Page 1
Avaya
Installation and Configuration Guide
AVAYA P334T-ML
STACKABLE SWITCH
SOFTWARE VERSION 4.5
January 2004
Page 2
avaya.com
© 2004 Avaya Inc. All rights reserved. All trademarks identified by the ® or TM are registered trademarks or
trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners
Document no. 10-300128
Page 3
Contents
Preface Before you Install the P330-ML ISafety Information ..................................... I
Section 1 Overview
Chapter 1 Avaya P334T-ML Overview............................................................................. 1
FCC Notice........................................................................................................... I
Conventions Used in the Documentation ....................................................... I
CLI Conventions ......................................................................................I
Notes, Cautions, and Warnings ........................................................... II
Warranty ............................................................................................................ II
Notice................................................................................................................. III
Avaya Support ................................................................................................. III
Introduction ........................................................................................................ 1
About the P334T-ML ......................................................................................... 1
Avaya P334T-ML Features ............................................................................... 1
Layer 3 Features P330-ML ................................................................................ 2
Network Management and Monitoring ......................................................... 2
Device Manager (Embedded Web) ......................................................2
Command Line Interface (CLI) .............................................................2
Avaya Integrated Manager ...................................................................3
Port Mirroring .........................................................................................3
SMON .......................................................................................................3
Fans, Power Supply, and BUPS-ML Monitoring ...............................4
Chapter 2 Standards and Compatibility........................................................................... 5
Avaya P330 Standards Supported................................................................... 5
IEEE ..........................................................................................................5
IETF - Layer 2 ..........................................................................................5
IETF - Layer 3 ..........................................................................................5
IETF - Network Monitoring.............................................................................. 6
Chapter 3 Specifications ...................................................................................................... 7
P334T-ML Switch............................................................................................... 7
Physical .................................................................................................... 7
Power Requirements .............................................................................7
Environmental .........................................................................................7
Safety ........................................................................................................8
Safety - AC Version ................................................................................8
Safety - DC Version ................................................................................8
Avaya P334T-ML User’s Guide i
Page 4
Table of Contents
Section 2 Installation
Chapter 4 Installation......................................................................................................... 17
EMC Emissions .......................................................................................8
Emissions ......................................................................................8
Immunity ......................................................................................8
Interfaces ..................................................................................................9
Basic MTBF ..............................................................................................9
Stacking Sub-module......................................................................................... 9
Basic MTBF ..............................................................................................9
Approved SFF/SFP GBIC Transceivers........................................................ 10
Safety Information ................................................................................10
Laser Classification ....................................................................10
Usage Restriction .......................................................................10
Installation .............................................................................................11
Installing and Removing a SFF/SFP GBIC Transceiver ......11
Specifications .........................................................................................11
LX Transceiver ...........................................................................11
SX Transceiver ............................................................................11
Agency Approval ..................................................................................12
Gigabit Fiber Optic Cabling............................................................................ 12
Console Pin Assignments................................................................................ 13
Required Tools.................................................................................................. 17
Site Preparation ................................................................................................ 17
Rack Mounting (Optional).............................................................................. 19
Installing the X330STK-ML Stacking Sub-Module (Optional) .................. 20
Connecting Stacked Switches......................................................................... 20
To connect stacked switches: ...............................................................20
Making Connections to Network Equipment.............................................. 23
Prerequisites ..........................................................................................23
Connecting Cables to Network Equipment ......................................23
Chapter 5 Powering Up the Avaya P330......................................................................... 25
Powering On – Avaya P330 Module AC ...................................................... 25
Powering On – Avaya P330 Switch DC ........................................................ 25
Post-Installation................................................................................................ 26
Chapter 6 Avaya P334T-ML Front and Rear Panels...................................................... 27
Avaya P334T-ML Front Panel ........................................................................ 27
Avaya P334T-ML Back Panel ......................................................................... 31
BUPS-ML Input Connector ..................................................................32
Chapter 7 Establishing Switch Access............................................................................. 33
Establishing a Serial Connection.................................................................... 33
ii Avaya P334T-ML User’s Guide
Page 5
Table of Contents
Configuring the Terminal Serial Port Parameters ...........................33
Connecting a Terminal to the Avaya P330 Serial port ....................33
P330 Sessions .................................................................................................... 34
Assigning P330’s IP Stack Address ............................................................... 34
Establishing a Telnet Connection .................................................................. 35
Establishing an SSH Connection.................................................................... 35
Establishing a Modem (PPP) Connection with the P330 ........................... 36
Overview ................................................................................................36
Connecting a Modem to the Console Port ........................................36
Security Levels.................................................................................................. 37
Entering the Supervisor Level ............................................................37
Defining new local users ..........................................................38
Exiting the Supervisor Level ....................................................38
Entering the CLI .................................................................................... 38
Chapter 8 User Authentication......................................................................................... 39
Introduction ...................................................................................................... 39
SNMP Support ................................................................................................. 39
Introduction to SNMP ..........................................................................39
SNMP Versions ..........................................................................39
Managers and Agents ...............................................................39
Manager/Agent Communication ...........................................40
SNMPv1 ......................................................................................40
SNMPv2c ....................................................................................41
SNMPv3 ......................................................................................41
SNMP Commands ................................................................................43
SSH Protocol Support...................................................................................... 46
Introduction to SSH ..............................................................................46
SSH Commands ....................................................................................47
SCP Protocol Support...................................................................................... 48
RADIUS............................................................................................................. 49
Introduction to RADIUS ......................................................................49
Radius Commands ...............................................................................51
Telnet Client Support ...................................................................................... 52
Introduction to Telnet ..........................................................................52
Telnet Commands ................................................................................52
Recovery Password.......................................................................................... 53
Introduction ...........................................................................................53
Recovery Password Commands .........................................................53
Allowed Managers........................................................................................... 54
Allowed Managers Introduction ........................................................ 54
Allowed Managers CLI Commands .................................................. 54
Allowed Protocols............................................................................................ 55
Allowed Protocols Introduction .........................................................55
Allowed Protocols CLI Commands ...................................................55
Avaya P334T-ML User’s Guide iii
Page 6
Table of Contents
Section 3 Configuration
Chapter 9 P330 Default Settings ....................................................................................... 59
Configuring the Switch ................................................................................... 59
Chapter 10 Switch Configuration....................................................................................... 63
Introduction ...................................................................................................... 63
Uploading and Downloading Device Configurations and Images .......... 65
System Logging ................................................................................................ 70
Monitoring CPU Utilization ........................................................................... 75
Avaya P330 Default Settings ...............................................................59
Basic Switch Configuration .................................................................63
System Parameter Configuration .......................................................64
Identifying the system ..............................................................64
Operating parameters ...............................................................64
Network Time Acquiring Protocols Parameter Configuration ......65
Layer 2 Configuration File ...................................................................66
Layer 3 Configuration File ...................................................................68
System Logging Introduction ..............................................................70
System Logging Messages ........................................................70
Sinks .............................................................................................71
Applications ...............................................................................71
Syslog Servers ............................................................................72
Syslog Configuration CLI Commands ...................................73
Chapter 11 Avaya P330 Layer 2 Features.......................................................................... 77
Overview ........................................................................................................... 77
Ethernet.............................................................................................................. 78
Fast Ethernet ..........................................................................................78
Gigabit Ethernet ....................................................................................78
Configuring Ethernet Parameters .......................................................78
Auto-Negotiation .......................................................................78
Full-Duplex/Half-Duplex ........................................................78
Speed ...........................................................................................79
Flow Control ...............................................................................79
Priority ........................................................................................79
MAC Address ............................................................................80
CAM Table ..................................................................................80
Ethernet Configuration CLI Commands ...........................................81
Ethernet Implementation in the Avaya P334T-ML ..........................82
VLAN Configuration....................................................................................... 83
VLAN Overview ...................................................................................83
VLAN Tagging ......................................................................................84
Multi VLAN Binding ............................................................................84
Automatic VLAN Learning .................................................................86
iv Avaya P334T-ML User’s Guide
Page 7
Table of Contents
Ingress VLAN Security ........................................................................86
VLAN CLI Commands ........................................................................86
VLAN Implementation in the Avaya P334T-ML ............................. 87
Port Based Network Access Control (PBNAC) ........................................... 88
How “Port Based” Authentication Works ........................................88
PBNAC Implementation in the P330 Family ....................................88
Configuring the P330 for PBNAC ......................................................89
PBNAC CLI Commands ......................................................................90
Spanning Tree Protocol................................................................................... 92
Overview ................................................................................................92
Spanning Tree Protocol ........................................................................92
Spanning Tree per Port ........................................................................92
Rapid Spanning Tree Protocol (RSTP) ...............................................93
About the 802.1w Standard ..................................................... 93
Port Roles ....................................................................................93
Spanning Tree Implementation in the P330 Family ........................ 94
Spanning Tree Protocol CLI Commands ..........................................95
MAC Security ................................................................................................... 97
MAC Security Implementation in P330 .............................................97
MAC Security CLI Commands ...........................................................98
MAC Aging....................................................................................................... 99
Overview ................................................................................................99
Configuring the P330 for MAC Aging ..............................................99
MAC Aging CLI Commands .............................................................. 99
LAG.................................................................................................................. 100
LAG Overview ....................................................................................100
LAG CLI Commands .........................................................................100
LAG Implementation in the Avaya P330 Family of Products .....101
Port Redundancy ........................................................................................... 102
Port Redundancy Operation .............................................................102
Intermodule Port Redundancy .........................................................103
Port Redundancy CLI Commands ...................................................103
IP Multicast Filtering ..................................................................................... 105
Overview ..............................................................................................105
IP Multicast CLI Commands .............................................................106
IP Multicast Implementation in the Avaya P334T-ML ................. 106
RMON.............................................................................................................. 107
RMON Overview ................................................................................107
RMON CLI Commands .....................................................................107
SMON .............................................................................................................. 109
SMON Overview ................................................................................109
Port Mirroring Configuration ...................................................................... 110
Port Mirroring Overview ..................................................................110
Port Mirroring CLI commands .........................................................110
Avaya P334T-ML User’s Guide v
Page 8
Table of Contents
Port Mirroring Constraints ................................................................110
Multilayer Policy ............................................................................................ 111
About Multilayer Policy .....................................................................111
Access Lists ...............................................................................111
DSCP-to-COS Maps .................................................................112
Trust Modes ..............................................................................112
Multilayer Policy Implementation in the P334T-ML .....................112
Configuring the P334T-ML for Multilayer Policy ..........................113
Configuration Requirements .................................................113
Configuration File Management ...........................................113
Multilayer Policy CLI Commands ....................................................114
Weighted Queuing......................................................................................... 116
Implementation of Weighted Queuing in the P330-ML ................116
Weighted Queuing CLI Commands ................................................116
Port Classification .......................................................................................... 117
Overview ..............................................................................................117
Port Classification CLI Commands ..................................................117
Stack Redundancy.......................................................................................... 118
Stack Health .................................................................................................... 118
Overview ..............................................................................................118
Implementation of Stack Health in the P330 Family .....................118
Stack Health CLI Commands ............................................................119
Chapter 12 Avaya P330 Layer 3 Features........................................................................ 121
Introduction .................................................................................................... 121
What is Routing? .................................................................................121
Routing Configuration .................................................................................. 123
Forwarding ..........................................................................................123
Multinetting (Multiple Subnets per VLAN) ...................................123
IP Configuration............................................................................................. 124
IP Configuration CLI Commands ....................................................124
Assigning Initial Router Parameters ................................................125
Obtaining and Activating a License Key .........................................126
Obtaining a Routing License Key ..........................................127
Activating a Routing License Key .........................................129
License Key CLI Commands ..................................................129
RIP (Routing Interchange Protocol) Configuration................................... 131
RIP Overview ......................................................................................131
RIP2 .......................................................................................................132
RIP CLI Commands ............................................................................132
OSPF (Open Shortest Path First) Configuration........................................ 134
OSPF Overview ...................................................................................134
OSPF CLI Commands ........................................................................135
Static Routing Configuration........................................................................ 136
Static Routing Overview ....................................................................136
vi Avaya P334T-ML User’s Guide
Page 9
Table of Contents
Static Routing Configuration CLI Commands ............................... 136
Route Preferences ...............................................................................137
Route Redistribution ..................................................................................... 138
Route Redistribution Commands .....................................................138
ARP (Address Resolution Protocol) Table Configuration ....................... 139
ARP Overview ....................................................................................139
The ARP Table .........................................................................140
ARP CLI Commands ..........................................................................140
BOOTP/DHCP (Dynamic Host Configuration Protocol) Relay
Configuration ................................................................................................. 141
BOOTP/DHCP Overview .................................................................141
BOOTP ......................................................................................141
DHCP ........................................................................................141
DHCP/BOOTP Relay .............................................................141
BOOTP/DHCP CLI Commands ......................................................142
NetBIOS Re-broadcast Configuration......................................................... 143
NetBIOS Overview .............................................................................143
NetBIOS Re-broadcast Configuration CLI Commands ................143
VRRP (Virtual Router Redundancy Protocol) Configuration ................. 144
VRRP Overview ..................................................................................144
VRRP Configuration Example 1 .......................................................145
Case#1 .......................................................................................145
Case #2 ......................................................................................146
VRRP CLI Commands ....................................................................... 146
SRRP Configuration....................................................................................... 148
SRRP Overview ...................................................................................148
SRRP Configuration Example ........................................................... 148
SRRP CLI Commands ........................................................................149
Policy Configuration ..................................................................................... 150
Policy Configuration Overview ........................................................150
Policy Configuration CLI Commands .............................................150
Policy Configuration Example ..........................................................152
Policy Configuration Example ..........................................................153
IP Fragmentation and Reassembly.............................................................. 154
IP Fragmentation and Reassembly Overview ................................154
IP Fragmentation/Reassembly CLI Commands ............................154
Section 4 Troubleshooting and Maintenance
Chapter 13 Troubleshooting the Installation.................................................................. 157
Troubleshooting the Installation.................................................................. 157
Chapter 14 Maintenance.................................................................................................... 159
Introduction .................................................................................................... 159
Replacing the Stacking Sub-module ........................................................... 159
Avaya P334T-ML User’s Guide vii
Page 10
Table of Contents
Chapter 15 Updating the Software .................................................................................. 161
Software Download ....................................................................................... 161
Obtain Software Online .....................................................................161
Downloading Software ......................................................................161
Download New Version without Overwriting Existing Version............ 162
viii Avaya P334T-ML User’s Guide
Page 11
Preface
Before you Install the P330-ML
Safety Information
Caution: Avaya P330 switches and modules contain components sensitive to
electrostatic discharge. Do not touch the circuit boards unless instructed to do so.
