Page 1 Avaya Installation and Configuration Guide P333R-LB VAYA TACKABLE WITCH OFTWARE ERSION April 2003...
Page 3: Table Of Contents
Introduction ......................1 Avaya P330 Family Features ................1 Avaya P330 Network Management ..............2 Avaya P330 Device Manager (Embedded Web) ........ 2 Avaya P330 Command Line Interface (CLI) ........2 Avaya Multi-Service Network Manager™ (MSNM) ......2 Port Mirroring ..................2 SMON .......................
Page 4 Stacking Switches (Optional)................22 Installing the X330STK Stacking Sub-module in the P330 ....22 Connecting Stacking Sub-modules .............22 Installing Expansion Sub-modules ..............25 Installing the Expansion Sub-module into the Avaya P330 ...25 Making Connections to Network Equipment ..........26 Prerequisites ..................26 Port Types ....................26 Chapter 5 Powering Up the Avaya P330.................
Page 5 Establishing Switch Access................35 Establishing a Serial Connection ..............35 Configuring the Terminal Serial Port Parameters ......35 Connecting a Terminal to the Avaya P330 Serial port ....35 P330 Sessions ....................36 Assigning P330’s IP Stack Address ............... 36 Establishing a Telnet Connection ..............
Page 6 MAC Security CLI Commands ............76 LAG ........................78 LAG Overview ..................78 LAG CLI Commands ................78 LAG Implementation in the Avaya P330 Family of Products ..79 Port Redundancy....................80 Port Redundancy Operation ...............80 Intermodule Port Redundancy ............81 Port Redundancy CLI Commands .............81 IP Multicast Filtering ..................
Page 7 Table of Contents Overview ....................83 IP Multicast CLI Commands ............... 84 IP Multicast Implementation in the Avaya P333R-LB ....84 Stack Health ...................... 85 Overview ....................85 Implementation of Stack Health in the P330 Family ....... 85 Stack Health CLI Commands ............. 85 Port Classification ....................
Page 8 Real Server Group Backup ..............122 RSG Backup Configuration Example ........122 Real Server Backup ................125 Real Server Backup Configuration Example .......125 Chapter 14 Load Balancing in the P333R-LB ..............1 Firewall Load Balancing................... 1 Benefits ..................1 How It Works ..................1 Transparent Routing Firewall Load Balancing ........2 Implementation ..................2...
Page 9 Benefits ....................26 How it Works ..................26 Half NAT Load Balancing ..............26 Configuring Server Load Balancing in the P333R-LB ........ 28 Half NAT Based Configuration ............28 Full NAT Load Balancing ..............30 Full NAT Based Configuration ..........32 Direct Server Return (DSR) (Triangulation) Redirection ....
Page 10 Overview ......................59 System Requirements ..................59 Running the Embedded Web Manager ............60 Installing the Java Plug-in................63 Installing from the Avaya P330 Documentation and Utilities CD ....................63 Install from the Avaya Site ............63 Install from your Local Web Site ..........63 Installing the On-Line Help and Java Plug-In on your Web Site ....
Page 11: Safety Information
Changes or modifications to this equipment not expressly approved by Avaya Inc. could void the user’s authority to operate the equipment. Conventions Used in the Documentation...
Page 12: Notes, Cautions And Warnings
You should ensure that you are qualified for this task and have read and understood all the instructions © 2003 Avaya Inc. All rights reserved. All trademarks identified by the ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners.
Page 13: Overview Of The P330
Avaya P333R-LB VAYA 1: O P330 ECTION VERVIEW OF THE...
Page 15: Chapter 1 Avaya P333R-Lb Overview
Expansion Module slot. The optional expansion modules provide additional Ethernet, Fast Ethernet, and Gigabit Ethernet connectivity. An Avaya P330 stack can contain up to 10 switches and up to 3 backup power supply units. The stacked switches are connected using the Avaya X330STK stacking Modules which plug into a slot in the back of the Avaya P330.
Page 16: Avaya P330 Network Management
Netscape® Navigator web browsers and Sun Microsystems Java™ Plug-in. Avaya P330 Command Line Interface (CLI) The Avaya P330 CLI provides a terminal type configuration tool for local or remote configuration of Avaya P330 features and functions. Avaya Multi-Service Network Manager™ (MSNM)
Page 17: Smon
Chapter 1 Avaya P333R-LB Overview SMON The P330 supports Avaya’s ground-breaking SMON Switched Network Monitoring, which the IETF has now adopted as a standard (RFC2613). SMON provides unprecedented top-down monitoring of switched network traffic at the following levels: • Enterprise Monitoring •...
Page 18 Chapter 1 Avaya P333R-LB Overview Avaya P333R-LB User’s Guide...
Page 19: Standards And Compatibility
Chapter 2 Standards and Compatibility Avaya P330 Standards Supported The Avaya P330 complies with the following standards. IEEE • 802.3x Flow Control on all ports • 802.1Q VLAN Tagging support on all ports • 802.1p Priority Tagging compatible on all ports •...
Page 20: Ietf - Network Monitoring
SMON (RFC 2613) support for groups — Data Source Capabilities — Port Copy — VLAN and Priority Statistics • Bridge MIB Groups - RFC 2674 — dot1dbase and dot1dStp fully implemented. — Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent) Avaya P333R-LB User’s Guide...
Page 21: Chapter 3 Specifications
5.3 A – Power Requirements Input voltage -36 to -72 VDC Power dissipation 150 W max Input current 5.1 A max Environmental Operating Temp. -5 to 50°C (23 to 122°F) Relative Humidity 5% to 95% non-condensing Avaya P333R-LB User’s Guide...
Page 22: Safety
Approved according to: • US - FCC Part 15 Subpart B, Class A • EU - EN55022 Class A • EU - EN61000-3-2 • Japan - VCCI-A Immunity Approved according to: • EN55024 • EU - EN61000-3-3 Avaya P333R-LB User’s Guide...
Page 23: Other
Expansion Modules Gigabit Ethernet Expansion Modules Table A.2 Gigabit Ethernet Expansion Modules Number of Name Interface Ports X330S2 1000Base-SX X330L2 1000Base-LX X330S1 1000Base-SX X330L1 1000Base-LX Laser Safety The Avaya X330S1/S2 multi-mode transceivers and the Avaya X330L1/X330L2 Avaya P333R-LB User’s Guide...
Page 24: Laser Classification
Transmit power: Min. -9 dbm, Max. -4 dbm Receive power: Min. -17 dbm, Max. 0 dbm Avaya P330L1/2 Expansion Modules Wavelength: 1300 nm Output power dissipation: Max. 0.68W Transmit power (9 µm SMF): Min. -9.5 dbm, Max. -3 dbm Avaya P333R-LB User’s Guide...
Page 25: Fast Ethernet Fiber Expansion Module
Fast Ethernet Fiber Expansion Module Table A.3 Fiber Fast Ethernet Expansion Module Number of Name Interface Ports X330F2 100Base-FX Ethernet/Fast Ethernet Expansion Module Table A.4 Ethernet/Fast Ethernet Expansion Module Number of Name Interface Ports X330T16 10/100Base-T Avaya P333R-LB User’s Guide...
Page 26: Gbic Expansion Module
The Avaya X330G2 Expansion Module is the GBIC (1.25 Gbit/s Gigabit Ethernet) Expansion Module for the Avaya P330 family of stackable switches. Note: In order to use this module the Avaya P330 switch must must have Embedded S/W Version 2.2 or higher.
Page 27: Avaya Approved Gbic Transceivers
Chapter 3 Avaya Approved GBIC Transceivers Caution: All Avaya approved GBICs are 5V. Do not insert a 3.3V GBIC. Avaya supplies the following two GBIC transceivers for the Avaya P330 X330G2 Expansion Modules. You can order these directly from your local Avaya...
Page 28: Agency Approval
500m, Multimode fiber, can also be OC-3 reduced range • X330-OC12S1: 15 km, Single-mode fiber, can also be OC-3 The ATM Modules can be installed in the following Avaya P330 Family switches: • Avaya P333T Hardware Version C/S 1.3 and higher, with Embedded S/W 2.4 and higher.
Page 29: Safety Information
WAN Expansion Modules Avaya X330WAN is a series of WAN Edge Router expansion modules for the P330 Stackable Switching System . X330WAN enables you to connect your Avaya P330 switch to a WAN. X330WAN is part of Avaya’s Converged Networks Solution that includes IP telephones, data switches and IP exchanges.
Page 30 The X330W-2USP contains 2 USP (Universal Serial Ports), one 10/100Base-T Fast Ethernet port and one Console port. An Avaya P330 stack can have X330WAN access router modules inserted in each of the switches in the stack with an expansion slot. A maximum stack configuration of 10 P334T switches using the X330WAN provides 490 Fast Ethernet 10/100 ports, and 20 E1/T1 or USP ports.
