Each of the switch ports can operate at either 10 Mbps or 100 Mbps, in either full duplex or half duplex mode. In full duplex mode a port can transmit and receive data simultaneously, while in half duplex mode the port can either transmit or receive, but not at the same time.

  • Page 67: Port Trunking

    Layer 2 Switching Table 8: Port speed and duplex settings for Ethernet Ports . AT-8824 AT-8848 Speed 10/100 10MHALF 10MFULL 100MHALF 100MFULL 1000MHALF 1000MFULL 10MHAUTO 10MFAUTO 100MHAUTO 100MFAUTO 1000MHAUTO 1000MFAUTO AUTONEGOTIATE The SHOW SWITCH PORT command displays the port speed and duplex mode settings.
  • Page 68 AT-8800 Series Switch User Guide which the whole trunk group belongs, unless it is first removed from the trunk group. The members of a trunk group can be specified when it is created, and ports can be added to or removed from a trunk group using the commands:...

  • Page 69: Packet Storm Protection

    Layer 2 Switching Packet Storm Protection The packet storm protection feature allows the user to set limits on the reception rate of broadcast, multicast and destination lookup failure packets. The software allows separate limits to be set for each port, beyond which each of the different packet types are discarded.

  • Page 70: Port Mirroring

    AT-8800 Series Switch User Guide the BCLIMIT parameter description for important information about packet rate limiting. The default value for this parameter is NONE. If packet storm protection limits are set on the switch, the PORT parameter must specify complete processing blocks.

  • Page 71: Port Security

    Layer 2 Switching To send packets that match particular criteria to the mirror port, first create a classifier or classifiers using the command: CREATE CLASSIFIER Then create a hardware filter with the ACTION parameter set to SENDMIRROR, using the command: ADD SWITCH HWFILTER CLASSIFIER=classifier-list ACTION=SENDMIRROR By default mirroring is disabled, no mirror port is set, and no source ports are...

  • Page 72: Virtual Local Area Networks (Vlans)

    AT-8800 Series Switch User Guide Table 9: Example output from the SHOW SWITCH PORT INTRUSION command. Switch Port Information ---------------------------------------------------------------------------- Port 2 - 13 intrusion(s) detected 00-00-c0-1d-2c-f8 00-90-27-87-a5-22 00-00-cd-01-00-4a 00-d0-b7-4d-93-c0 08-00-5a-a1-02-3f 00-d0-b7-d5-5f-a9 00-b0-d0-20-d1-01 00-90-99-0a-00-49 00-10-83-05-72-83 00-00-cd-00-45-9e 00-00-c0-ad-a3-d0 00-a0-24-8e-65-3c 00-90-27-32-ad-61 ----------------------------------------------------------------------------...

  • Page 73: Vlan Tagging

    Layer 2 Switching Devices that are members of the same VLAN only exchange data with each other through the switch’s switching capabilities. To exchange data between devices in separate VLANs, the switch’s routing capabilities are used. The switch passes VLAN status information, indicating whether a VLAN is up or down, to the Internet Protocol (IP) module.
  • Page 74 AT-8800 Series Switch User Guide Figure 13: Format of user priority and VLAN data in an Ethernet frame. Destination Source Type/ Address Address Length Frame Data Preamble 32 bits 64 bits 48 bits 48 bits 368-12000 bits User TPID Priority CFI...
  • Page 75 Layer 2 Switching Every frame admitted by the switch has a VID associated with it. If a frame arrives on a tagged port, the associated VID is determined from the VLAN tag the frame had when it arrived. If a frame arrives on an untagged port, it is associated with the VID of the VLAN for which the incoming port is untagged.

  • Page 76: Vlan Membership Of Untagged Packets

    AT-8800 Series Switch User Guide Figure 14: VLANs with tagged ports. Training VLAN VID=3 Port 3 Port 21 Port 22 Port 26 Switch B Switch A Port 25 Port 1 Port 4 Port 2 Port 23 Admin VLAN VID=2 Marketing VLAN VID=4...

  • Page 77: Creating Vlans

    Layer 2 Switching If the network includes VLANs that do not need to share network resources or span several switches, VLAN membership can usefully be based on untagged ports. Otherwise, VLAN membership should be determined by tagging (see “VLAN Tagging” on page 73). Figure 15 on page 77 shows two port-based VLANs with untagged ports belonging to them.
  • Page 78 AT-8800 Series Switch User Guide To add tagged ports to a VLAN, use the command: ADD VLAN={vlan-name|1..4094} PORT={port-list|ALL} FRAME=TAGGED A port can be tagged for any number of VLANs. To add untagged ports to a VLAN, use the command: ADD VLAN={vlan-name|1..4094} PORT={port-list|ALL} [FRAME=UNTAGGED] A port can be untagged for zero or one VLAN.