Caution: Do not leave any slots open. Cover empty slots using the blanking plates
supplied.
Warning: The fans are on whenever the power is on in the chassis.
FCC Notice
This equipment has been tested and found to comply with the limits for a Class A
digital device, pursuant to part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference when the equipment is
operated in a commercial environment. This equipment generates, uses, and can
radiate radio frequency energy and, if not installed and used in accordance with the
instruction manual, may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause harmful
interference in which case the user will be required to correct the interference at his
own expense.
Changes or modifications to this equipment not expressly approved by Avaya Inc.
could void the user’s authority to operate the equipment.
Conventions Used in the Documentation
Documentation for this product uses the following conventions to convey
instructions and information:
CLI Conventions
• Mandatory keywords are in the computer bold font.
Avaya P334T-ML User’s Guide I
Page 12
• Information displayed on screen is displayed in computer font.
• Variables that you supply are in pointed brackets <>.
• Optional keywords are in square brackets [].
• Alternative but mandatory keywords are grouped in braces {} and separated by
a vertical bar |.
• Lists of parameters from which you should choose are enclosed in square
brackets [ ] and separated by a vertical bar |.
• If you enter an alphanumeric string of two words or more, enclose the string in
inverted ”commas”.
Notes, Cautions, and Warnings
L Notes contain helpful information or hints or reference to material in other
documentation.
Caution: You should take care. You could do something that may damage
equipment or result in loss of data.
Warning: This means danger. Failure to follow the instructions or warnings may
result in bodily injury. You should ensure that you are qualified for this task and
have read and understood all the instructions
Warranty
Avaya Inc. provides a limited warranty on this product. Refer to your sales
agreement or other applicable documentation to establish the terms of the limited
warranty. In addition, Avaya’s standard warranty language as well as information
regarding support for this product, while under warranty, is available through the
following website: http://www.avaya.com/support.
II Avaya P334T-ML User’s Guide
Page 13
Notice
Every effort was made to ensure that the information in this document was
complete and accurate at the time of printing. However, information is subject to
change.
Avaya Support
Avaya provides a telephone number for you to use to report problems or to ask
questions about your contact center. The support telephone number is 1-800-2422121 in the United States. For additional support telephone numbers, see the Avaya
Web site: http://www.avaya.com
Avaya P334T-ML User’s Guide III
Page 14
IV Avaya P334T-ML User’s Guide
Page 15
Avaya
SECTION 1: OVERVIEW
Page 16
Page 17
Chapter 1
Avaya P334T-ML Overview
Introduction
The P334T-ML is a powerful Multilayer Policy 10/100 BASE-T and Gigabit Ethernet
stackable switch. It enhances the P330 line to support high density multilayer
10/100 BASE-T and Gigabit Ethernet solutions.
The Avaya P330 family of stackable Ethernet workgroup switches includes a range
of modules with 10/100/1000 Mbps ports, a Layer 3 capability, and ATM and WAN
expansion modules.
An Avaya P330 stack can contain up to 10 switches and backup power supply units.
The stacked switches are connected using stacking Modules which plug into a slot
in the back of the Avaya P330. They are connected using the X330SC or X330LC
cable (if the stack is split between two racks). The Avaya X330RC cable connects the
top and bottom switches in the stack; this connection provides redundancy and
hot-swappability. A P330 stack is managed as a single IP entity.
About the P334T-ML
Basic information about the P334T-ML follows:
• The Avaya P334T-ML has forty-eight 10/100BASE-T and two GBIC (SFP) ports,
and provides Layer 2 and optional Layer 3 Ethernet switching. Like other
members of the Avaya P330 family, the P334T-ML is available in AC and DC
versions.
• Multilayer switching with QoS, Policy Management, and multiple levels of
security and redundancy make the Avaya P334T-ML an ideal part of a
converged network. The P334T-ML is ready for voice and data applications, and
supports IEEE standards for VLAN Tagging, Gigabit Ethernet, Spanning Tree,
and Flow Control.
The Avaya P334T-ML can be deployed with other products in the P330-ML family
in stacks of up to ten switches. This makes increasing port density or adding new
technologies as simple as “plug and play.”
Avaya P334T-ML Features
• Up to 480 10/100Base-T ports in a stack.
• Octaplane™ 8 Gbps stacking fabric
• Stack, Port & LAG Redundancy
• Multiple VLANs per port
Avaya P334T-ML User’s Guide 1
Page 18
Chapter 1 Avaya P334T-ML Overview
• RADIUS protocol for security
• Rapid spanning tree
• Port based network access control
• IP Multicast filtering
•Multi-layer Policy
• Terminal and modem interface
•AC and DC versions
• Backup Power Supply
Layer 3 Features P330-ML
• RIP v.1, RIP v.2, OSPF. ARP, ICMP, DHCP/BOOTP relay
• VRRP and SRRP Redundancy
•Quality of Service
• Access control
Network Management and Monitoring
Comprehensive network management and monitoring are key components of
today’s networks. Therefore we have provided multiple ways of managing the
P330-ML to suit your needs.
Device Manager (Embedded Web)
The built-in P330 Device Manager (Embedded Web Manager) allows you to manage
a P330 stack using a Web browser without purchasing additional software. This
application works with the Microsoft Internet Explorer and Netscape Navigator
web browsers and Sun Microsystems Java Plug-in.
Command Line Interface (CLI)
The P330CLI provides a terminal type configuration tool for configuration of
P330-ML features and functions. You can access the CLI locally, through the serial
interface, or remotely via Telnet.
2 Avaya P334T-ML User’s Guide
Page 19
Avaya Integrated Manager
When you need extra control and monitoring or wish to manage other Avaya
equipment, then the Integrated Manager network management suite is the answer.
This suite provides the ease-of-use and features necessary for optimal network
utilization.
• MSNM is available for Microsoft Windows 95/NT/2000 and Solaris 2.8
• MSNM can operate in Stand-Alone mode with Windows NT/2000 and
Solaris 2.8.
• MSNM operates under HP OpenView for Windows 95/NT/2000
Port Mirroring
The P330-ML provides port mirroring for additional network monitoring
functionality. You can filter the traffic and mirror either incoming traffic to the
source port or both incoming and outgoing traffic. This allows you to monitor the
network traffic you need.
Ports which are members in a Link Aggregation Group (LAG) cannot also be used as
Port Mirroring Destination or Source ports.
Within the P334T-ML switch, port mirroring can be configured between ports in the
three following groups:
• 1-12, 25-36
• 13-24, 37-48
• 51, 52
On the stack level, port mirroring pairs can be configured between any Giga port,
and between any Giga port on the P334T-ML and any 10/100Mbps port not residing
on a P334T-ML.
Chapter 1 Avaya P334T-ML Overview
SMON
The P330-ML switches support Avaya’s ground-breaking SMON Switched
Network Monitoring, which the IETF has now adopted as a standard (RFC2613).
SMON provides unprecedented top-down monitoring of switched network traffic
at the following levels:
• Enterprise Monitoring
• Device Monitoring
• VLAN Monitoring
• Port-level Monitoring
This top-down approach gives you rapid troubleshooting and performance
trending to keep the network running optimally.
L An Avaya Integrated Manager Licence is required to run SMON monitoring.
L You need to purchase one SMON License per P330 Stack
Avaya P334T-ML User’s Guide 3
Page 20
Chapter 1 Avaya P334T-ML Overview
Fans, Power Supply, and BUPS-ML Monitoring
P330-ML switches have integrated sensors which provide advance warnings of fan
failure, power supply failure or Backup Power Supply (BUPS-ML) failure via
management.
4 Avaya P334T-ML User’s Guide
Page 21
Chapter 2
Standards and Compatibility
Avaya P330 Standards Supported
The Avaya P330 complies with the following standards.