Page 31: Installing The P330
Avaya P333R-LB VAYA 2: I P330 ECTION NSTALLING THE...
Page 33: Chapter 4 Installation
Philips (cross-blade) screwdriver Site Preparation Avaya P330 can be mounted alone or in a stack in a standard 19-inch equipment rack in a wiring closet or equipment room. Up to 10 units can be stacked in this way. When deciding where to position the unit, ensure that: •...
Page 34 Chapter 4 Installation Power dissipation 150 W max Input current 5.3 A – Table 4.3 Power Requirements Input voltage -36 to -72 VDC Power dissipation 150 W max Input current 5.1 A max Avaya P333R-LB User’s Guide...
Page 35: Rack Mounting (Optional)
Chapter 4 Installation Rack Mounting (Optional) The Avaya P330 case fits in most standard 19-inch racks. Avaya P330 is 2U (88mm, 3.5”) high. Place the Avaya P330 in the rack as follows: Snap open the hinged ends of the front panel to reveal the fixing holes.
Page 36: Stacking Switches (Optional)
Gently tighten the two screws on the side panel of the stacking sub-module by turning them. Note: The Avaya P330 switch must not be operated with the back-slot open; the stacking sub-module should be covered with the supplied blanking plate if necessary.
Page 37 Octaplane cable and one black redundancy cable. Figure 4.2 shows an incorrect connection. Note: You can build a stack of up to 10 Avaya P330 switches. If you do not wish to stack all the switches in a single rack, use long Octaplane cables to connect two physical stacks as shown in Figure 4.3.
Page 38 Upper Unit Power Supply Power Supply Connector Connector BUPS BUPS Connector Connector X330RC Cable to Cable to Cable to Cable to Lower Unit Upper Unit Lower Unit Upper Unit Power Supply Power Supply Connector Connector X330LC Avaya P333R-LB User’s Guide...
Page 39: Installing Expansion Sub-Modules
Gently tighten the two screws on the front panel of the expansion sub-module by turning them. Note: The Avaya P330 switch must not be operated with the expansion slot open; the expansion sub-module slot should be covered with the supplied blanking plate if necessary.
Page 40: Making Connections To Network Equipment
(see below). Appropriate cables are available from your local supplier. Port Types Avaya P330 supports the following types of ports (according to the speed and standard they support): • LAN — 10/100Base-T, 100Base-FX, 1000Base-T 1000Base-SX and 1000Base-LX •...
Page 41 Chapter 4 Installation Table 4.4 Gigabit Ethernet Cabling Modal Maximum Minimum Gigabit Fiber Diameter Wavelength Bandwidth Distance Distance Interface Type (µm) (nm) (MhzKm) 1000BASE-SX 62.5 1000BASE-SX 62.5 1000BASE-SX 1000BASE-SX 1000BASE-LX 62.5 1310 1000BASE-LX 1310 1000BASE-LX 10,000 1310 Avaya P333R-LB User’s Guide...
Page 42 Chapter 4 Installation Avaya P333R-LB User’s Guide...
Page 43: Powering Up The Avaya P330
Powering On – Avaya P330 Module AC For the AC input version of the Avaya P330, insert the AC power cord into the power inlet in the back of the unit. The unit powers up. If you are using a BUPS, insert a power cord from the BUPS into the BUPS connector in the back of the unit.
Page 44: Post-Installation
Chapter 5 Powering Up the Avaya P330 Post-Installation The following indicate that you have performed the installation procedure correctly: Table 5.1 Post-Installation Indications Troubleshooting Procedure Indication Information Powering the P330 All front panel LEDs illuminate Page 67 briefly Creating Stacks...
Page 45: Chapter 6 Avaya P333R-Lb Front And Back Panels
LED is illuminated. Figure 6.1 shows the Avaya front panel. shows a detailed view of the LEDs (described in Table 6.1), pushbuttons, the Expansion Module slot, and the RJ-45 console connector at the bottom right.
Page 46 Chapter 6 Avaya P333R-LB Front and Back Panels Note: All LEDs are lit during a reset. Table 6.1 Avaya LED Descriptions LED Name Description LED Status OFF – power is off Power status ON – power is on Blink – using BUPS only OFF –...
Page 47 Chapter 6 Avaya P333R-LB Front and Back Panels Table 6.1 Avaya LED Descriptions LED Name Description LED Status OFF – No Flow Control ON – Symmetric/Asymmetric Flow Control Flow Control mode is enabled and port is in full duplex mode.
Page 48: Bups Input Connector
Avaya P333R-LB Front and Back Panels BUPS Input Connector The BUPS input connector is a 5 VDC connector for use with the Avaya P330 BUPS unit only. A BUPS Input sticker appears directly to the right the BUPS input connector.
Page 49: Chapter 7 Establishing Switch Access
Establishing a Serial Connection This section describes the procedure for establishing switch access between a terminal and the Avaya P330 switch over the serial port provided on the front panel of the P330 (RJ-45 connector labeled "Console"). Configuring the Terminal Serial Port Parameters The serial port settings for using a terminal or terminal emulator are as follows: •...
Page 50: P330 Sessions
Establish a serial connection by connecting a terminal to the Master P330 switch of the stack. When prompted for a Login Name, enter the default name root When you are prompted for a password, enter the password root. You are now in Supervisor Level. Avaya P333R-LB User’s Guide...
Page 51: Establishing A Telnet Connection
Connect your station to the network. Verify that you can communicate with the Avaya P330 using Ping to the IP of the Avaya P330. If there is no response using Ping, check the IP address and default gateway of both the Avaya P330 and the station.
Page 52: Establishing A Modem (Ppp) Connection With The P330
Supervisor Level. At the prompt, type: set interface ppp <ip_addr><net-mask> with an IP address and netmask to be used by the Avaya P330 to connect via its PPP interface. Note: The PPP interface configured with the set interface ppp command must be on a different subnet from the stack inband interface.
Page 53: Chapter 8 User Authentication
CLI Architecture The P330 stack supports both Layer 2 switching and Layer 3 switching. The P333R-LB CLI includes two CLI entities to support this functionality. • The Switch CLI entity is used to manage Layer 2 switching of the entire stack.
Page 54: Entering The Supervisor Level
Define new users and access levels using the following command in Supervisor Level. In order to... Use the following command... Add a local user account and username configure a user (name, password and access level) To remove a local user account no username Avaya P333R-LB User’s Guide...
Page 55: Exiting The Supervisor Level
Introduction to RADIUS User accounts are typically maintained locally on the switch. Therefore, if a site contains multiple Avaya Switches, it is necessary to configure each switch with its own user accounts. Additionally, if for example a 'read-write' user has to be changed into a 'read-only' user, you must change all the 'read-write' passwords configured locally in every switch, in order to prevent him from accessing this level.
Page 56 The shared secret is stored as clear text in the client’s file on the RADIUS server, and in the non-volatile memory of the P330. In addition, user passwords are sent between the client and server are encrypted for increased security. Avaya P333R-LB User’s Guide...
Page 57: Radius Commands
Authentication request sent to RADIUS Server User name and password authenticated? Authentication Reject Perform log-in according sent to switch to user's priviliege level User cannot access switch to switch embedded managegment Radius Commands Avaya P333R-LB User’s Guide...
Page 58 RADIUS authentication server Display all RADIUS authentication show radius authentication configurations. The shared secrets will not be displayed For a complete description of the RADIUS CLI commands, including syntax and output examples, refer to Avaya P330: Reference Guide. Avaya P333R-LB User’s Guide...
Page 59: Allowed Managers
Show whether the status of allowed show allowed managers status managers is enabled or disabled Show the IP addresses of the show secure current managers that are currently connected Avaya P333R-LB User’s Guide...
Page 60 Chapter 8 User Authentication Avaya P333R-LB User’s Guide...
Page 61: Configuration Of The P330
Avaya P333R-LB VAYA 3: C P330 ECTION ONFIGURATION OF THE...
Page 63: Chapter 9 Basic Switch Configuration