  • Page 79: Summary Of Vlan Tagging Rules

    Layer 2 Switching Summary of VLAN tagging rules When designing a VLAN and adding ports to VLANs, the following rules apply. Each port, except for the mirror port, must belong to at least one static VLAN. By default, a port is an untagged member of the default VLAN. A port can be untagged for zero or one VLAN.

  • Page 80: Generic Vlan Registration Protocol (Gvrp)

    AT-8800 Series Switch User Guide Generic VLAN Registration Protocol (GVRP) The GARP application GVRP allows switches in a network to dynamically share VLAN membership information, to reduce the need for statically configuring all VLAN membership changes on all switches in a network. See the Generic Attribute Registration Protocol (GARP) chapter in the Rapier Switch Software Reference.

  • Page 81: The Learning Process

    Layer 2 Switching The default settings for the Ingress Rules are to Admit All Frames, and for Ingress Filtering to be OFF. This means that if no VLAN configuration has been done, all incoming frames pass on to the Learning Process, regardless of whether or not they are VLAN tagged.

  • Page 82: The Forwarding Process

    AT-8800 Series Switch User Guide If the frame’s source address is not already in the Forwarding Database for the VLAN, the address is added and an ageing timer for that entry is started. If the frame’s source address is already in the Forwarding Database, the ageing timer for that entry is restarted.

  • Page 83: Layer 2 Filtering

    Layer 2 Switching the switch floods the frame on all ports in the VLAN except the port on which the frame was received. If the destination address is found, the switch discards the frame if the port is not in the STP ‘Forwarding’ state, if the destination address is on the same port as the source address, or if there is a static filter entry for the destination address set to DISCARD (“Layer 2 Filtering”...
  • Page 84 AT-8800 Series Switch User Guide Figure 16: Example output from the SHOW SWITCH FILTER command. Switch Filters --------------------------------------------------------------------------- Entry VLAN Destination Address Port Action Source --------------------------------------------------------------------------- default (1) aa-ab-cd-00-00-01 Forward static default (1) aa-ab-cd-00-00-02 Forward static marketing (2) aa-ab-cd-00-00-01 Discard...

  • Page 85: The Egress Rules

    Layer 2 Switching The Egress Rules Once the Forwarding Process has determined which ports and transmission queues to forward a frame from, the Egress Rules for each port determine whether or not the outgoing frame is VLAN-tagged with its numerical VLAN Identifier (VID).

  • Page 86: Spanning Tree Protocol (Stp)

    AT-8800 Series Switch User Guide To display the mapping of user priority to QOS egress queues, use the command: SHOW SWITCH QOS Figure 17: Example output from the SHOW SWITCH QOS command Priority Level QOS egress queue ------------------------------------- 0 ....1 1 ....

  • Page 87: Spanning Tree And Rapid Spanning Tree Port States

    Layer 2 Switching A spanning tree running in standard mode can take up to one minute to rebuild after a topology or configuration change. The Rapid Spanning Tree algorithm provides for a more rapid recovery of connectivity following the failure of a bridge, bridge port, or a LAN.