IEEE
• 802.3x Flow Control on all ports
• 802.1Q VLAN Tagging support on all ports
• 802.1p Priority Tagging compatible on all ports
• 802.1D Bridges and STA
• 802.1w Rapid Spanning Tree Protocol
• 802.1X Port Based Network Access Control
• 802.3z Gigabit Ethernet on ports 51,52
• 802.3u Ethernet/Fast Ethernet on ports 1-48
IETF - Layer 2
• MIB-II - RFC 1213
• Structure and identification of management information for TCP/IP-based
Internet - RFC 1155
• Simple Network Management Protocol version 1 (SNMPv1) - RFC 1157
• Simple Network Management Protocol version 3 (SNMPv3) - RFC 2571 - 2576
• PPP Internet Protocol Control Protocol (IPCP) - RFC 1332
• PPP Authentication Protocols (PAP & CHAP) - RFC 1334
• PPP - RFC 1661
• ATM Management - RFC 1695
• RMON - RFC 1757
• SMON - RFC 2613
• Bridge MIB Groups - RFC 2674 dot1dbase and dot1dStp fully implemented.
Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent)
• The Interfaces Group MIB - RFC 2863
• Remote Authentication Dial In User Service (RADIUS) - RFC 2865
IETF - Layer 3
• Internet Protocol - RFC 791
• Internet Control Message Protocol - RFC 792
• Ethernet Address Resolution Protocol - RFC 826
Avaya P334T-ML User’s Guide 5
Page 22
Chapter 2 Standards and Compatibility
• Standard for the transmission of IP datagrams over Ethernet - RFC 894
• Broadcasting Internet datagrams in the presence of subnets - RFC 922
• Internet Standard Subnetting Procedure - RFC 950
• Bootstrap Protocol - RCF 951
• Using ARP to implement transparent subnet gateways - RFC 1027
• Routing Information Protocol - RCF 1058
• Hosts Extensions for IP Multicasting - RFC 1112
• Requirements for Internet Hosts - Communications Layers - RFC 1122
• DHCP Options and BOOTP Vendor Extensions - RFC 1533
• Interoperation between DHCP and BOOTP - RFC 1534
• Dynamic Host Configuration Protocol - RFC 1541
• Clarifications and Extensions for the Bootstrap Protocol Information - RFC 1542
• OSPF Version 2 - RFC 1583
• RIP Version 2 Carrying Additional Information - RFC 1723
• RIP Version 2 MIB Extension - RFC 1724
• Requirements for IP Version 4 Routers - RFC 1812
• OSPF Version 2 Management Information Base - RFC 1850
• IP Forwarding Table MIB - RFC 2096
•Virtual Router Redundancy Protocol - RFC 2338
IETF - Network Monitoring
• RMON (RFC 1757) support for groups 1,2,3, and 9
—Statistics
—History
—Alarms
—Events
• SMON (RFC 2613) support for groups
—Data Source Capabilities
—Port Copy
— VLAN and Priority Statistics
• Bridge MIB Groups - RFC 2674
— dot1dbase and dot1dStp fully implemented.
— Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent)
6 Avaya P334T-ML User’s Guide
Page 23
Chapter 3
Specifications
P334T-ML Switch
Physical
Height 2U (88 mm, 3.5”)
Width 482.6 mm (19”)
Depth 450 mm (17.7”)
Weight 15.6 lb.
Power Requirements
AC DC
Input voltage 90 to 265 VAC, 50/60
Hz
Power dissipation 100 W max 100 W (max.)
Input current 1.5 A@100 VAC
0.75 A@200VAC
Inrush current 15 A@100 VAC (max.)
30 A@200VAC (max.)
Environmental
Operating Temp. -5 to 50°C (23-122°F)
Rel. Humidity 5% to 95% non-condensing
Avaya P334T-ML User’s Guide 7
-36 to -72 VDC
4 A (max.)
40 A (max.)
Page 24
Chapter 3
Safety
• UL for US approved according to UL195O Std.
• C-UL(UL for Canada) approved according to C22.2 No.950 Std.
• CE for Europe approved according to EN 60950 Std.
• Laser components are Laser Class I approved:
Safety - AC Version
• Overcurrent Protection: A readily accessible Listed safety-approved protective
Safety - DC Version
• Restricted Access Area: This unit must be installed in Restricted Access Areas
• Installation Codes: This unit must be installed in accordance with the US
• Conductor Ampacity: Per UL 1950, Annex NAE (NEC Article 645-5(a)), the
• Overcurrent Protection: Per UL 1950, Annex NAE (NEC Article 240-3), a readily
— EN-60825/IEC-825 for Europe
— FDA CFR 1040 for USA
device with a 16A rating must be incorporated in series with building
installation AC power wiring for the equipment under protection.
only.
National Electrical Code, Article 110, and the Canadian Electrical Code,
Section 12.
branch-circuit conductors supply shall have the ampacity of not less than 125
percent of the total connected load. For input leads use at least 18 AWG copper
conductors.
accessible listed branch-circuit overcurrent protective device rated maximum
10A must be incorporated into the building wiring.
EMC Emissions
Emissions
Approved according to:
• US - FCC Part 15 sub part B, class A
• Europe - EN55022 class A and EN61000-3-2
• Japan - VCCI-A
Immunity
Approved according to:
• EN 55024 and EN61000-3-3
8 Avaya P334T-ML User’s Guide
Page 25
Interfaces
• P334T-ML: 48 x 10/100 Base-T RJ-45 port connectors + 2 x SFP pluggable gigabit
ethernet fiber optic connectors.
• RS-232 for terminal setup via RJ-45 connector on front panel.
Basic MTBF
• P334T-ML: 118,723 hrs minimum.
• P334T-ML and X330STK-ML: 113,549 hrs minimum.
Stacking Sub-module
Chapter 3
Basic MTBF
Name
X330STK-ML 2
• 2,605,528 hrs minimum
Number of
Ports
Avaya P334T-ML User’s Guide 9
Page 26
Chapter 3
Approved SFF/SFP GBIC Transceivers
The SFF/SFP GBIC (Gigabit Interface Converter) have been tested for use with the
Avaya
transceivers, see: www.avayanetwork.com/
L SFF/SFP GBIC transceivers are hot-swappable.
Safety Information
The SFF/SFP GBIC transceivers are Class 1 Laser products. They comply with
EN 60825-1 and Food and Drug Administration (FDA) 21 CFR 1040.10 and 1040.11.
The SFF/SFP GBIC transceivers must be operated under recommended operating
conditions.
Laser Classification
P334T-ML Gigabit Ethernet ports. For a list of approved SFF/SFP GBIC
CLASS 1
LASER PRODUCT
L Class 1 lasers are inherently safe under reasonably foreseeable conditions of
operation.
Caution: The use of optical instruments with this product will increase eye hazard.
Usage Restriction
When a SFF/SFP GBIC transceiver is inserted in the module but is not in use, the
Tx and Rx ports should be protected with an optical connector or a dust plug.
Caution: Use only approved SFF/SFP GBIC transceivers. All approved SFF/SFP
GBIC transceivers:
1) Are 3.3V. Do not insert a 5V SFF/SFP GBIC.
2) Use Serial Identification. Do not use a GBIC that utilizes Parallel Identification.
LUOKAN 1
LASERLAITE
KLASS 1
LASER APPARAT
10 Avaya P334T-ML User’s Guide
Page 27
Installation
Specifications
Chapter 3
Installing and Removing a SFF/SFP GBIC Transceiver
Caution: Use only 3.3V Avaya-authorized SFF/SFP GBIC transceivers.
Use only SFF/SFP GBIC transceivers that use Serial Identification.
The SFF/SFP GBIC transceiver is fastened using a snap-in clip.
To Install the SFF/SFP GBIC transceiver:
• Insert the transceiver (take care to insert it the right way up) until it clicks in
place.
To Remove the SFF/SFP GBIC transceiver:
1 Press the clip on the bottom side of the transceiver.
2 Pull the transceiver out.
LX Transceiver
A 9 µm or 10 µm single-mode fiber (SMF) cable may be connected to a 1000Base-LX
SFF/SFP GBIC port. The maximum length is 10 km (32,808 ft).
A 50 µm or 62.5 µm multimode (MMF) fiber cable may be connected to a 1000BaseLX SFF/SFP GBIC port. The maximum length is 550 m (1,804 ft.) for
50 µm and 62.5 µm cable.
The LX transceiver has a Wavelength of 1300 nm, Transmission Rate of 1.25 Gbps,
Input Voltage of 3.3V, and Maximum Output Wattage of -3 dBm.
SX Transceiver
A 50 µm or 62.5 µm multimode (MMF) fiber cable may be connected to a
1000Base-SX SFF/SFP GBIC port. The maximum length is 500 m (1,640 ft.) for
50 µm and 220 m (722 ft.) for 62.5 µm cable.
The SX transceiver has a Wavelength of 850 nm, Transmission Rate of 1.25 Gbps,
Input Voltage of 3.3V, and Maximum Output Wattage of -4 dBm.
Avaya P334T-ML User’s Guide 11
Page 28
Chapter 3
Agency Approval
The transceivers comply with:
• EMC Emission: US – FCC Part 15, Subpart B, Class A;
Europe – EN55022 class A
• Immunity: EN50082-1
Safety: UL for US UL 1950 Std., C-UL (UL for Canada) C22.2 No.950 Std., Food and
Drug Administration (FDA) 21 CFR 1040.10 and 1040.11, and CE for Europe
EN60950 Std. Complies with EN 60825-1.
Gigabit Fiber Optic Cabling
Gigabit
Interface
1000BASE-SX MM 62.5 160 220 2 850
1000BASE-SX MM 62.5 200 275 2 850
1000BASE-SX MM 50 400 500 2 850
1000BASE-SX MM 50 500 550 2 850
1000BASE-LX MM 62.5 500 550 2 1310
1000BASE-LX MM 50 400 550 2 1310
1000BASE-LX SM 9 NA 10,000 2 1310
1000BASEELX
Fiber
Type
SM 9 NA 70,000 2 1550
Diameter
(µm)
Modal
Bandwidth
(MhzKm)
Maximum
Distance
(m)
Minimum
Distance
(m)
Wavelength
(nm)
12 Avaya P334T-ML User’s Guide
Page 29
Console Pin Assignments
For direct Console communications, connect the Avaya P330 to the Console
Terminal using the supplied RJ-45 crossed cable and RJ-45 to DB-9 adapter.
Chapter 3
Avaya P330 RJ-45 Pin
1 For future use NC See note
2TXD
3RXD
4CD48
5GND57
6DTR120
7RTS84
8CTS75
L Pin 1 of the Modem DB-25 connector is internally connected to Pin 7 GND.
Name
(DCE View)
(P330 input)
(P330 output)
Terminal
DB-9 Pins
33
22
Modem
DB-25 Pins
Avaya P334T-ML User’s Guide 13
Page 30
Chapter 3
14 Avaya P334T-ML User’s Guide
Page 31
SECTION 2: INSTALLATION
Page 32
Page 33
Chapter 4
Installation
The P334T-ML is ready to work after you complete the installation instructions
below.
Required Tools
Make sure you have the following tool at hand before undertaking the Installation
procedures:
• Phillips (cross-blade) screwdriver
Site Preparation
You can mount Avaya P330 switches alone or in a stack in a standard 19-inch
equipment rack in a wiring closet or equipment room. Up to 10 units can be stacked
in this way. When deciding where to position the unit, ensure that:
• It is accessible and cables can be connected easily and according to the
configuration rule.
• Cabling is away from sources of electrical noise such as radio transmitters,
broadcast amplifiers, power lines, and fluorescent lighting fixtures.