CLI session automatically logs out Display the number of minutes show logout before an inactive CLI session automatically times out Access Layer 3 configuration if not configure logged in as supervisor (see “User Authentication“ chapter) Avaya P333R-LB User’s Guide...
Page 64: System Parameter Configuration
Configure the basic mode of set device-mode operation of a module to either Layer 2 or Router Display the mode of operation show device-mode Display system parameters show system Display module information for all show module modules within the stack Avaya P333R-LB User’s Guide...
Page 65: Network Time Acquiring Protocols Parameter Configuration
IP address Display the current time show time Display the time status and show time parameters parameters Display the current time zone offset show timezone Get the time from the time server get time Avaya P333R-LB User’s Guide...
Page 66 Chapter 9 Basic Switch Configuration Avaya P333R-LB User’s Guide...
Page 67: Chapter 10 Default Settings Of The P330
Device Manager User’s Guide on the Documentation and Utilities CD. Avaya P330 Default Settings The default settings for the Avaya P330 switch and its ports are determined by the Avaya P330 software. These default settings are subject to change in newer versions of the Avaya P330 software.
Page 68 Off (No pause) advertisement Backpressure On (only in Half duplex) Not Applicable Not Applicable Autopartitioning Disabled (only in Half duplex) Auto-negotiation Enable Not Applicable Enable Administration status Enable Enable Enable Port VLAN Tagging mode Clear Clear Clear Avaya P333R-LB User’s Guide...
Page 69 Default Port Settings Function Default Setting Port priority Spanning Tree cost Spanning Tree port priority Ensure that the other side is also set to Autonegotiation Enabled Note: Functions operate in their default settings unless configured otherwise. Avaya P333R-LB User’s Guide...
Page 70 Chapter 10 Default Settings of the P330 Avaya P333R-LB User’s Guide...
Page 71: Chapter 11 Avaya P330 Layer 2 Features
Chapter 11 Avaya P330 Layer 2 Features This section describes the Avaya P330 Layer 2 features. It provides the basic procedures for configuring the P330 for Layer 2 operation. Overview The P330 family supports a range of Layer 2 features. Each feature has CLI commands associated with it.
Page 72: Fast Ethernet
Chapter 11 Avaya P330 Layer 2 Features Fast Ethernet Fast Ethernet is a newer version of Ethernet, supporting data transfer rates of 100 Mbps. Fast Ethernet is sufficiently similar to Ethernet to support the use of most existing Ethernet applications and network management tools. Fast Ethernet is also known as 100BASE-T (over copper) or 100BASE-FX (over fiber).
Page 73: Flow Control
Priority determines in which order packets are sent on the network and is a key part of QoS (Quality of Service). The IEEE standard for priority on Ethernet networks is 802.1p. Avaya P330 switches supports two internal priority queues – the High Priority queue and the Normal Priority queue. •...
Page 74: Cam Table
Chapter 11 Avaya P330 Layer 2 Features • MM-MM-MM-SS-SS-SS The first half of a MAC address contains the ID number of the device manufacturer. These IDs are regulated by an Internet standards body. The second half of a MAC address represents the serial number assigned to the device by the manufacturer.
Page 75: Ethernet Implementation In The Avaya P333R-Lb
Clear all the CAM entries. clear cam Display the autopartition settings show autopartition Ethernet Implementation in the Avaya P333R-LB This section describes the implementation of the Ethernet feature in the Avaya P333R-LB: • Speed — 10/100 and 1G ports •...
Page 76: Vlan Configuration
Chapter 11 Avaya P330 Layer 2 Features VLAN Configuration VLAN Overview A VLAN is made up of a group of devices on one or more LANs that are configured so that they operate as if they form an independent LAN, when in fact they may be located on a number of different LAN segments.
Page 77: Vlan Tagging
Chapter 11 Avaya P330 Layer 2 Features Marketing (Mktg). Each VLAN has several physical ports assigned to it with PC’s connected to those ports. When traffic flows from a PC on the Sales VLAN for example, that traffic is only forwarded out the other ports assigned to that VLAN.
Page 78: Ingress Vlan Security
Chapter 11 Avaya P330 Layer 2 Features three available Port Multi-VLAN binding modes are: • Bind to All - the port is programmed to support the entire 3K VLANs range. Traffic from any VLAN is forwarded through a port defined as “Bind to All”.
Page 79 Chapter 11 Avaya P330 Layer 2 Features The following table contains a list of the CLI commands for the VLAN feature. The rules of syntax and output examples are all set out in detail in the Reference Guide. Table 11.2 VLAN CLI Commands In order to...
Page 80: Vlan Implementation In The Avaya P333R-Lb
Chapter 11 Avaya P330 Layer 2 Features VLAN Implementation in the Avaya P333R-LB This section describes the implementation of the VLAN feature in the Avaya P333R- • No. of VLANs — 1024 tagged VLANs ranging from 1 to 3071 Avaya P333R-LB User’s Guide...
Page 81: Port Based Network Access Control (Pbnac)
Chapter 11 Avaya P330 Layer 2 Features Port Based Network Access Control (PBNAC) Port Based Network Access Control (IEEE 802.1X) is a method for performing authentication to obtain access to IEEE 802 LANs. The protocol defines an interaction between 3 entitites: •...
Page 82: Configuring The P330 For Pbnac
Chapter 11 Avaya P330 Layer 2 Features Note: If either PBNAC or STP/RSTP are in a blocking state, the final state of the port will be blocked. • When PBNAC is activated, the application immediately places all ports in a blocking state unless they were declared "Force Authenticate".
Page 83 Chapter 11 Avaya P330 Layer 2 Features PBNAC CLI Commands In order to... Use the following command... Configure dot1x on a system set dot1x Disable dot1x on all ports and clear dot1x config return to default values Display the system dot1x...
Page 84 Chapter 11 Avaya P330 Layer 2 Features In order to... Use the following command... Globally enable/disable 802.1x set dot1x system-auth-control enable/disable Set dot1x control parameter per set port dot1x port-control port Initialize port dot1x set port dot1x initialize Set the port to re-authenticate...
Page 85: Spanning Tree Protocol
Spanning Tree Protocol Overview Avaya P330 devices support both common Spanning Tree protocol (802.1d) and the enhanced Rapid Spanning Tree protocol (802.1w). The 802.1w is a faster and more sophisticated version of the 802.1d (STP) standard. Spanning Tree makes it possible to recover connectivity after an outage within a minute or so.
Page 86: Rapid Spanning Tree Protocol (Rstp)
Chapter 11 Avaya P330 Layer 2 Features Rapid Spanning Tree Protocol (RSTP) About the 802.1w Standard The enhanced feature set of the 802.1w standard includes: • Bridge Protocol Data Unit (BPDU) type 2 • New port roles: Alternate port, Backup port •...
Page 87: Spanning Tree Implementation In The P330 Family
Chapter 11 Avaya P330 Layer 2 Features Note: You must manually configure uplink and backbone ports (including LAG logical ports) to be "non-edge" ports, using the CLI command set port edge admin state. • Point-to-point Link ports — This port type applies only to ports interconnecting RSTP compliant switches and is used to define whether the devices are interconnected using shared Ethernet segment or pont-to-point Ethernet link.
Page 88: Spanning Tree Protocol Cli Commands
Chapter 11 Avaya P330 Layer 2 Features • The 802.1w standard defines differently the default path cost for a port compared to STP (802.1d). In order to avoid network topology change when migrating to RSTP, the STP path cost is preserved when changing the spanning tree version to RSTP.
Page 89 Chapter 11 Avaya P330 Layer 2 Features Table 11.3 Spanning Tree Protocol CLI Commandss In order to... Use the following command... Set the port as an RSTP port (and not set port spantree force-protocol- as a common STA port) migration Display a port’s edge admin and...
Page 90: Mac Security
Chapter 11 Avaya P330 Layer 2 Features MAC Security The MAC security function is intended to filter incoming frames (from the line) with an unauthorized source MAC address (SA). MAC Security Implementation in P330 When a frame is received on a secured port, its SA is checked against the MAC Address Table.