  • Page 88: Configuring Stp

    AT-8800 Series Switch User Guide To specify whether the STP will operate in STANDARD mode or RAPID mode, use the command: SET STP={stp-name|ALL} [MODE={STANDARD|RAPID}] [other parameters] The default is STANDARD. If the mode is changed while the algorithm is running then the STP is re-initialised.
  • Page 89 Layer 2 Switching by the Root Bridge. The FORWARDDELAY, MAXAGE and HELLOTIME parameters are interrelated. See the note and formulae below. The default value for FORWARDDELAY is 15 seconds. The HELLOTIME parameter sets the time, in seconds, between the transmission of switch spanning tree configuration information when the switch is the Root Bridge of the spanning tree or is trying to become the Root Bridge.
  • Page 90 AT-8800 Series Switch User Guide Figure 18: Example output from the SHOW STP command. STP Information ------------------------------------------------------------ Name ....grey Mode ....Rapid RSTP Type ..... Normal VLAN members ..vlan4 (4) Status ....ON Number of Ports ..2 Number Enabled ..
  • Page 91 Layer 2 Switching Table 18: Parameters in the output of the SHOW STP command . Parameter Meaning STP Name The name of the Spanning Tree Protocol entity. Mode Whether STP is running in standard, or rapid mode. RSTP Type Whether RSTP is operating normally, or as STP compatible. In STP compatible mode, the rapid transitions to forwarding do not occur.
  • Page 92 AT-8800 Series Switch User Guide Table 18: Parameters in the output of the SHOW STP command (Continued). Parameter Meaning Switch Max Age The value of the Max Age parameter when this switch is the Root or is attempting to become the Root. This parameter is set by the MAXAGE parameter in the SET STP command.
  • Page 93 Layer 2 Switching so that a port operating at 10Mbps has a default pathcost of 100, a port operating at 100 Mbps has a default pathcost of 10, and a port operating at 1 Gbps has a default pathcost of 1. Setting the pathcost to a larger value on a particular port is likely to reduce the traffic over the LAN connected to it.
  • Page 94 AT-8800 Series Switch User Guide Figure 19: Example output from the SHOW STP PORT command. STP Port Information ------------------------------------------------------------ STP ..... grey STP Status .... ON Port ....3 RSTP Port Role ..Disabled State ....Discarding Point To Point ..No (Auto) Port Priority ..
  • Page 95 Layer 2 Switching Table 19: Parameters displayed in the output of the SHOW STP PORT command . Parameter Meaning The name of the STP that the port is a member of. STP Status Whether this STP is enabled or disabled; one of ON or OFF. Port The number of the port.
  • Page 96 AT-8800 Series Switch User Guide Figure 20: Example output from the SHOW STP COUNTER command STP Counters ------------------------------------------------------------ STP Name: default Receive: Transmit: Total STP Packets Total STP Packets 1677 Configuration BPDU Configuration BPDU TCN BPDU TCN BPDU RST BPDU...

  • Page 97: Interfaces To Layer 3 Protocols

    Layer 2 Switching Table 20: Parameters in the output of the SHOW STP COUNTER command Parameter Meaning Config BPDU length The number of Configuration BPDUs that had an incorrect length. TCN BPDU length The number of Topology Change Notification BPDUs that had an incorrect length.
  • Page 98 AT-8800 Series Switch User Guide out all ports. IGMP snooping is independent of the IGMP and Layer 3 configuration, so an IP interface does not have to be attached to the VLAN, and IGMP does not have to be enabled or configured.
  • Page 99 Layer 2 Switching Figure 21: Example output from the SHOW IP IGMP command. IGMP Protocol ---------------------------------------------------------------------------------- Status ......Enabled Default Query Interval ... 125 secs Default Timeout Interval ..270 secs Last Member Query Interval ..10 (1/10secs) Last Member Query Count ..2 Robustness Variable ....

  • Page 100: Triggers

    AT-8800 Series Switch User Guide Triggers The Trigger Facility can be used to automatically run specified command scripts when particular triggers are activated. When a trigger is activated by an event, global parameters and parameters specific to the event are passed to the script that is run.

  • Page 101: Layer 3

    Chapter 6 Layer 3 The AT-8800 Series Switch routes IP and IP multicasting traffic at wire speed between VLANs, and supports a number of other Layer 3 protocols. Once a VLAN has been created (see “Virtual Local Area Networks (VLANs)” on page 72), the VLAN name can be used wherever a logical interface is required in commands for configuring routing protocols.

  • Page 102: Internet Protocol (Ip)

    AT-8800 Series Switch User Guide Internet Protocol (IP) The switch performs IP routing at wire speed between VLANs that have been configured as IP interfaces. For example, to add the admin VLAN as an IP interface, giving it an IP address of 192.168.163.39 in the subnet 192.168.163.0,...

  • Page 103: Routing Information Protocol (Rip)

    Layer 3 Routing Information Protocol (RIP) Routing protocols such as RIPv1 and RIPv2 can be enabled on a VLAN. For example, to enable RIPv2 on the admin VLAN, use the command: ADD IP RIP INTERFACE=vlan11 SEND=RIP2 RECEIVE=BOTH To display information about RIP (Figure 23 on page 103), use the command: SHOW IP RIP Figure 23: Example output from the SHOW IP RIP command.

  • Page 104: Appletalk

    AT-8800 Series Switch User Guide Figure 24: Example output from the SHOW IPX CIRCUIT command. IPX CIRCUIT information Name ......Circuit 1 Status ....... enabled Interface ....vlan11 (802.3) Network number ....c0e7230f Station number ....0000cd000d26 Link state ....up Cost in Novell ticks ..