• Water or moisture cannot enter the case of the unit.
• There is a free flow of air around the unit and that the vents in the sides of the
case are not blocked.
L Use Octaplane cables to interconnect with other switches.
• The environmental conditions match the requirements listed below:
Table 4.1 Environmental Prerequisites
Operating Temp. -5 to 50°C (23 to 122°F)
Relative Humidity 5% to 95% non-condensing
Avaya P334T-ML User’s Guide 17
Page 34
Chapter 4 Installation
• The power source matches the specifications listed below:
Table 4.2 Power Requirements
Input voltage 90 to 265 VAC, 50/60 Hz
Power dissipation 100 W max
Input current 1.5 A
Table 4.3 Power Requirements
Input voltage -36 to -72 VDC
Power dissipation 100 W max
Input current 4 A max
– AC
– DC
18 Avaya P334T-ML User’s Guide
Page 35
Rack Mounting (Optional)
The P334T-ML case fits in most standard 19-inch racks. P334T-ML is 2U
(88 mm, 3.5”) high.
Place the P334T-ML in the rack as follows:
1 Snap open the ends of the front panel to reveal the fixing holes.
2 Insert the unit into the rack. Ensure that the four P334T-ML screw holes are
aligned with the rack hole positions as shown in Figure 4.1.
Figure 4.1 P334T-ML Rack Mounting
Chapter 4 Installation
3 Secure the unit in the rack using the screws. Use two screws on each side. Do
not overtighten the screws.
4 Snap close the hinged ends of the front panel.
5 Ensure that ventilation holes are not obstructed.
Avaya P334T-ML User’s Guide 19
Page 36
Chapter 4 Installation
Installing the X330STK-ML Stacking Sub-Module (Optional)
Caution: The stacking sub-modules contain components sensitive to electrostatic
discharge. Do not touch the circuit board unless instructed to do so.
To install the stacking sub-module in the P334T-ML:
1 Remove the blanking plate from the back of the P334T-ML switch.
2 Insert the stacking sub-module gently into the slot, ensuring that the metal base
plate is aligned with the guide rails. The metal plate of the X330STK-ML (and
not the PCB) fits onto the guide rails.
3 Press the sub-module in firmly until it is completely inserted into the
P334T-ML.
4 Gently turn the two screws on the side panel of the stacking sub-module until
they are secure.
L The P334T-ML must not be operated with the back-slot open. The stacking sub-
module should be covered with the supplied blanking plate if necessary.
L Only use the X330STK-ML stacking module with the P334T-ML.
Connecting Stacked Switches
L The two ends of the Octaplane cable terminate with different connectors. Each
connector can only be connected to its matching port.
You can use the following cables to connect stacked switches:
• Short Octaplane cable (X330SC) – ivory-colored, used to connect adjacent
switches (Catalog No. CB0223) or switches separated by a BUPS unit.
• Long/Extra Long Octaplane cable (X330LC/X330L-LC) – ivory-colored, used to
connect switches from two different physical stacks, or switches separated by a
BUPS unit (Catalog No. CB0225/CB0270).
• Redundant/Long Redundant Octaplane cable (X330RC/X330L-RC) – black,
used to connect the top and bottom switches of a stack (Catalog No. CB0222/
CB0269).
These are the same cables that are used with all the P330 switches.
To connect stacked switches:
L When adding a module to an existing stack, first connect the stacking cables and
then power up the module.
1 Plug the light grey connector of the Short Octaplane cable into the port marked
“to upper unit” of the bottom P330 switch.
2 Plug dark grey connector of same Short Octaplane cable to the port marked “to
lower unit” in the unit above. The connections are illustrated in Figure 4.3.
3 Repeat Steps 1 and 2 until you reach the top switch in the stack.
20 Avaya P334T-ML User’s Guide
Page 37
Chapter 4 Installation
4 If you wish to implement stack redundancy, use the Redundant Cable to
connect the port marked “to lower unit” on the bottom switch to the port
marked “to upper unit” on top switch of the stack.
5 Power up the added modules.
Caution: Do not cross connect two P330 switches with two Octaplane (light-colored)
cables. If you wish to cross-connect for redundancy, use one light-colored Octaplane
cable and one black redundancy cable. Figure 4.2 shows an incorrect connection.
L You can build a stack of up to 10 P330 switches (any mixture of P330 and P330-
ML modules within a stack is possible). If you do not wish to stack all the
switches in a single rack, use long Octaplane cables to connect two physical
stacks as shown in Figure 4.3.
Figure 4.2 Incorrect Stack Connection
BUPS
Connector
Cable to
Cable to
Lower Unit
Upper Unit
Power Supply
Connector
BUPS
Connector
Cable to
Cable to
Lower Unit
Upper Unit
Power Sup ply
Connector
L Figures 4.2 and 4.3 show the back panel of a P330 switch AC version. These
drawings also apply to the P330-ML products.
Avaya P334T-ML User’s Guide 21
Page 38
Chapter 4 Installation
330LC
Figure 4.3 P330 Stack Connections
Connector
Power Supply
Connector
Connector
Power Supply
Connector
Connector
Power Supply
Connector
Connector
Power Supply
Connector
Connector
Power Supply
Connector
BUPS
BUPS
BUPS
BUPS
BUPS
X330RC
Cable to
Cable to
Upper Unit
Lower Unit
X330SC
Cable to
Cable to
Upper Unit
Lower Unit
Cable to
Cable to
Upper Unit
Lower Unit
Cable to
Cable to
Lower Unit
Upper Unit
Cable to
Cable to
Upper Unit
Lower Unit
BUPS
Connector
5
Power Supply
Connector
BUPS
Connector
4
Power Supply
Connector
BUPS
Connector
3
Power Supply
Connector
BUPS
Connector
2
Power Supply
Connector
BUPS
Connector
1
Power Supply
Connector
Cable to
Cable to
10
Lower Unit
Upper Unit
Cable to
Cable to
9
Lower Unit
Upper Unit
8
Cable to
Cable to
Upper Unit
Lower Unit
Cable to
Cable to
7
Upper Unit
Lower Unit
6
Cable to
Cable to
Upper Unit
Lower Unit
X
22 Avaya P334T-ML User’s Guide
Page 39
Making Connections to Network Equipment
This section describes the physical connections that you can make between the
Avaya P330 switch and other network equipment.
Prerequisites
Make sure you have the following before attempting to connect network equipment
to the P330 switch:
• A list of network equipment to be connected to the P330 switch, detailing the
connector types on the various units
• All required cables (see below). Appropriate cables are available from your
local supplier.
Connecting Cables to Network Equipment
P334T-ML switches include the following types of ports (according to the speed and
standard they support): 10/100BASE-T and SFP GBIC
To connect the cables:
1 Insert an SFP GBIC (Small Form Factor Plugable Gigabit Interface Converter)
transceiver (not supplied) to port housings numbered 51 and 52.
L GBICs are 3.3V.
2 Connect an Ethernet fiberoptic cable (not supplied) to the GBIC transceiver. You
can use LC or MT-RJ fiberoptic cables, depending on the GBIC type you are
using. For a list of approved SFP GBIC transceivers, see
www.avayanetwork.com. For fiberoptic cable properties, see Table 4.4.
3 For all other ports, connect an Ethernet copper cable (not supplied) directly to
the ports. The copper ports can operate with 2 pair (4 wire) or 4 pair (8 wire)
Ethernet cables (crossed or straight). The maximum cable length is 100 m
(328 ft.).
4 Connect the other end of the cable to the Ethernet port of the PC, server, router,
workstation, switch, or hub.
5 Check that the appropriate link (LNK) LED lights up.
Chapter 4 Installation
Avaya P334T-ML User’s Guide 23
Page 40
Chapter 4 Installation
Table 4.4 displays the different types of SFP GBIC interfaces, their fiber type,
diameter, modal bandwidth, wavelengths, minimum and maximum distance.
Table 4.4 Gigabit Ethernet Cabling
Gigabit
Interface
Fiber
Type
Diameter
(µm)
Modal
Bandwidth
(MhzKm)
Maximum
Distance
(m)
Minimum
Distance
(m)
Wavelength
(nm)
1000BASE-SX MM 62.5 160 220 2 850
1000BASE-SX MM 62.5 200 275 2 850
1000BASE-SX MM 50 400 500 2 850
1000BASE-SX MM 50 500 550 2 850
1000BASE-LX MM 62.5 500 550 2 1310
1000BASE-LX MM 50 400 550 2 1310
1000BASE-LX SM 9 NA 10,000 2 1310
1000BASE-ELX SM 9 NA 70,000 2 1550
24 Avaya P334T-ML User’s Guide
Page 41
Chapter 5
Powering Up the Avaya P330
This section describes the procedures for powering up the Avaya P330 unit.
Powering On – Avaya P330 Module AC
For the AC input version of the Avaya P330, insert the AC power cord into the
power inlet in the back of the unit. The unit powers up.
If you are using a BUPS, insert a power cord from the BUPS into the BUPS-ML
connector in the back of the unit. The unit powers up even if no direct AC power is
applied to the unit.
After power up or reset, the Avaya P330 performs a self test procedure.
Caution: Ensure that you connect your P330-ML units to the BUPS-ML only. The
P330 BUPS is not compatible with P330-ML units.
Powering On – Avaya P330 Switch DC
For the DC input version of the Avaya P330, connect the power cable to the switch
at the input terminal block.
1 The terminals are marked “+”, “-“, and with the IEC 5019a Ground symbol.
2 The size of the three screws in the terminal block is M3.5.
3 The pitch between each screw is 9.5mm.
Connect the power cable to the DC power supply. After power up or reset, the
Avaya P330 performs a self test procedure.
Warning: Before performing any of the following procedures, ensure that DC power
is OFF.
Caution: This product is intended for installation in restricted access areas and is
approved for use with 18 AWG copper conductors only. The installation must
comply with all applicable codes.
Avaya P334T-ML User’s Guide 25
Page 42
Chapter 5 Powering Up the Avaya P330
Warning: The proper wiring sequence is ground to ground, positive to positive and
negative to negative. Always connect the ground wire first and disconnect it last.
Post-Installation
The following indicate that you have performed the installation procedure
correctly:
Table 5.1 Post-Installation Indications
Procedure Indication
Powering the P330 All front panel LEDs illuminate
briefly.
Creating Stacks The LED next to the
appropriate connection (“Cable
to upper unit” or “Cable to
lower unit”) is lit.
If you do not receive the appropriate indication, please refer to “Troubleshooting
the Installation“.
Troubleshooting
Information
Page 157
Page 157
26 Avaya P334T-ML User’s Guide
Page 43
Chapter 6
Avaya P334T-ML Front and Rear Panels
Avaya P334T-ML Front Panel
The P334T-ML front panel contains LEDs, controls, and connectors. The status LEDs
and control buttons provide at-a-glance information.
The front panel LEDs consist of Port LEDs and Function LEDs. The Port LEDs
display information for each port according to the illuminated function LED. The
function is selected by pressing the left or right button until the desired parameter
LED is illuminated. Each Function is displayed first for ports 1-24. Pressing the
same button a second time displays the function for ports 25-48 (see Figure 6.3).
Pressing the same button a third time will move to the next function. When the
25-48 LED is OFF, ports 1-24 are displayed, and when the 25-48 LED is ON, ports
25-48 are displayed. The information for the SFP ports (51, 52) is displayed
regardless of the status of the 25-48 LED.