Page 91 Chapter 11 Avaya P330 Layer 2 Features In order to... Use the following command... Enable or disable MAC security on set port security a port Add a unicast MAC address into set secure mac the CAM table of a secured port...
Page 92: Lag
A LAG uses multiple ports to create a high bandwidth connection with another device. For example: Assigning four 100BASE-T ports to a LAG on an Avaya P330 allows the switch to communicate at an effective rate of 400 Mbps with another switch.
Page 93: Lag Implementation In The Avaya P330 Family Of Products
Chapter 11 Avaya P330 Layer 2 Features LAG Implementation in the Avaya P330 Family of Products This section describes the implementation of the LAG feature in the P330 Family of products. The P333R-LB supports up to 5 LAGs: • Up to three LAGs from three groups of 8 10/100 Mbps ports: —...
Page 94: Port Redundancy
Chapter 11 Avaya P330 Layer 2 Features Port Redundancy Port redundancy involves the duplication of devices, services, or connections, so that, in the event of a failure, the redundant device, service, or connection can take over for the one that failed.
Page 95 Chapter 11 Avaya P330 Layer 2 Features — “switchback-interval” — the minimum time (in seconds) that the primary port link has to be up (following failure) before the system switches back to the primary port. The “none” parameter, if configured, prevents switching back to the primary.
Page 96: Port Redundancy Operation
Chapter 11 Avaya P330 Layer 2 Features In order to... Use the following command... Disable the defined port set port redundancy disable redundancy schemes Define the timers that control the set port redundancy-interval port redundancy operation Display information on port show port redundancy redundancy schemes.
Page 97: Ip Multicast Filtering
This is typically based on IGMP snooping. The Avaya P330 supports multicast filtering. The P330 learns which switch ports need to receive which multicast packets and configures the necessary information into the switch's hardware tables.
Page 98: Ip Multicast Cli Commands
IP hardware-support multicast filtering IP Multicast Implementation in the Avaya P333R-LB This section describes the implementation of the IP multicast feature in the Avaya P333R-LB: • No. of multicast groups — 1000 Avaya P333R-LB User’s Guide...
Page 99: Stack Health
Chapter 11 Avaya P330 Layer 2 Features Stack Health The P330 software provides a Stack Helath feature for verifying the integrity of the P330 stack cascading module and cables. Overview The Stack Health feature will identify defective modules and cables that may be installed in the P330 stack.
Page 100: Port Classification
Chapter 11 Avaya P330 Layer 2 Features Port Classification Overview With the P330, you can classify any port as regular or valuable. Setting a port to valuable means that, in case of Ethernet link failure of that port, a link fault trap can be sent even when the port is disabled and a fast aging operation on the CAM table will be performed.
Page 101: Stack Redundancy
Chapter 11 Avaya P330 Layer 2 Features Stack Redundancy In the unlikely event that a P330 switch or Octaplane link should fail, stack integrity is maintained if the redundant cable is connected to the stack. The broken link is bypassed and data transmission continues uninterrupted. The single management IP address for the stack is also preserved for uninterrupted management and monitoring.
Page 102 Chapter 11 Avaya P330 Layer 2 Features Avaya P333R-LB User’s Guide...
Page 103: Chapter 12 Avaya P330 Layer 3 Features
Chapter 12 Avaya P330 Layer 3 Features Introduction This section describes the Avaya P330 Layer 3 features. It provides the basic procedures for configuring the P330 for Layer 3 operation. What is Routing? Routing enables transfer of a data packet from source to destination using a device called a router.
Page 104 Chapter 12 Avaya P330 Layer 3 Features Figure 12.1 Routing The relation between the destination host’s protocol address and its physical address is obtained by the routers using the ARP request/reply mechanism, and the information is stored within the ARP table in the router (see “The ARP Table“ on page 111).
Page 105: Routing Configuration
Chapter 12 Avaya P330 Layer 3 Features Routing Configuration Forwarding The P330 forwards IP packets between IP networks. When it receives an IP packet through one of its interfaces, it forwards the packet through one of its interfaces. The P330 supports multinetting, enabling it to forward packets between IP subnets on the same VLAN as well as between different VLANs.
Page 106: Ip Configuration
Chapter 12 Avaya P330 Layer 3 Features IP Configuration IP Configuration CLI Commands In order to... Use the following command... Enable IP routing ip routing Set ICMP error messages ip icmp-errors Specify the format of netmasks in ip netmask-format the show command output...
Page 107: Assigning Initial Router Parameters
Chapter 12 Avaya P330 Layer 3 Features In order to... Use the following command... Use this command before enable vlan commands configuring VLAN-oriented parameters, when there is more than one interface on the same VLAN Display information about the IP...
Page 108 Chapter 12 Avaya P330 Layer 3 Features Note: If the IP interface is on VLAN #1, continue with step 7. Create the management/routing VLAN. Use the command set vlan <Vlan-id> name <Vlan-name> replacing <Vlan-id> by the VLAN number, and <Vlan-name> by the VLAN name. Press Enter.
Page 109: Rip (Routing Interchange Protocol) Configuration
Chapter 12 Avaya P330 Layer 3 Features RIP (Routing Interchange Protocol) Configuration RIP Overview RIP is a “distance vector protocol”— that is, the router decides which path to use on distance (the number of intermediate hops). In order for this protocol to work correctly, all of the routers (and possibly the nodes) need to gather information on how to reach each destination in the Internet.
Page 110: Rip2
Chapter 12 Avaya P330 Layer 3 Features RIP2 RIP2 overcomes some of the shortcomings of RIP. The table below summarizes the differences between RIP and RIP2. Table 12.1 DIfferences Between RIP and RIP2 RIP2 Multicast addressing Broadcast Addressing Event-driven Timer-based (update every 30...
Page 111 Chapter 12 Avaya P330 Layer 3 Features In order to... Use the following command... Specify the type of authentication ip rip authentication mode used in RIP Version 2 packets Set the authentication string used ip rip authentication key on the interface...
Page 112: Ospf (Open Shortest Path First) Configuration
Chapter 12 Avaya P330 Layer 3 Features OSPF (Open Shortest Path First) Configuration OSPF Overview OSPF is a routing protocol developed for IP networks based on the shortest path first or link-state algorithm. It was introduced to overcome the limitations of RIP in increasingly complex network designs.
Page 113: Ospf Cli Commands
Chapter 12 Avaya P330 Layer 3 Features OSPF CLI Commands In order to... Use the following command... Enable OSPF protocol router ospf Configure the area ID of the router area Configure router identity ip ospf router-id Configure a passive ospf interface...
Page 114: Static Routing Configuration
Chapter 12 Avaya P330 Layer 3 Features Static Routing Configuration Static Routing Overview When dynamic routing protocols (RIP or OSPF) are not appropriate, you can manually configure static routes to indicate the next hop on the path to the final packet destination.
Page 115: Route Preferences
Chapter 12 Avaya P330 Layer 3 Features In order to... Use the following command... Define a default gateway (router) ip default-gateway Remove the default gateway no ip default-gateway (router) Delete all the dynamic routing clear ip route entries from the Routing Table...
Page 116: Route Redistribution
Chapter 12 Avaya P330 Layer 3 Features Route Redistribution Route redistribution is the interaction of multiple routing protocols. OSPF and RIP can be operated concurrently in the P330. In this case, the P330 can be configured to redistribute routes learned from one protocol into the domain of the other routing protocol.
Page 117: Arp (Address Resolution Protocol) Table Configuration
Chapter 12 Avaya P330 Layer 3 Features ARP (Address Resolution Protocol) Table Configuration ARP Overview IP logical network addresses are independent of physical addresses. Since the physical address must be used to convey data in the form of a frame from one device to another, a mechanism is required to acquire a destination device hardware address from its IP address.
Page 118: The Arp Table