  • Page 105: Resource Reservation Protocol (Rsvp)

    Layer 3 Figure 25: Example output from the SHOW APPLE PORT command. Appletalk Port Details ------------------------------------ Port Number ....1 Interface ....vlan11 ifIndex ....1 Node ID ....217 Network Number ... 22 Network Range Start ..22 Network Range End ..22 State ....

  • Page 107: Chapter 7 Maintenance And Troubleshooting

    IP protocol (see “Using Trace Route for IP Traffic” on page 117). Information gained from the LEDs on the front panel of the switch is described in the AT-8800 Series Switch Hardware Reference.

  • Page 108: How The Switch Starts Up

    AT-8800 Series Switch User Guide How the Switch Starts Up The sequence of operations that the switch performs when it boots are: Perform startup self tests. Perform the install override option. Load the FLASH boot release as the INSTALL boot.

  • Page 109: How To Avoid Problems

    Maintenance and Troubleshooting Table 22: Switch startup sequence keystrokes. Pressing key... Forces the switch to... Load the FLASH boot release, with no patch, and skip straight to step 6. Start with the default configuration. Any boot script or NVS configuration is ignored. Configure from NVS, ignoring any boot script.

  • Page 110: Configure Firewall

    Allied Telesyn authorised distributor or reseller. Use the Firewall to protect your network from several kinds of unwanted traffic or deliberate attacks (see the Firewall chapter in the AT-8800 Series Switch Software Reference. A special feature licence is required.

  • Page 111: What To Do If You Clear Flash Memory Completely

    Maintenance and Troubleshooting What to Do if You Clear FLASH Memory Completely DO NOT clear the FLASH memory completely. The software release files are stored in FLASH, and clearing it would leave no software to run the switch. If you accidentally do this, you will need to: Boot with default configuration.

  • Page 112: What To Do If The Ppp Link Disconnects Regularly

    AT-8800 Series Switch User Guide What to Do if the PPP Link Disconnects Regularly If the device at the other end of the PPP link is not an ATR router or switch but is supplied by another vendor turn LQR (Link Quality Reporting) off on PPP links (LQR=OFF) and instead use LCP Echo Request and Echo Reply messages to determine link quality (ECHO=ON).

  • Page 113: Resetting Switch Defaults

    SHOW DEBUG ■ Depending on the problem, the support personnel may also ask you for the output from the following commands (see the Monitoring and Fault Diagnosis section in the Operations chapter, AT-8800 Series Switch Software Reference): SHOW EXCEPTION SHOW STARTUP...

  • Page 114: Troubleshooting Ip Configurations

    Note that if Network Address Translation (NAT) is configured on the remote switch, PINGing devices connected to it may give misleading information. For more information about using PING, see the Internet Protocol (IP) chapter in the AT-8800 Series Switch Software Reference. Troubleshooting IP Configurations Telnet Fails If Telnet to switch fails Check that the IP address you used matches the one assigned to the switch.

  • Page 115: Troubleshooting Dhcp Ip Addresses

    Maintenance and Troubleshooting The “IP Packet Forwarding” field in the output should be set to “Enabled”. Refer to the documentation for the host TCP/IP software for more information about configuring a gateway. The host’s TCP/IP software should be configured to use the Head Office switch as its gateway.

  • Page 116: Troubleshooting Ipx Configurations

    OPENED ----------------------------------------------------------------------------- To interpret output from the SHOW PPP command see the Point-to Point (PPP) chapter in the AT-8800 Series Switch Software Reference. Check IPX circuit configuration To check that the IPX circuits are correctly configured on each switch repeat steps 1 through 3 above, or enter the command:...

  • Page 117: Using Trace Route For Ip Traffic

    1 (ppp0) -------------------------------------------------------------------------------- To interpret output from the SHOW IPX SEVICES command see the Novell IPX chapter in the AT-8800 Series Switch Software Reference. Check route tables To check the route tables on both switches, enter the command: SHOW IPX ROUTE Check for the presence of networks on the remote side of the wide area network.
  • Page 118 SHOW TRACE To halt a trace route that is in progress, enter the command: STOP TRACE For more information about trace route, see the Internet Protocol (IP) chapter in the AT-8800 Series Switch Software Reference. Software Release 2.6.1 C613-02039-00 REV A...

Table of Contents