For example, if the COL LED is illuminated, and the 25-48 LED is off, then all Port
LEDs show the collision status of ports 1-24. If you wish to select the LAG function
for the same ports, then press the right button until the LAG Function LED is lit and
the 25-48 LED is OFF. If you then wish to select Rx for ports 25-48, press the left
button several times until both the Rx function LED and the 25-48 LED light.
The P334T-ML front panel shown below includes LEDs, buttons, SFP GBIC
transceiver housings 10/100BASE-T ports and the RJ-45 console connector. The
LEDs are described in Table 6.1.
L The 10/100BASE-T ports of the P334T-ML are numbered from 1-48. The two
SFP Gigabit Ethernet ports are numbered 51,52. Port LED numbers 49-50 are
reserved.
Figure 6.1 P334T-ML Front Panel
Avaya P334T-ML User’s Guide 27
Page 44
Chapter 6 Avaya P334T-ML Front and Rear Panels
Figure 6.2 P334T-ML LEDs
51
52
54 55
5653
131415 16
LNK
Figure 6.3 Order of Function Parameters Selected with the Left/Right Front Panel
Buttons
5
4
3
2
67
18 19 20
17
Hspd
25-48
LAG
FCRxCOL Tx1FDX
109
11 12
21 222324
OPRRout8SYS
PWR
Table 6.1 Avaya P334T-ML LED Descriptions
LED Name Description LED Status
OFF – Power is off
PWR Power Status
ON – Power is on
Blink – Using BUPS-ML power only
OFF – Module is booting
OPR CPU Operation
ON – Normal operation
28 Avaya P334T-ML User’s Guide
Page 45
Chapter 6 Avaya P334T-ML Front and Rear Panels
Table 6.1 Avaya P334T-ML LED Descriptions (Continued)
LED Name Description LED Status
OFF – Module is a slave in a stack
ON – Module is the master of the stack and
the Octaplane and Redundant (optional)
SYS System Status
cable(s) are connected correctly.
This LED will also light in Standalone mode.
Blink – Box is the master of the stack and the
Octaplane is in redundant mode.
OFF – Layer 2 mode
ROUT Routing Mode
ON – Router mode
The following Function LEDs apply to all ports
ON – Link is OK
LNK Port Status
OFF – Port is disabled
Blink – Port is enabled, but Link is down
OFF – No collision or full-duplex port for
COL Collision
ports 1 -48; always OFF for ports 51-52.
ON – Collision occurred on line.
OFF – No transmit activity
Tx Transmit to line
ON – Data transmitted on line from the
module
OFF – No receive activity
Rx Receive from line
ON – Data received from the line into the
module
ON – Full duplex mode (ports 1-48)
OFF – Half duplex mode (ports 1-48)
FDX Full Duplex mode
Always ON for ports 51,52 (full-duplex mode
only)
Avaya P334T-ML User’s Guide 29
Page 46
Chapter 6 Avaya P334T-ML Front and Rear Panels
Table 6.1 Avaya P334T-ML LED Descriptions (Continued)
LED Name Description LED Status
FC Flow Control
OFF – No flow control.
ON – One of the three possible flow control
modes is enabled.
Note: FC LED for Gigabit Ethernet ports
reflect the last negotiated mode when
autonegotiation is enabled and the link is
down.
LAG
Link Aggregation
Group (Trunking)
L All LEDs are lit during reset.
OFF – No LAG defined for this port
ON – Port belongs to a LAG
30 Avaya P334T-ML User’s Guide
Page 47
Avaya P334T-ML Back Panel
Table 6.2 Avaya P334T-ML <- -> Select buttons
Description Function
Left/Right Individual – select LED function (see table above)
Reset module Press both right and left buttons together for approximately 2
seconds. All LEDs on module light up until buttons are
released.
Reset stack Press both Right and Left buttons together for 4 seconds. All
LEDs on stack light up until buttons are released.
The P334T-ML back panel contains a Stacking Sub-module slot, power supply and
BUPS-ML connector. Figure 6.3 shows the back panel of the AC version switch and
Figure 6.4 shows the back panel of the DC version switch with a stacking submodule installed.
Chapter 6 Avaya P334T-ML Front and Rear Panels
Figure 6.4 P334T-ML AC version Back Panel (with Stacking Sub-module,
BUPS-ML connector cover plate removed)
Figure 6.5 P334T-ML DC Back Panel (without Stacking Sub-module installed,
BUPS-ML connector cover plate shown)
Avaya P334T-ML User’s Guide 31
Page 48
Chapter 6 Avaya P334T-ML Front and Rear Panels
BUPS-ML Input Connector
The BUPS-ML input connector is a 3.3 VDC and 5 VDC connector for use with the
P330 BUPS-ML unit only. A BUPS Input sticker appears directly above the
BUPS-ML input connector, which is covered with a metal plate.
Figure 6.6 BUPS-ML Input Connector Sticker
32 Avaya P334T-ML User’s Guide
Page 49
Chapter 7
Establishing Switch Access
This chapter describes various methods for accessing the Avaya P330 CLI and
logging in with the appropriate security level.
Methods for accessing the Avaya P330 CLI include using:
• a terminal to the serial port on the switch
• P330 Sessions
• a workstation running a Telnet or SSH session connected via the network
• a remote terminal/workstation attached via a modem (PPP connection)
Establishing a Serial Connection
This section describes the procedure for establishing switch access between a
terminal and the Avaya P330 switch over the serial port provided on the front panel
of the P330 (RJ-45 connector labeled “Console”). For information on the console port
pin assignments, refer to “Console Pin Assignments“ on page 13.
Configuring the Terminal Serial Port Parameters
The serial port settings for using a terminal or terminal emulator are as follows:
• Baud Rate - 9600 bps
• Data Bits - 8 bits
•Parity - None
•Stop Bit - 1
•Flow Control - None
• Terminal Emulation - VT-100
Connecting a Terminal to the Avaya P330 Serial port
Perform the following steps to connect a terminal to the Avaya P330 Switch Console
port for accessing the text-based CLI:
1 The P330 device is supplied with a console cable and a RJ-45-to-DB-9 adaptor.
Use these items to connect the serial (COM) port on your PC/terminal to the
Avaya P330 console port.
2 Ensure that the serial port settings on the terminal are 9600 baud, 8 bits, 1 stop
bit and no parity.
3 When you are prompted for a Login Name, enter the default login. The default
login is root.
4 When you are promoted for a password, enter the user level password root.
Avaya P334T-ML User’s Guide 33
Page 50
Chapter 7 Establishing Switch Access
P330 Sessions
You can use sessions to switch between the CLI of P330 modules, other stack entities
(for example, an X330 ATM or WAN entity plugged into a specific P330 switch or
with the G700 Media Gateway Processor), or to switch between Layer 2 and Layer 3
commands in the router module.
To switch between P330 modules use the command:
session [<mod_num>] <mode>.
The <mod_num> is the number of the module in the stack, counting from the bottom
up.
The <mode> can be either switch, router, wan, atm, mgp.
Use switch mode to configure layer 2 commands.
Use router mode to configure routing commands.
Examples:
To configure router parameters in the module that you are currently logged into,
type the following command:
session router.
To configure the switch parameters, on module 6, type the command:
session 6 switch.
L When you use the session command the security level stays the same.
Assigning P330’s IP Stack Address
L All P330 switches are shipped with the same default IP address. You must
change the IP address of the master P330 switch in a stack in order to guarantee
that the stack has its own unique IP address in the network.
The network management station or a workstation running Telnet session can
establish communications with the stack once this address had been assigned and
the stack has been inserted into the network. Use the CLI to assign the P330 stack an
IP address and net mask.
To assign a P330 IP stack address:
1 Establish a serial connection by connecting a terminal to the Master P330 switch
of the stack.
2 When prompted for a Login Name, enter the default name root
3 When you are prompted for a password, enter the password root. You are
now in Supervisor Level.
4 At the prompt, type:
set interface inband <vlan> <ip_address> <netmask>
Replace <vlan>, <ip_address> and <netmask> with the VLAN,
IP address, and net mask of the stack.
5 Press Enter to save the IP address and net mask.
34 Avaya P334T-ML User’s Guide
Page 51
6 At the prompt, type reset and press Enter to reset the stack. After the Reset,
log in again as described above.
7 At the prompt, type set ip route <dest> <gateway> and replace <dest>
and <gateway> with the destination and gateway IP addresses.
Establishing a Telnet Connection
Perform the following steps to establish a Telnet connection to the Avaya P330 for
configuration of Stack or Router parameters. You can Telnet the Stack Master
IP address:
1 Connect your station to the network.
2 Verify that you can communicate with the Avaya P330 using Ping to the IP of
the Avaya P330. If there is no response using Ping, check the IP address and
default gateway of both the Avaya P330 and the station.
L The Avaya P330 default IP address is 149.49.32.134 and the default subnet mask
is 255.255.255.0.
3 From the Microsoft Windows taskbar of your PC click Start and then Run (or
from the DOS prompt of your PC), then start the Telnet session by typing:
telnet <P330_IP_address>
If the IP Address in the Telnet command is the IP address of the stack, then
connection is established with the Switch CLI entity of the Master module.
When you see the “Welcome to P330” menu and are prompted for a Login
Name, enter the default name root
4 When you are prompted for a password, enter the User Level password root
in lower case letters (do NOT use uppercase letters). The User level prompt will
appear when you have established communications with the Avaya P330.
5 Press Enter to save the destination and gateway IP addresses.
Chapter 7 Establishing Switch Access
Establishing an SSH Connection
Perform the following steps to establish an SSH connection to the Avaya P330 for
configuration of Stack or Router parameters. You can open an SSH session to the
Stack Master IP address:
1 Connect your station to the network.
2 Verify that you can communicate with the Avaya P330 using Ping to the IP of
the Avaya P330. If there is no response using Ping, check the IP address and
default gateway of both the Avaya P330 and the station.
L The Avaya P330 default IP address is 149.49.32.134 and the default subnet mask
is 255.255.255.0.
3Using the show ip ssh command, ensure that an SSH key has been generated
on the switch using the crypto key generate dsa command and that SSH
is enabled on the switch using the ip ssh enable command.
4 Using your SSH client software, open a session to the Stack Master IP address.
Avaya P334T-ML User’s Guide 35
Page 52
Chapter 7 Establishing Switch Access
5 When you are prompted for a password, enter the User Level password root
in lower case letters (do NOT use uppercase letters). The User level prompt will
appear when you have established communications with the Avaya P330.
Establishing a Modem (PPP) Connection with the P330
Overview
Point-to-Point Protocol (PPP) provides a Layer 2 method for transporting
multi-protocol datagrams over modem links.
Connecting a Modem to the Console Port
A PPP connection with a modem can be established only after the Avaya P330 is
configured with an IP address and net-mask, and the PPP parameters used in the
Avaya P330 are compatible with the modem’s PPP parameters.
1 Connect a terminal to the console port of the Avaya P330 switch as described in
Connecting a Terminal to the Avaya P330 Serial port.
2 When you are prompted for a Login Name, enter the default name root.
3 When you are prompted for a password, enter the password root. You are
now in Supervisor Level.
4 At the prompt, type:
set interface ppp <ip_addr> <net-mask>
with an IP address and netmask to be used by the Avaya P330 to connect via its
PPP interface.