Chapter 12 Avaya P330 Layer 3 Features The ARP Table The ARP table is used to store recently used pairs of IP/MAC addresses. This saves time and communication costs, since the host looks in the ARP cache first when transmitting a packet. If the information is not there, then the host sends an ARP Request (see Figure 12.2).
Page 119: Bootp/Dhcp (Dynamic Host Configuration Protocol) Relay Configuration
Chapter 12 Avaya P330 Layer 3 Features BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay Configuration BOOTP/DHCP Overview BOOTP Short for Bootstrap Protocol, BootP is an Internet protocol that enables a diskless workstation to discover its own IP address, the IP address of a BOOTP server on the network, and a file to be loaded into memory to boot the machine.
Page 120: Bootp/Dhcp Cli Commands
Chapter 12 Avaya P330 Layer 3 Features The DHCP/BOOTP server uses the relayed network information to decide from which subnet the address should be allocated. Therefore, the DHCP/BOOTP server must be configured to allocate addresses from the relayed networks configured on the P330.
Page 121: Netbios Re-Broadcast Configuration
(LANs). Almost all LANs for PCs are based on the NetBIOS. Some LAN manufacturers have even extended it, adding additional network capabilities. The Avaya P330 can be configured to relay netbios UDP broadcast packets. This feature is used for applications such as WINS that use broadcast but may need to communicate with stations on other subnets or VLANs.
Page 122: Policy Configuration
The P330 supports QoS (Quality of Service) by using multiple priority levels and IEEE 802.1p priority tagging to ensure that data and voice receive the necessary levels of service. The Avaya P330 can enforce QoS policy on routed packets and change their 802.1p priority, according to the following criteria: •...
Page 123: Enforcement
Default List Behavior P333R-LB has a default list which is always active. The default list has one implicit rule permitting all traffic to be forwarded. The DSCP table of the default list is activated together with the default list, and includes the default DSCP-CoS mappings.
Page 124 Chapter 12 Avaya P330 Layer 3 Features In order to... Use the following command... Create a specific policy rule ip access-list Delete a specific policy rule no ip access-list Check the policy for a simulated ip simulate packet Set the list cookie for a specific...
Page 125: Policy Configuration Example
Chapter 12 Avaya P330 Layer 3 Features Policy Configuration Example Figure 12.3 Avaya P330 Policy Policy Configuration Example The following shows configuration of Access List 100: Assigning priority 6 to all TCP traffic originating in network 149.49.0.0 – rule 1: P330-1(super)# ip access-list 100 1 fwd6 tcp 149.49.0.0...
Page 126: Ip Fragmentation And Reassembly
Chapter 12 Avaya P330 Layer 3 Features IP Fragmentation and Reassembly IP Fragmentation and Reassembly Overview The P330 supports IP Fragmentation and Reassembly. This feature allows the router to send and receive large IP packets where the underlying data link protocol constrains MTU (maximum transport unit).
Page 127: Layer 3 Configuration File
Chapter 12 Avaya P330 Layer 3 Features Layer 3 Configuration File The Configuration File feature allows the user to read the routing configuration parameters and save them to a file on the station. The routing configuration commands in the file are in CLI format. The user can edit the file (if required) and re-configure the router module by downloading the configuration file.
Page 128 Chapter 12 Avaya P330 Layer 3 Features Avaya P333R-LB User’s Guide...
Page 129: Chapter 13 Layer 3 Redundancy
In VRRP, two or more physical routers can be associated with a virtual router, thus achieving the extreme reliability inherent in the P333R-LB SAFER architecture. In a VRRP environment, host stations interact with the virtual router. They are not aware that this router is a virtual router, and they are not affected when a new router takes over the role of master router.
Page 130: Vrrp Commands
The VIP will be configured as the Associated IP of the VRRP. Note: When two P333R-LBs are connected in a VRRP pair with Full NAT configured on both, you need to configure different PIP address ranges for each P333R-LB. VRRP Commands The following table displays the VRRP Commands: Figure 13.1 VRRP Commands...
Page 131 Set the primary address used as the ip vrrp primary source address of VRRP packets for the virtual router ID Accept packets addressed to the IP ip vrrp override addr owner address(es) associated with the virtual router Avaya P333R-LB User’s Guide...
Page 132: Configuration Example
"Default" ip address 10.1.1.10 255.255.255.0 enable vlan commands ip vrrp 1 ip vrrp 1 address 10.1.1.10 ip vrrp 1 address 193.170.1.1 ip vrrp 2 ip vrrp 2 priority 254 ip vrrp 2 address 193.170.1.3 Avaya P333R-LB User’s Guide...
Page 133 1 vip 193.170.1.3 virtual-slb-service "www-service" id 1 application tcp 80 rsg "server-group" -------------- P333R-LB2 -------------- hostname "BACKUP" router vrrp interface "1" ip vlan name "Default" ip address 193.170.1.2 255.255.255.0 interface "2" ip vlan name "Default" Avaya P333R-LB User’s Guide...
Page 134 193.170.1.4 1 low real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-slb-server 10.1.1.3 rsg "server-group" type-id slb 1 real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-slb-server 10.1.1.3 virtual-server "web-farm" id 1 vip 193.170.1.3 virtual-slb-service "www-service" id 1 application tcp 80 rsg "server-group" Avaya P333R-LB User’s Guide...
Page 135: Srrp
SRRP P333R-LB SRRP redundancy capabilities provide automatic backup Layer 3 switching for IP stations. P333R-LB units can be configured to back each other up so that if one fails the other will take over its forwarding functions. The backup P333R- LB is not idle.
Page 136: Additional Redundancy Schemes
Chapter 13 Layer 3 Redundancy Additional Redundancy Schemes Besides VRRP and SRRP, the P333R-LB implements two additional redundancy schemes: • Real Server Group Backup. • Real Server Backup. Real Server Group Backup You can configure a Real Server Group (RSG) to serve as a backup for a primary RSG implementing a Virtual Service.
Page 137 10.5.1.2 255.255.255.0 interface "1" ip vlan name "Default" ip address 193.170.1.1 255.255.255.0 ip default-gateway 193.170.1.2 1 low real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-slb-server 10.1.1.3 real-slb-server 10.5.1.3 real-slb-server 10.5.1.4 real-slb-server 10.5.1.5 rsg "backup-group" type-id slb 1 Avaya P333R-LB User’s Guide...
Page 138 10.5.1.3 real-slb-server 10.5.1.4 real-slb-server 10.5.1.5 rsg "server-group" type-id slb 2 real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-slb-server 10.1.1.3 rsg "server-group" backup 1 virtual-server "web-farm" id 1 vip 193.170.1.3 virtual-slb-service "www-service" id 1 application tcp 80 rsg "server-group" Avaya P333R-LB User’s Guide...
Page 139: Real Server Backup
Figure 13.5 Real Server Backup Configuration Example Backup Real Server Real Server 1 10.5.1.3 10.1.1.1 Server Server 10.5.1.2 Real Server 2 10.1.1.2 Server 193.170.1.2 193.170.1.1 10.1.1.10 Edge Router P333R-LB Real Server 3 VIP=193.170.1.3 10.1.1.3 Server server-group Avaya P333R-LB User’s Guide...
Page 140 "Default" ip address 193.170.1.1 255.255.255.0 ip default-gateway 193.170.1.2 1 low real-slb-server 10.5.1.3 real-slb-server 10.1.1.1 backup 10.5.1.3 real-slb-server 10.1.1.2 backup 10.5.1.3 real-slb-server 10.1.1.3 backup 10.5.1.3 rsg "server-group" type-id slb 1 real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 Avaya P333R-LB User’s Guide...
Page 141 Chapter 13 Layer 3 Redundancy real-slb-server 10.1.1.3 virtual-server "web-farm" id 1 vip 193.170.1.3 virtual-slb-service "www-service" id 1 application tcp 80 rsg "server-group" Avaya P333R-LB User’s Guide...
Page 142 Chapter 13 Layer 3 Redundancy Avaya P333R-LB User’s Guide...
Page 143: Chapter 14 Load Balancing In The P333R-Lb
Firewall Load Balancing and Server Load Balancing are treated in detail. Firewall Load Balancing This section provides information on Firewall Load Balancing (FWLB) in general, as well as on specific types of firewalls supported by the P333R-LB, and configuration examples. FWLB intercepts all traffic between protected and unprotected zones, and dynamically distributes the load among the available firewalls, based on the FWLB configuration.
Page 144: Transparent Routing Firewall Load Balancing