L The PPP interface configured with the set interface ppp command must
be on a different subnet from the stack inband interface.
5 Set the baud rate, ppp authentication, and ppp time out required to match your
modem. These commands are described in the Avaya P330: Reference Guide.
6 At the prompt, type:
set interface ppp enable
The CLI responds with the following:
Entering the Modem mode within 60 seconds...
Please check that the proprietary modem cable is plugged
into the console port
7 Use the DB-25 to RJ-45 connector to plug the console cable to the modem’s
DB-25 connector. Plug the other end of the cable RJ-45 connector to the
Avaya P330 console’s RJ-45 port.
8 The Avaya P330 enters modem mode.
9 You can now dial into the switch from a remote station, and open a Telnet
session to the PPP interface IP address.
36 Avaya P334T-ML User’s Guide
Page 53
Security Levels
There are four security access levels – User, Privileged, Configure, and Supervisor.
• The User level (‘read-only’) is a general access level used to show system
parameter values.
• The Privileged level (‘read-write’) is used by site personnel to access stack
configuration options.
• The Configure level is used by site personnel for Layer 3 configuration.
• The Supervisor level (‘administrator’) is used to define user names, passwords,
and access levels of up to 10 local CLI users, configure SNMPv3, configure
RADIUS authentication, and control access protocols to the device.
L If you wish to define more than ten users per switch, or accounts for a user on
multiple switches, use RADIUS (Remote Authentication Dial-In User Service).
A login name and password are always required to access the CLI and the
commands. The login name, password, and access-type (i.e., security level) for a
user account are established using the username command.
Switching between the entities, does not effect the security level since security levels
are established specifically for each user. For example, if the operator with a
privileged security level in the Switch entity switches to the Router entity the
privileged security level is retained.
L If you wish to increase security, you can change the default user accounts and
SNMP communities.
L The Web management passwords are the same as those of the CLI. If you
change the passwords of the CLI then those passwords become active for Web
management as well.
Chapter 7 Establishing Switch Access
Entering the Supervisor Level
The Supervisor level is the level in which you first enter P330 CLI and establish user
names for up to 10 local users. When you enter the Supervisor level, you are asked
for a Login name. Type root as the Login name and the default password root
(in lowercase letters):
Welcome to P330
Login: root
Password:****
Password accepted.
Cajun_P330-N(super)#
Avaya P334T-ML User’s Guide 37
Page 54
Chapter 7 Establishing Switch Access
Defining new local users
Define new users and access levels using the following command in Supervisor
Level:
In order to... Use the following command...
Exiting the Supervisor Level
To exit the Supervisor level, type the command exit.
Entering the CLI
To enter the CLI, enter your username and password. Your access level is indicated
in the prompt as follows:
The User level prompt is shown below:
Cajun_P330-N>
The Privileged level prompt is shown below:
Cajun_P330-N#
The Configure level prompt for Layer 3 configuration is shown below:
P330-N(configure)#
The Supervisor level prompt is shown below:
Cajun_P330-N(super)#
Add a local user account and
username
configure a user (name, password
and access level)
To remove a local user account no username
Display the username, password
show username
and access type for all users on the
switch
38 Avaya P334T-ML User’s Guide
Page 55
Chapter 8
User Authentication
Introduction
A secure system provides safeguards to insure that only authorized personnel can
perform configuration procedures. In Avaya P330, these safeguards form part of the
CLI architecture and control remote access via SNMP, Telnet, and SSH. In addition,
you can block any of the IP protocols supported by the P330.
SNMP Support
Introduction to SNMP
SNMP Versions
There are currently three versions of (Simple Network Management Protocol)
SNMP:
•SNMPv1
• SNMPv2c
•SNMPv3
The P330 supports device access using all three versions of SNMP.
Managers and Agents
SNMP uses software entities called managers and agents to manage network
devices. The manager monitors and controls all other SNMP-managed devices or
network nodes on the network. There must be at least one SNMP Manager in a
managed network. The manager is installed on a workstation located on the
network.
An agent resides in a managed device or network node. The agent receives
instructions from the SNMP Manager, generates reports in response to requests
from the SNMP Manager, and also sends management information back to the
SNMP Manager as events occur. Every P330 module has an agent. However, on
each P330 stack, one module is selected to be the master module. The stack is
managed via the master module’s agent.
There are many SNMP management applications, but all these applications perform
the same basic task. They allow SNMP managers to communicate with agents to
configure, get statistics and information, and receive alerts from network devices.
You can use any SNMP-compatible network management system to monitor and
Avaya P334T-ML User’s Guide 39
Page 56
Chapter 8 User Authentication
control the P330.
Manager/Agent Communication
There are several ways that the SNMP manager and the agent communicate.
The manager can:
• Retrieve a value – a get action
The SNMP manager requests information from the agent, such as the link status
of an Ethernet port or the number of good packets received on the switch. The
agent gets the value of the requested MIB variable and sends the value back to
the manager.
• Retrieve the value immediately after the variable you name – a get-next action.
The SNMP manager retrieves values from the MIB tree. Using the get-next
function, you do not need to know the exact variable name you are looking for.
The SNMP manager takes the variable you name and then uses a sequential
search to find the desired variable.
• Retrieve a number of values – a get-bulk action
The get-bulk operation retrieves the specified number of instances of the
requested MIB variable. This minimizes the number of protocol exchanges
required to retrieve a large amount of data.
L Get-bulk is not supported in SNMPv1.
• Change a setting on the agent – a set action
The SNMP manager requests the agent to change the value of the MIB variable.
For example, you can enable or disable a port.
• An agent can send an unsolicited message to the manager at any time if a
significant, predetermined event takes place on the agent. This message is called
a trap.
When a trap condition occurs, the SNMP agent sends an SNMP trap message to
the specified trap receiver or trap host. The SNMP Administrator configures the
trap host, usually the SNMP management station, to perform the action needed
when a trap is detected.
SNMPv1
SNMPv1 uses community strings to limit access rights. Each SNMP device is
assigned to a read community and a write community. To communicate with a
switch, you must send an SNMP packet with the relevant community name.
By default, if you communicate with a switch using only the read community, you
are assigned the security name ’ReadCommN’. This security name is mapped to
the ’ReadCommG’ group by default. This allows you to view the agent’s MIB tree,
but cannot change any of the values in the MIB tree.
If you communicate with a switch using the write community, you are assigned the
security name ’WriteCommN’. This security name is mapped to the
40 Avaya P334T-ML User’s Guide
Page 57
Chapter 8 User Authentication
’WriteCommG’ group by default. This allows you to view the agent’s MIB tree and
change any of the values in the MIB tree.
L If you delete the ReadCommN or WriteCommN users, the ReadCommG or
WriteCommG groups, or the SNMPv1View you may not be able to access the
switch using SNMPv1 or SNMPv2c.
In addition, traps are sent to designated trap receivers. Packets with trap
information also contains a trap community string.
SNMPv2c
SNMPv2c is very similar to SNMPv1. However, SNMPv2c adds support for the
get-bulk action and supports a different trap format.
SNMPv3
SNMPv3 enables the following features over SNMPv1 or v2c:
• User authentication with a username and password.
• Communication encryption between the Network Management Station (NMS)
and the SNMP agent at the application level
• Access control definition for specific MIB items available on the SNMP agent
• Notification of specified network events directed toward specified users
• Definition of roles using access control, each with unique access permissions
and authentication/encryption requirements
The basic components in SNMPv3 access control are users, groups, and views.
In addition. SNMPv3 uses an SNMP engine ID to identify SNMP identity. An
SNMP engine ID is assigned to each IP address of each device in the network. Each
SNMP engine ID should be unique in the network.
Users
SNMPv3 uses the User-based Security Model (USM) for security, and the
View-based Access Control Model (VACM) for access control. USM uses the
HMAC-MD5-96 and HMAC-SHA-96 protocols for user authentication, and the
CBC-DES56 protocol for encryption or privacy.
A maximum of 21 users, including local users and remote users getting notifications
can be defined on a stack. If the SNMP engine ID changes, all users other than the
default user for the stack are invalid and must be redefined. The SNMP engine ID
can be changed via the CLI. In addition, a change in the IP address of the stack
automatically changes the SNMP engine ID.
SNMPv3 supports three security levels:
• NoAuthNoPriv – This is the lowest level of SNMPv3 security. No (Message
Authentication Code) MAC is provided with the message, and no encryption is
performed. This method is maintains the same security level as SNMPv1, but
provides a method for limiting the access rights of a user.
Avaya P334T-ML User’s Guide 41
Page 58
Chapter 8 User Authentication
• AuthNoPriv – User authentication is performed based on MD5 or SHA
algorithms. The message is sent with an HMAC that is calculated with the user
key. The data part is sent unencrypted.
• AuthPriv – User authentication is performed based on MD5 or SHA algorithms.
The message is sent in encrypted MAC that is calculated with the user key, and
the data part is sent with DES56 encryption using the user key.
To create an SNMPv3 user account, the following information must be provided:
• UserName – string representing the name of the user.
Maximum length: 32 characters.
• Authentication Protocol – The authentication protocol to use. Possible values
are: No auth, HMAC MD5, or HMAC SHA-1.
• Authentication Password – The authentication password is transformed using
the authentication protocol and the SNMP engine ID to create an authentication
key.
• Privacy Protocol – The privacy protocol to use. Possible values are: No privacy,
DES privacy.
• Privacy Password – The privacy password is transformed using the privacy
protocol and the SNMP engine ID to create a privacy key.
• GroupName – 32 character string representing the name of the group.
• SecurityModel – The security model to use. Possible values are: 1 (SNMPv1),
2 (SNMPv2c), 3 (USM).
Groups
In SNMPv3, each user is mapped to a group. The group maps its users to defined
views. These views define sets of access rights, including read, write, and trap or
inform notifications the users can receive.
The group maps its users to views based on the security mode and level with which
the user is communicating with the switch. Within a group, the following
combinations of security mode and level can be mapped to views:
• SNMPv1 – Anyone with a valid SNMPv1 community name.
• SNMPv2c – Anyone with a valid SNMPv2c community name.
• NoAuthNoPriv – An SNMPv3 user using the NoAuthNoPriv security level.
• AuthNoPriv – An SNMPv3 user using the AuthNoPriv security level.
• AuthPriv – An SNMPv3 user using the AuthPriv security level.
If views are not defined for all security modes and levels, a user can access the
highest level view below his security level. For example, if the SNMPv1 and
SNMPv2c views are undefined for a group, anyone logging in using SNMPv1 and
SNMPv2c cannot access the device. If the NoAuthNoPriv view is not defined for a
group, SNMPv3 users with a NoAuthNoPriv security level can access the SNMPv2c
view.
To create an SNMPv3 group, the following information must be provided:
• GroupName – 32 character string representing the name of the group.
42 Avaya P334T-ML User’s Guide
Page 59
Chapter 8 User Authentication
• SNMPv1 – The name of the view for anyone communicating with the device via
SNMPv1.
• SNMPv2c – The name of the view for anyone communicating with the device
via SNMPv2c.
• NoAuthNoPriv – The name of the view for SNMPv3 NoAuthNoPriv users.
• AuthNoPriv – The name of the view for SNMPv3 AuthNoPriv users.
• AuthPriv – The name of the view for SNMPv3 AuthPriv users.
Views
There are three types of views:
• Read Views – Allow read-only access to a specified list of Object IDs (OIDs) in
the MIB tree.
• Write Views – Allow read-write access to a specified list of OIDs in the MIB
tree.
• Notify Views – Allow SNMP notifications from a specified list of OIDs to be
sent.
Each view consists of a list of OIDs in the MIB tree. This list can be created using
multiple “snmp-server view” commands to either add OIDs to the list or
exclude OIDs from a list of all of the OIDs in the switch’s MIB tree.
You can use wildcards to include or exclude an entire branch of OIDs in the MIB
tree, using an asterisk instead of the specific node.
To create an SNMPv3 view, the following information must be provided:
• ViewName – 32 character string representing the name of the view.
• ViewType – Indicates whether the specified OID is included or excluded from
the view.
• OIDs – A list of the OIDs accessible using the view.
SNMP Commands
The following SNMP commands are available.
In order to... Use the following command...
Enable SNMP access to the device snmp-server enable
Disable SNMP access to the device no snmp-server
Enable SNMPv1 access to the
snmp-server community
device
Disable SNMPv1 access to the
no snmp-server community
device
Configure the SNMPv3 engine ID snmp-server engineID
Avaya P334T-ML User’s Guide 43
Page 60
Chapter 8 User Authentication
In order to... Use the following command...
Return the SNMPv3 engine ID to its
no snmp-server engineID
default
Create an SNMPv3 user snmp-server user
Remove an SNMPv3 user no snmp-server user
Create an SNMPv3 group snmp-server group
Remove an SNMPv3 group no snmp-server group
Create a view or add or exclude
snmp-server view
OIDs from a view
Delete an SNMPv3 view no snmp-server view
Set a read/write/trap SNMPv1
set snmp community
community name
Display a list of SNMPv3 views show snmp view
Display a table of SNMPv3 users
show snmp userToGroup
and the groups with which they are
mapped
Display the SNMPv3 engine ID show snmp engineID
Display a list of SNMPv3 groups show snmp group
Display a list of SNMPv3 users show snmp user
Display a list of SNMPv3
show snmp
notification receivers and SNMPv1
trap receivers
Enable or disable link up/link
set port trap
down notifications and traps
Define SNMPv1 trap receivers or
set snmp trap
configure the SNMPv1 traps sent
by the device
Removes SNMPv1 trap receivers clear snmp trap
Enable or disable SNMPv1 traps for
set snmp trap enable/disable auth
authentication failures
44 Avaya P334T-ML User’s Guide
Page 61
Chapter 8 User Authentication
In order to... Use the following command...
Enable SNMP notifications (traps
and inform)
Disable SNMP notifications (traps
and inform)
Create an SNMPv3 remote user for
SNMP notifications
Remove an SNMPv3 remote user
for SNMP notifications
Configure the SNMPv3 timeout
and retries for notifications
Define an SNMPv3 notification
host
Remove an SNMPv3 notification
host
snmp-server enable notifications
no snmp-server notifications
snmp-server remote-user
no snmp-server remote-user
snmp-server informs
snmp-server host
no snmp-server host
Avaya P334T-ML User’s Guide 45
Page 62
Chapter 8 User Authentication
SSH Protocol Support
Introduction to SSH
SSH (Secure Shell) protocol is a security protocol that enables establishing a remote
session over a secured tunnel, also called a remote shell. SSH accomplishes this by
creating a transparent encrypted channel between the local and remote devices. In
addition to remote shell, SSH also provides secure file transfer between the local
and remote devices.
SSH uses password authentication.
A maximum of two SSH sessions can be active per router module in the stack, with
two additional active SSH sessions per stack. For example, if a stack contains three
router modules, a maximum of eight SSH sessions can be active on the stack.
The P330 agent reports SSH sessions opened to it. In addition, each router module
reports the SSH sessions opened to its router interface. The user can disconnect
selected SSH sessions.
The SSH session-establishment process is divided into the following stages, as
shown in Figure 8.1:
• SSH client connection:
— The P330 generates a key of variable length (512-2048 bits) using the DSA
encryption method. This is the private key.
— The P330 calculates an MD5 Hash of the public key, called a fingerprint. The
fingerprint is always 16 bytes long. This fingerprint is displayed.
— The P330 sends the public key (i.e., the fingerprint,) to the client computer.
This public key is used by the client to encrypt the data it sends to the P330.
The P330 decrypts the data using the private key.
— Both sides negotiate and must agree on the same chipper type. The P330
only supports 3DES-CBC encryption. The user on the client side accepts the
fingerprint. The client keeps an IP vs. fingerprint public key cache and
notifies the user if the cache changes.
— The client chooses a random number that is used to encrypt and decrypt the
information sent.
— This random number is sent to the P330, after encryption based on the
P330’s public key.
— When the P330 receives the encrypted random number, it decrypts it using
the private key. This random number is now used with the 3DES-CBC
encryption method for all encryption and decryption of data. The public
and private keys are no longer used.
• User Authentication:
— Before any data is transferred, the P330 requires the client to supply a user
name and password. This authenticates the user on the client side to the
P330.
46 Avaya P334T-ML User’s Guide
Page 63
Figure 8.1 SSH Session Establishment Process
Chapter 8 User Authentication
SSH Commands
The following SSH commands are accessible from Supervisor level.
Device Dom ain Host Domain
SSH Server
Username
List
Host RS A
key
SSH Client Connection
Establish Connection
Public Key and Enc ryptions List
Private Key and Enc ry ptions Lis t
Acknowledgment (ACK)
User Authentication
User Passw ords
Initiate CLI Sess ion
SSH Client
Hostnames
List
In order to... Use the following command...
Enable SSH and configure SSH
ip ssh enable
parameters
Disable the SSH server no ip ssh
Display active SSH sessions on the
show ip ssh
device. This command is only
available from the master module
switch context and from all router
contexts.
Disconnect an existing SSH session.
disconnect ssh
If an SSH session was entered from
the router, it can only be
disconnected from router mode.
Generate an SSH host key pair crypto key generate dsa
Avaya P334T-ML User’s Guide 47
Page 64
Chapter 8 User Authentication
SCP Protocol Support
In addition to data transfer via an SSH session, the SSH protocol is also used to
support SCP for secure file transfer. When using SCP, the P330 is the client, and an
SCP server must be installed on the management station. After defining users on the
SCP server, the device acts as an SCP client.
The procedure described in the “Introduction to SSH“ on page 46 is used with the
roles of the P330 and the client computer reversed.
To accomplish secured transfers, a P330 launches a local SSH client via the CLI in
order to establish a secured channel to the secured file server. The P330
authenticates itself to the server by providing a user name and password. With a
Windows-based SSH server (WinSSHD), the user name provided must be a defined
user on the Windows machine with read/write privileges. The files transferred via
SCP are saved in the “C:\Documents and Settings\username” directory.
The network element performs file transfer in unattended mode.
L The P330 doesn't block SCP traffic from users not on the allowed managers list,
because it is the SSH client. In addition, the P330 doesn't prompt the user to
accept the Server’s fingerprint nor warns the user if the fingerprint from an IP
address has changed.
For information on SCP file transfer commands, refer to “Uploading and
Downloading Device Configurations and Images“on page 65.
48 Avaya P334T-ML User’s Guide
Page 65
RADIUS
Introduction to RADIUS
User accounts are typically maintained locally on the switch. Therefore, if a site
contains multiple Avaya Switches, it is necessary to configure each switch with its
own user accounts. Additionally, if for example a 'read-write' user has to be
changed into a 'read-only' user, you must change all the 'read-write' passwords
configured locally in every switch, in order to prevent him from accessing this level.
This is obviously not effective management. A better solution is to have all of the
user login information kept in a central location where all the switches can access it.
P330 features such a solution: the Remote Authentication Dial-In User Service
(RADIUS).
A RADIUS authentication server is installed on a central computer at the customer's
site. On this server user authentication (account) information is configured that
provides various degrees of access to the switch. The P330 will run as a RADIUS
client. When a user attempts to log into the switch, if there is no local user account
for the entered user name and password, then the switch will send an
Authentication Request to the RADIUS server in an attempt to authenticate the user
remotely. If the user name and password are authenticated, then the RADIUS server
responds to the switch with an Authentication Acknowledgement that includes
information on the user's privileges ('administrator', 'read-write', or 'read-only'),
and the user is allowed to gain access to the switch. If the user is not authenticated,
then an Authentication Reject is sent to the switch and the user is not allowed access
to the switch's embedded management.
The Remote Authentication Dial-In User Service (RADIUS) is an IETF standard
(RFC 2138) client/server security protocol. Security and login information is stored
in a central location known as the RADIUS server. RADIUS clients, such as the P330,
communicate with the RADIUS server to authenticate users.
All transactions between the RADIUS client and server are authenticated through
the use of a “shared secret” which is not sent over the network. The shared secret is
an authentication password configured on both the RADIUS client and its RADIUS
servers. The shared secret is stored as clear text in the client’s file on the RADIUS
server, and in the non-volatile memory of the P330. In addition, user passwords are
sent between the client and server are encrypted for increased security.
Chapter 8 User Authentication
Avaya P334T-ML User’s Guide 49
Page 66
Chapter 8 User Authentication
Figure 8.2 illustrates the RADIUS authentication procedure:
Figure 8.2 RADIUS Authentication Procedure
User attempts login
Local User
account
authenticated in
switch?
No
Authentication
request sent to
RADIUS Server
User name and
password
authenticated?
No
Authentication Reject
sent to switch
User cannot access switch
embedded managegment
Yes
Yes
Perform log-in according
to user's priviliege level
to switch
50 Avaya P334T-ML User’s Guide
Page 67
Radius Commands
The following RADIUS commands are accessible from Supervisor level.
In order to... Use the following command...
Chapter 8 User Authentication
Enable or disable authentication for
the P330 switch. RADIUS
authentication is disabled by
default
Set a primary or secondary
RADIUS server IP address
Configure a character string to be
used as a “shared secret” between
the switch and the RADIUS server
Set the RFC 2138 approved UDP
port number.
Set the number of times an access
request is sent when there is no
response
Set the time to wait before
re-sending an access request
Remove a primary or secondary
RADIUS authentication server
Display all RADIUS authentication
configurations. Shared secrets are
not displayed.
set radius authentication
set radius authentication server
set radius authentication secret
set radius authentication udp-port
set radius authentication
retry-number
set radius authentication retry-time
clear radius authentication server
show radius authentication
For a complete description of the RADIUS CLI commands, including syntax and
output examples, refer to Avaya P330: Reference Guide.
Avaya P334T-ML User’s Guide 51
Page 68
Chapter 8 User Authentication
Telnet Client Support
Introduction to Telnet
The P330ML supports invocation of a Telnet client from the CLI. The Telnet client
implementation enables you to control the destination port for connecting daemons
that listen on a non-default port.
Authentication when connecting to the switch via Telnet is identical to standard
console connection authentication (local or RADIUS).
L Enabling and disabling the Telnet-client service can only be done using a direct
console connection via the Console port.
By default the Telnet-client service is disabled.
Telnet Commands
The following Telnet commands are available.
In order to... Use the following command...
Open a Telnet session to another
device.
Enable Telnet access from the
switch
Disable Telnet access from the
switch
For a complete description of the Telnet CLI commands, including syntax and
output examples, refer to Avaya P330: Reference Guide.
telnet
ip telnet-client enable
no ip telnet-client
52 Avaya P334T-ML User’s Guide
Page 69
Recovery Password
Introduction
The P330 provides a recovery password in the event that you have forgotten the
login password for the switch. The recovery password feature enables you to login
to the device in a super user mode and change the regular login password.