Transparent Routing firewalls act as "next hop" devices from the perspective of the P333R-LB. After one of the firewalls in a group is selected, normal routing to that firewall takes place. The P333R-LB performs an “intelligent routing” decision, based on the Load Balancing criteria, and replaces the MAC address in the packets by the MAC address of the selected firewall.
Page 145: Configuring Firewall Load Balancing In The P333R-Lb
Real Server. This ID must match the ID given to the same firewall on the second load balancer. 2. The P333R-LB performs load balancing on traffic that arrives to its routing interfaces. Therefore, IP routes in the network must be configured to pass through the P333R-LB.
Page 146 In order to configure P333R-LB1 according to Figure 14.1, perform the following commands: P330-1(configure)# session router Router-1(configure)# hostname "P333R-LB 1" P333R-LB 1-1(configure)# interface 1 Done! P333R-LB 1-1(config-if:1)# ip address 10.4.1.3 255.255.255.0 Done! P333R-LB 1-1(config-if:1)# exit P333R-LB 1-1(configure)# interface 2 Done! P333R-LB 1-1(config-if:2)# ip address 10.1.1.3 255.255.255.0...
Page 147 Done! P333R-LB 2-1(config-if:1)# ip address 193.170.1.1 255.255.255.0 Done! P333R-LB 2-1(config-if:1)# exit P333R-LB 2-1(configure)# interface 2 Done! P333R-LB 2-1(config-if:2)# ip address 10.2.1.3 255.255.255.0 Done! P333R-LB 2-1(config-if:2)# exit P333R-LB 2-1(configure)# ip default-gateway 193.170.1.2 Done! P333R-LB 2-1(configure)# real-routing-fw 10.2.1.1 Done! P333R-LB 2-1(config-rsrvr:10.2.1.1)# id 1 Done! P333R-LB 2-1(config-rsrvr:10.2.1.1)# exit...
Page 148 Chapter 14 Load Balancing in the P333R-LB Done! P333R-LB 2-1(config-rsrvr:10.2.1.2)# id 2 Done! P333R-LB 2-1(config-rsrvr:10.2.1.2)# exit P333R-LB 2-1(configure)# rsg fw-group Done! P333R-LB 2-1(config-rsg:fw-group)# type-id routing-fw 1 Done! P333R-LB 2-1(config-rsg:fw-group)# real-routing-fw 10.2.1.1 Done! P333R-LB 2-1(config-rsg:fw-group)# real-routing-fw 10.2.1.2 Done! P333R-LB 2-1(config-rsg:fw-group)# exit...
Page 149 Chapter 14 Load Balancing in the P333R-LB The following configuration file is a result of the above configuration: --------------- P333R-LB 1 ---------------- hostname "P333R-LB 1" interface "2" ip vlan name "Default" ip address 10.1.1.3 255.255.255.0 interface "1" ip vlan name "Default"...
Page 150 Chapter 14 Load Balancing in the P333R-LB ---------------- P333R-LB 2 ---------------- hostname "P333R-LB 2" interface "2" ip vlan name "Default" ip address 10.2.1.3 255.255.255.0 interface "1" ip vlan name "Default" ip address 193.170.1.1 255.255.255.0 ip default-gateway 193.170.1.2 1 low real-routing-fw 10.2.1.1 id 1 real-routing-fw 10.2.1.2...
Page 151: Demilitarized Zone (Dmz) Configuration Example
Real Server. This ID must match the ID given to the same firewall on the second load balancer. 2. The P333R-LB performs load balancing on traffic that arrives to its routing interfaces. Therefore, IP routes in the network must be configured to pass through the P333R-LB.
Page 152 Chapter 14 Load Balancing in the P333R-LB The following configuration file is a result of configuring your network as shown in Figure 14.2: ------------------- P333R-LB 1 ------------------- hostname "P333R-LB 1" interface "2" ip vlan name "Default" ip address 10.1.1.3 255.255.255.0 interface "1"...
Page 153 Chapter 14 Load Balancing in the P333R-LB rsg "fw-group" ------------------- P333R-LB 2 ------------------- hostname "P333R-LB 2" interface "1" ip vlan name "Default" ip address 10.2.1.3 255.255.255.0 interface "2" ip vlan name "Default" ip address 193.170.1.1 255.255.255.0 ip default-gateway 193.170.1.2 1 low real-routing-fw 10.2.1.1...
Page 154 Chapter 14 Load Balancing in the P333R-LB hc-ip 10.2.1.3 10.3.1.3 ip route 193.170.2.0 255.255.255.0 rsg "fw-group" ------------------- P333R-LB 3 ------------------- hostname "P333R-LB 3" interface "1" ip vlan name "Default" ip address 10.3.1.3 255.255.255.0 interface "2" ip vlan name "Default" ip address 193.170.2.3 255.255.255.0...
Page 155: Load Balancing Metrics For Transparent Routing Fwlb
The source and destination IP addresses are used as the hash function input. P333R-LB creates a list of all the currently available firewalls. The result of the hash function is used to select a firewall from the list. Specific source and destination IP addresses always produce the same hash function, providing natural persistency.
Page 156: Minmiss Hash
Chapter 14 Load Balancing in the P333R-LB Figure 14.3 Hash Metric - Loss of Persistency Firewall 2 Loss of Persistency Server Server The same Hash Function Hash Function pointing to Firewall 4 pointing to Firewall 1 List of available Firewalls When Firewall 2 is removed from the group, the list of available firewalls is readjusted, causing a lack of persistency.
Page 157: Selecting A Load Balancing Metric
2 sessions for each session directed to the first firewall. Health Check The P333R-LB constantly health checks the firewall paths to ensure that each firewall is accessible and operational. A firewall that fails the health check is automatically removed from the load balancer’s internal list of currently available...
Page 158: Persistency
In the case where there are two P333R-LBs (one on each side of the firewalls), persistency is ensured only if each P333R-LB is configured so that they are compatable with each other. If they are not, and there is a change in the network that affects internal device decisions (for example, adding or removing a Real Server), persistency, or even the network connection, could be lost.
Page 159: Nat Configuration Example
Server Firewall 2 RSG fw-group Note: The P333R-LB performs load balancing on traffic that arrives to its routing interfaces. Therefore, IP routes in the network must be configured to pass through the P333R-LB. To configure your network as in Figure 14.5, the following should be done: •...
Page 160: Static Nat Configuration Example
Chapter 14 Load Balancing in the P333R-LB interface "2" ip vlan name "Default" ip address 10.1.1.3 255.255.255.0 interface "1" ip vlan name "Default" ip address 10.4.1.3 255.255.255.0 real-routing-fw 10.1.1.1 id 1 real-routing-fw 10.1.1.2 id 2 rsg "fw-group" type-id routing-fw 1 real-routing-fw 10.1.1.1...
Page 161: Load Balancing Metrics For Non-Transparent Routing Fwlb
Server Firewall 2 RSG fw-group Note: The P333R-LB performs load balancing on traffic that arrives to its routing interfaces. Therefore, IP routes in the network must be configured to pass through the P333R-LB. To configure your network as in Figure 14.6, the following should be done: •...
Page 162: Health Check
Each P333R-LB load balances between IP interfaces of the peer P333R-LB behind the firewall. In order for this to work, the P333R-LB has to have a different VLAN and subnet for each firewall, and the physical ports connected to the firewalls have to be on different VLANs as well.
Page 163: Configuration Example
Access Router Server Firewall 2 VLAN 2 fw- group Note: The P333R-LB performs load balancing on traffic that arrives to its routing interfaces. Therefore, IP routes in the network must be configured to pass through the P333R-LB. Avaya P333R-LB User’s Guide...
Page 164 Chapter 14 Load Balancing in the P333R-LB To configure your network as in Figure 14.7, the following should be done: • The LAN routers (or hosts) should be configured with 10.4.1.3 as the next hop toward the WAN (the default gateway in many cases).
Page 165 Chapter 14 Load Balancing in the P333R-LB real-bridging-fw 10.1.1.2 real-bridging-fw 10.2.1.2 rsg "fw-group" type-id bridging-fw 1 real-bridging-fw 10.1.1.2 real-bridging-fw 10.2.1.2 virtual-fw-service "bridging-external" id 1 bridging-fw ip route 0.0.0.0 0.0.0.0 rsg "fw-group" ---------------- P333R-LB 2 ---------------- set vlan 1 name "v1"...
Page 166: Load Balancing Metrics For Bridging Fwlb
VLAN, the ping will always remain on the same firewall. Persistency Each P333R-LB interface and the firewall connected to it reside in a separate VLAN. This ensures persistency since all the traffic through a particular firewall is contained in the firewall’s VLAN.
Page 167: Firewall Load Balancing Management Security
Load Balancing in the P333R-LB Firewall Load Balancing Management Security In some scenarios, the P333R-LB may be placed outside of the protection of the firewalls and be exposed to intrusion attempts through its L2 and L3 management interfaces. This is especially true for Transparent and Bridging Load Balancing, where the P333R-LB is placed outside the internal network.
Page 168: Server Load Balancing
For more information on metrics, refer to Load Balancing Metrics on page 37. To intercept traffic to the servers, the P333R-LB presents itself to the clients as a Virtual Server with a Virtual IP address (VIP). Client traffic travels to the P333R-LB acting as a Virtual Server.
Page 169 Servers and clients might exist, the returning packets could reach the client via a path external to the P333R-LB. These packets would be labelled with the real IP of the Real Server, and not the VIP that the client recognizes, causing the session to fail.
Page 170: Configuring Server Load Balancing In The P333R-Lb
10.1.1.10 Real Server 2 10.1.1.2 Server P333R-LB Edge Router VIP=193.170.1.3 Real Server 3 10.1.1.3 Server server-group Note: The Real Servers must be configured with the P333R-LB as their default gateway (for example in Figure 14.8, 10.1.1.10). Avaya P333R-LB User’s Guide...
Page 171 Chapter 14 Load Balancing in the P333R-LB In order to configure the load balancer according to Figure 14.8, perform the following commands: P330-1(configure)# session router Router-1(configure)# hostname "P333R-LB" P333R-LB-1(configure)# interface 1 Done! P333R-LB-1(config-if:1)# ip address 193.170.1.1 255.255.255.0 Done! P333R-LB-1(config-if:1)# exit...
Page 172: Full Nat Load Balancing
In Full NAT based load balancing, the P333R-LB replaces the Virtual IP address of the P333R-LB with the real IP address of the Real Server, as in Half NAT load balancing. In addition, P333R-LB replaces the incoming client’s IP address with a user-configured Proxy IP (PIP).
Page 173 With Full NAT, responses made by the Real Server are forced to pass through the P333R-LB, where the Real Server IP is replaced with the Virtual Server IP, and the PIP with the client’s original IP before forwarding them to the clients.
Page 174: Full Nat Based Configuration
P333R-LB which balances the traffic between three Real Servers. In addition to the traffic path through the P333R-LB, a direct path exists between the Clients and the Real Servers through another router. The P333R-LB is configured with a VIP of 193.170.4.20 and with a PIP bank on subnet 10.3.3.x.
Page 175 Chapter 14 Load Balancing in the P333R-LB 255.255.255.0 Done! P333R-LB-1(super-if:client)#exit P333R-LB-1(super)#ip default-gateway 193.170.3.2 Done! P333R-LB-1(super)#real-slb-server 10.1.1.1 Done! P333R-LB-1(super-r-slb-srvr:10.1.1.1)#exit P333R-LB-1(super)#real-slb-server 10.1.1.2 Done! P333R-LB-1(super-r-slb-srvr:10.1.1.2)#real-slb-server 10.1.1.3 Done! P333R-LB-1(super-r-slb-srvr:10.1.1.3)#exit P333R-LB-1(super)#rsg server-group Done! P333R-LB-1(super-rsg:server-group)#type-id slb 1 Done! P333R-LB-1(super-rsg:server-group)#real-slb-server 10.1.1.1 Done! P333R-LB-1(super-rsg:server-group)#real-slb-server 10.1.1.2 Done! P333R-LB-1(super-rsg:server-group)#real-slb-server 10.1.1.3...
Page 176: Direct Server Return (Dsr) (Triangulation) Redirection
P333R-LB-1(super-v-srvr:slb)#exit P333R-LB-1(super)# To insure that the packets destined to the PIP address reach the P333R-LB on the return path from the Real Server to the client, you must configure a Static Route in the router by entering: ip route 10.3.3.0 255.255.255.0 193.170.3.1 1...
Page 177: Dsr (Triangulation) Configuration Example
1. The VIP should be configured in the Real Servers as a “loopback” IP address. 2. Another router (like the P333R) may be configured as the default gateway of the Real Servers. This conserves resources and bandwidth on the P333R-LB that is tasked with balancing client requests.
Page 178 Chapter 14 Load Balancing in the P333R-LB real-slb-server 10.1.1.1 direct-server-return real-slb-server 10.1.1.2 direct-server-return real-slb-server 10.1.1.3 direct-server-return rsg "server-group" type-id slb 1 real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-slb-server 10.1.1.3 virtual-server "web-farm" id 1 vip 193.170.1.3 virtual-slb-service "www-service" id 1 application tcp 80 rsg "server-group"...
Page 179: Dns Configuration
Combining Two Cache Applications on the Same Real Caches Building on the fact that the P333R-LB allows for the same Real Servers to belong to different Load Balancing applications (i.e. Application Redirection and Server Load...
Page 180: Round Robin
The source and destination IP addresses are used as the hash function input. P333R-LB creates a list of all the currently available servers. The result of the hash function is used to select a server from the list. Specific addresses always produce the same hash function, providing natural persistency.
Page 181 Chapter 14 Load Balancing in the P333R-LB Figure 14.12 Hash Metric - Loss of Persistency Server 2 Loss of Persistency Server The same Hash Function Hash Function pointing to Server 4 pointing to Server 1 List of available Servers When Server 2 is removed from the group, the list of available servers is readjusted, causing a lack of persistency.
Page 182: Weighted Real Servers
HTTP Server Checking - Useful for web applications, this method enables verifying HTTP server functioning by comparing the response from the server with a complete sample of the web page. The P333R-LB sends a request to the HTTP server to simulate an outside request. The P333R-LB compares the server’s response with the sample to ascertain the level that the HTTP server is...
Page 183: Client Persistency
— Maximum length of response string: 255 characters. — Maximum offset from end of TCP header: 1000 bytes. P333R-LB compares the server’s reply with the expected reply you configured. You need to verify that the configured request results in the configured expected response.
Page 184: Selecting A Load Balancing Metric And Persistency Option
When a new session that matches an entry in the persistency cache is processed by the P333R-LB, it is directed to the same server pointed by the cache (provided, of course, that the server is considered healthy).
Page 185 Load Balancing in the P333R-LB Note: 1. In the P333R-LB, a Real Server can belong to multiple server groups as long as the groups are not running the same Virtual Service. If the groups are running the same service (e.g., HTTP), port re-mapping should be used.
Page 186: Application Redirection
Redundant caches can be configured. How It Works To enable AR, locate P333R-LB on the traffic route, instead of the local cache, and redirect packets from their original destination, the WAN access router, to alternative cache servers. The redirection process performs the following: Checks whether the packet characteristics complies with one of the defined filter rules.
Page 187 To address this issue, P333R-LB uses different VLAN areas for the clients and the cache. If a packet arrives to P333R-LB from the client's VLAN, it is redirected to the cache, and if it arrives from the server’s VLAN, it is routed to the WAN.
Page 188: Configuration Examples
10.1.1.1 Local Web Cache Servers Note: 1. The Cache Servers must not be on the local subnet of one of the P333R-LB’s local subnets. 2. The clients must not reside on the cache’s subnet or VLAN. In order to configure the load balancer according to Figure 14.14, perform the...
Page 189 P333R-LB-1(config-rsg:cache-group)# type-id ar 1 Done! P333R-LB-1(config-rsg:cache-group)# real-ar-server 10.1.1.1 Done! P333R-LB-1(config-rsg:cache-group)# exit P333R-LB-1(configure)# virtual-ar-service web-cache Done! P333R-LB-1(config-v-ar-srvc:web-cache)# id 1 Done! P333R-LB-1(config-v-ar-srvc:web-cache)# application tcp 80 Done! P333R-LB-1(config-v-ar-srvc:web-cache)# rsg cache-group Done! P333R-LB-1(config-v-ar-srvc:web-cache)# exit P333R-LB-1(configure)# ar-filter 1 any any 1 Done! Avaya P333R-LB User’s Guide...
Page 190 Chapter 14 Load Balancing in the P333R-LB The following configuration file is a result of the above configuration: ---------------- P333R-LB ---------------- set vlan 2 name "v2" !# Set the hostname of the device hostname "P333R-LB" interface "3" ip vlan name "v2"...
Page 191 2 servers Combining Two Cache Applications on the Same Real Caches Based on the fact that P333R-LB allows for the same Real Servers to belong to different Load Balancing applications (i.e., Application Redirection and Server Load Balancing), it is possible to build a configuration that implements transparent caching and non-transparent proxy caching on the same physical machines, as shown in Figure 14.15.
Page 192 Chapter 14 Load Balancing in the P333R-LB interface "1" ip vlan name "Default" ip address 10.4.1.3 255.255.255.0 ip default-gateway 10.2.2.5 1 low real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 real-ar-server 10.1.1.1 real-ar-server 10.1.1.2 rsg "none-transparent-proxy-group" type-id slb 1 real-slb-server 10.1.1.1 real-slb-server 10.1.1.2 rsg "transparent-proxy-group"...
Page 193 Traffic destined to the proxy cache, is sent by the client to the VIP as the Destination IP address, and dealt by the SLB Virtual Service (i.e., P333R-LB performs NAT on the packets and sends them to the Real Server based on the configured metrics). If...
Page 194: Load Balancing Metrics
The source and destination IP addresses are used as the hash function input. P333R-LB creates a list of all the currently available cache servers. The result of the hash function is used to select a cache server from the list. Specific addresses always produce the same hash function, providing natural persistency.
Page 195 Chapter 14 Load Balancing in the P333R-LB Figure 14.16 Hash Metric - Loss of Persistency Server 2 Loss of Persistency Server The same Hash Function Hash Function pointing to Server 4 pointing to Server 1 List of available Servers When Cache Server 2 in Figure 14.16 is removed from the group, the list of available cache servers is readjusted, causing a lack of persistency.
Page 196: Weighted Real Servers
HTTP Server Checking - Useful for web applications, this method enables verifying HTTP server functioning by comparing the response from the server with a complete sample of the web page. P333R-LB sends a request to the HTTP server to simulate an outside request. P333R-LB compares the server’s response with the sample to ascertain the level that the HTTP server is functioning.
Page 197 — Expected String Offset - An offset from the end of the TCP header (up to 1000 bytes) where the expected string should appear. P333R-LB searches for the expected strings only in the first HTTP packet sent by the server as a response to the GET/HEAD request. If the string search fails, use the show hc last response command to view the received string and compare it with the expected string.
Page 198: Client Persistency
When a new session that matches an entry in the persistency cache is processed by P333R-LB, it is directed to the same server pointed by the cache (provided, of course, that the server is considered healthy).
Page 199: Policy-Based Routing (Source-Based Routing)
Chapter 14 Load Balancing in the P333R-LB Policy-Based Routing (Source-Based Routing) Using AR rules, you can configure your device to support Policy-Based Routing according to the client IP. In this case, you can select your next Hop according to the source IP configured on your device.
Page 200 Chapter 14 Load Balancing in the P333R-LB Avaya P333R-LB User’s Guide...
Page 201: Chapter 15 Embedded Web Manager
Software Redundancy - Setting software redundancy for ports in an Avaya P330 Switch. • Port Mirroring - Setting up port mirroring for ports in an Avaya P330 Switch. • Trap Managers Configuration - Viewing and modifying the Trap Managers Table.
Page 202: Running The Embedded Web Manager
Note: The Web management passwords are the same as those of the CLI. If you have created additional CLI user names or changed the default passwords then you can use those passwords for Web management as well. Avaya P333R-LB User’s Guide...
Page 203 Chapter 15 Embedded Web Manager The welcome page is displayed: Figure 15.1 The Welcome Page Avaya P333R-LB User’s Guide...
Page 204 (see Figure 15.2). Figure 15.2 Web-based Manager — If you do not have the Java plug-in installed, follow the instructions on the Welcome page that offers a variety of options to install the plug-in (see Figure 15.1). Avaya P333R-LB User’s Guide...
Page 205: Installing The Java Plug-In
Installing from the Avaya P330 Documentation and Utilities CD Close all unnecessary applications on your PC. Insert the “Avaya P330 Documentation and Utilities” CD into the CD drive. Click Start on the task bar. Select Run. Type x:\emweb-aux-files\plug-in_1_3_1.exe where x: is the CD drive letter.
Page 206: Installing The On-Line Help And Java Plug-In On Your Web Site
Utilities” CD to your local Web server. Please refer to your Web server documentation for full instructions. Define the URL in the Avaya P330 using the following CLI command: set web aux-files-url //IP address/directory name where //IP address/directory name is the location of the directory from the previous step.
Page 207: Troubleshooting And Maintaining The P330
Avaya P333R-LB VAYA 2: T ECTION ROUBLESHOOTING AND AINTAINING THE P330...
Page 209: Chapter 16 Troubleshooting The Installation
This section will allow you to perform basic troubleshooting of the installation. If you are unable to solve the problem after following the procedures in this chapter, please contact Avaya Technical Support. Refer to “How to Contact Us“for full details.
Page 210 Chapter 16 Troubleshooting the Installation Table 16.1 Troubleshooting Problem/Cause Suggested Solution • Expansion module not • Check that module are installed correctly inserted correctly Avaya P333R-LB User’s Guide...
Page 211: Chapter 17 Maintenance
Gently tighten the two screws on the front panel of the expansion sub-module by turning them. Note: The Avaya P330 switch must not be operated with the expansion slot open; the expansion sub-module slot should be covered with the supplied blanking plate if necessary.
Page 212: Saving Configuration Definitions
Caution: Ensure that the screws on the module are properly aligned with the holes in the chassis before tightening them. Gently tighten the two screws on the side panel of the stacking module by turning the screws. Do not use excessive force when tightening the screws. Avaya P333R-LB User’s Guide...
Page 213: Chapter 18 Updating The Software
Caution: Please refer to "Before You Install the P330" before undertaking any of the procedures detailed in this section. Software Download You can perform software download using the CLI or Avaya UpdateMaster (part of the Avaya Multi-Service Network Manager Suite). Obtain Software Online You can download the firmware and Embedded Web Manager from the “Software...
Page 214: Download New Version Without Overwriting Existing Version
Chapter 18 Updating the Software Note: Please download both the new Avaya firmware and the new Embedded Web Manager versions. Whichever version of the firmware you decide to run, always be sure to match the correct firmware and Embedded Web Manager versions.
Page 215: How To Contact Us
Appendix A How to Contact Us To contact Avaya’s technical support, please call: In the United States Dial 1-800-237-0016, press 0, then press 73300.In the EMEA (Europe, Middle East and Africa) Region Local Dial-In Local Dial-In Country Country Number Number...
Page 216: In The Ap (Asia Pacific) Region
+31 70 414 8063 E-mail: csctechnical@avaya.com In the AP (Asia Pacific) Region Local Dial-In Local Dial-In Country Country Number Number Australia +1800 255 233 Malaysia +1800 880 227 Hong Kong +2506 5451 +00 800 9828 9828 Zealand Avaya P333R-LB User’s Guide...
Page 217: In The Cala (Caribbean And Latin America) Region
+0 80 025 227 E-mail: sgcoe@avaya.com In the CALA (Caribbean and Latin America) Region E-mail: caladatasupp@avaya.com Hot Line:+1 720 4449 998 Fax:+1 720 444 9103 For updated information, visit www.avaya.com/support and click “Global Support Organization (GSO)”. Avaya P333R-LB User’s Guide...
Page 218 © 2003 Avaya Inc. All rights reserved. All trademarks identified by the ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners. Avaya P333R-LB User’s Guide...

Avaya P333R-LB Installation And Configuration Manual

Overview of the P330

Chapter 1 Avaya P333R-LB Overview

Chapter 2 Standards and Compatibility

Chapter 3 Specifications

Chapter 4 Installation

Chapter 5 Powering up the Avaya P330

Chapter 6 Avaya P333R-LB Front and Back Panels

Chapter 7 Establishing Switch Access

Chapter 8 User Authentication

Configuration of the P330

Chapter 9 Basic Switch Configuration

Chapter 10 Default Settings of the P330

Chapter 11 Avaya P330 Layer 2 Features

Chapter 12 Avaya P330 Layer 3 Features

Chapter 13 Layer 3 Redundancy

Chapter 14 Load Balancing in the P333R-LB

Chapter 15 Embedded Web Manager

Quick Links

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Avaya P333R-LB

Summary of Contents for Avaya P333R-LB