The recovery password feature can be disabled preventing unauthorized user to
login to the device using the recovery password. However, if the recovery password
feature is disables and you forget the login password, it will not be possible to log in
to the switch. By default the recovery password feature is enabled.
To use the recovery password feature, you must connect to the switch’s console
port. Log in using the user name “root” and password “ggdaseuaimhrke”. Use the
set username command to change the password for the user “root”.
L Enabling and disabling the Recovery Password protocol can only be done using
a direct console connection via the Console port.
Recovery Password Commands
The following recovery password commands are available.
Chapter 8 User Authentication
In order to... Use the following command...
Enable the recovery password
feature on the switch
Disable the recovery password
feature on the switch
For a complete description of the recovery password commands, including syntax,
refer to Avaya P330: Reference Guide.
Avaya P334T-ML User’s Guide 53
terminal recovery password enable
no terminal recovery password
Page 70
Chapter 8 User Authentication
Allowed Managers
Allowed Managers Introduction
With the Allowed Managers feature, the network manager can determine who may
or may not gain management access to the switch. The feature can be enabled or
disabled (default is disabled). When enabled, only those users that are configured in
the Allowed Managers table are able to gain Telnet, HTTP, and SNMP management
access to the switch.
You can configure up to 20 Allowed Managers by adding or removing their
IP address from the Allowed Managers List.
L The identification of an “Allowed Manager” is done by checking the Source
IP address of the packets. Thus, if the Source IP address is modified on the way
(NAT, Proxy, etc.), even an “Allowed Manager” will not be able to access the
P330.
Allowed Managers CLI Commands
The following Allowed Managers commands are available.
In order to... Use the following command...
When set to enabled - only
managers with IP address specified
in the allowed table will be able to
access the device
Add/delete IP address of manager
to/from the allowed table
Show the IP addresses of the
managers that are allowed to access
the device
Show whether the status of allowed
managers is enabled or disabled
Show the IP addresses of the
managers that are currently
connected
54 Avaya P334T-ML User’s Guide
set allowed managers
set allowed managers ip
show allowed managers table
show allowed managers status
show secure current
Page 71
Allowed Protocols
Allowed Protocols Introduction
With the Allowed Protocols feature, the network manager can determine the IP
protocols enabled on the switch. This feature can be used to block access to the
switch using specific IP protocols. Each protocol can be independently enabled or
disabled on the switch.
L Enabling and disabling the Recovery Password protocol can only be done using
a direct console connection via the Console port.
Allowed Protocols CLI Commands
The following Allowed Protocols commands are available.
In order to... Use the following command...
Enable Telnet on the switch ip telnet enable
Disable Telnet on the switch no ip telnet
Enable HTTP on the switch ip http enable
Chapter 8 User Authentication
Disable HTTP on the switch no ip http
Enable the switch agent to accept
ICMP redirect packets sent to it
Enable the switch agent to ignore
ICMP redirect packets sent to it
Enable SNMP on the switch snmp-server
Disable SNMP on the switch no snmp-server
Enable SNMPv1 switch access snmp-server community
Disable SNMPv1 switch access no snmp-server community
Enable SSH on the switch ip ssh enable
Disable SSH on the switch no ip ssh
Enable Recovery Password on the
switch
Disable Recovery Password on the
switch
Avaya P334T-ML User’s Guide 55
ip icmp redirect
no icmp redirect
terminal recovery password enable
no terminal recovery password
Page 72
Chapter 8 User Authentication
In order to... Use the following command...
Enable Telnet access from the
switch
Disable Telnet access from the
switch
ip telnet-client enable
no ip telnet-client
56 Avaya P334T-ML User’s Guide
Page 73
SECTION 3: CONFIGURATION
Page 74
Page 75
Chapter 9
P330 Default Settings
This section describes the procedures for the first-time configuration of the
Avaya P330. The factory defaults are set out in detail in the tables included in this
chapter.
Configuring the Switch
The Avaya P330 may be configured using the text-based Command Line Interface
(CLI), the built-in Avaya P330 Device Manager (Embedded Web) or Avaya
MultiService Network Manager.
For instructions on the text-based CLI, see the Avaya P330 Reference Guide.
For instructions on installation of the graphical user interfaces, see Embedded Web
Manager. For instructions on the use of the graphical user interfaces, refer to the
Device Manager User Guide on the Documentation and Utilities CD.
Avaya P330 Default Settings
The default settings for the Avaya P330 switch and its ports are determined by the
Avaya P330 software. These default settings are subject to change in newer versions
of the Avaya P330 software. See the Release Notes for the most up-to-date settings.
Function Default Setting
IP address 149.49.32.134
Subnet Mask 255.255.255.0
Default gateway 0.0.0.0
Management VLAN ID 1
Spanning tree Enabled
Bridge priority for Spanning Tree 32768
Spanning tree version Common spanning
tree
MAC aging Enabled
MAC aging time 5 minutes
Avaya P334T-ML User’s Guide 59
Page 76
Chapter 9 P330 Default Settings
Function Default Setting
Keep alive frame transmission Enabled
Network time acquisition Enabled, Time
IP multicast filtering Disabled
802.1x system-auth-control Disabled
802.1x port-control Auto
RADIUS server Disabled
Time server IP address 0.0.0.0
Timezone offset 0 hours
SNMPv1 communities:
Read-only
Read-write
Trap SNMP
protocol
Public
Public
Public
SNMPv3 user name
password:
initial
No authentication
or privacy
password
SNMP authentication trap Disabled
CLI timeout 15 Minutes
System logging Disabled
Allowed protocols:
SNMP
Telnet
HTTP
Telnet
ICMP redirect
SSH
Telnet client
Recovery password
Enabled
Enabled
Enabled
Enabled
Enabled
Disabled
Disabled
Enabled
User Name/Password root/root
60 Avaya P334T-ML User’s Guide
Page 77
Chapter 9 P330 Default Settings
L Functions operate in their default settings unless configured otherwise.
Function Default Setting
Ports 1-48 Ports 51, 52
Duplex mode Half/Full duplex
Full duplex only
depends on autonegotiation results
Port speed 10/100 Mbps
1000 Mbps
Depends on autonegotiation results
Auto-negotiation
1
Enable Enable
Flow control Disabled (no pause) Disabled (no pause)
Flow control auto-
Not applicable Disabled (no pause)
negotiation
advertisement
Administrative state Enable Enable
Port VLAN ID 1 1
Tagging mode Clear Clear
Port priority 0 0
Spanning Tree cost 19 4
Spanning Tree port
128 128
priority
1 Ensure that the other side is also set to Autonegotiation Enabled.
Avaya P334T-ML User’s Guide 61
Page 78
Chapter 9 P330 Default Settings
62 Avaya P334T-ML User’s Guide
Page 79
Chapter 10
Switch Configuration
Introduction
This chapter describes the parameters you can define for the chassis, such as its
name and location, time parameters, and so on. In addition, this chapter describes
methods for saving and deploying device configurations and monitoring CPU
utilization.
Basic Switch Configuration
Use the CLI commands briefly described below for configuring the display on your
terminal or workstation.The rules of syntax and output examples are all set out in
detail in the Reference Guide.
In order to... Use the following command...
Open a CLI session to a P330
module in the stack, ATM or WAN
expansion modules, and Media
Gateway Processor of G700.
Display or set the terminal width
(in characters)
Display or set the terminal length
(in lines)
Display or set the prompt hostname
Return the prompt to its default
value
Clear the current terminal display clear screen
Set the number of minutes before
an inactive CLI session
automatically logs out
Display the number of minutes
before an inactive CLI session
automatically times out
session
terminal width
terminal length
no hostname
set logout
show logout
Avaya P334T-ML User’s Guide 63
Page 80
Chapter 10 Switch Configuration
In order to... Use the following command...
Access Layer 3 configuration if not
logged in as supervisor (see
“Entering the Supervisor Level“ on
page 37)
System Parameter Configuration
Identifying the system
In order to make a P330 switch easier to identify, you can define a name for the
switch, contact information for the switch technician, and the location of the switch
in the organization. The rules of syntax and output examples are all set out in detail
in the Reference Guide.
In order to... Use the following command...
Configure the system name. set system name
Configure the system contact
person
Configure the system location set system location
Operating parameters
You can use the following commands to configure and display the mode of
operation for the switch and display key parameters. The rules of syntax and output
examples are all set out in detail in the Reference Guide.
configure
set system contact
In order to... Use the following command...
Configure the basic mode of
set device-mode
operation of a module to either
Layer 2 or Router
Display the mode of operation show device-mode
Display system parameters show system
Display module information for all
show module
modules within the stack
64 Avaya P334T-ML User’s Guide
Page 81
Network Time Acquiring Protocols Parameter Configuration
The P330 can acquire the time from a Network Time Server. P330 supports the
SNTP Protocol (RFC 958) over UDP port 123 or TIME protocol over UDP port 37.
Use the CLI commands briefly described below for configuring and display time
information and acquiring parameters. The rules of syntax and output examples are
all set out in detail in the Reference Guide.
In order to... Use the following command...
Chapter 10 Switch Configuration
Restore the time zone to its default,
UTC.
Configure the time zone for the
system
Configure the time protocol for use
in the system
Enable or disable the time client set time client
Configure the network time server
IP address
Display the current time show time
Display the time status and
parameters
Display the current time zone offset show timezone
Get the time from the time server get time
clear timezone
set timezone
set time protocol
set time server
show time parameters
Uploading and Downloading Device Configurations and Images
Avaya P330 allows you to backup and restore device configurations and configure
multiple devices using Simple Network Management Protocol (SNMP) and Trivial
File Transfer Protocol (TFTP) or Secure Copy Protocol (SCP) to exchange
information with the devices. For more information on SNMP, refer to “SNMP
Support“ on page 39. For more information on SCP, refer to “SCP Protocol Support“
on page 48.
When you make changes to a device’s configuration, you may find that the overall
effect of the configuration change may have a negative effect on the performance of
the device in your network. By uploading a device’s configuration file before any
configuration changes, you can easily restore the device to a previous configuration.
In addition, you can download the same configuration file to multiple devices in the
network, resulting in a consistent configuration.
Avaya P334T-ML User’s Guide 65
Page 82
Chapter 10 Switch Configuration
You can also download image files to the switch. The image files provide the
switch’s embedded software, embedded Web software, and Power over Ethernet
(PoE) software.
L Only parameters that differ from the factory default settings for the switch are
included in the configuration file. Therefore, it is important to reinitialize the
NVRAM to the factory default settings before downloading configuration files
to the switch.
The P330 commands for uploading and downloading device configuration files
differ for the Layer 2 and Layer 3 configuration files.
L To upload or download files, you must log in to the device as a user with
Supervisor level privileges.
Layer 2 Configuration File
The Layer 2 configuration file contains the full Layer 2 configuration of the switch in
the format of the CLI commands necessary to configure the device to its current
configuration. The user can edit the file in a text editor, however, it is recommended
that configuration changes are performed using the MSNM P330 Device Manager
and/or the CLI. To upload or download Layer 2 configuration files, you must be in
a switch mode.
Use the CLI commands briefly described below for uploading and downloading
Layer 2 configuration files.
in detail in the Reference Guide.
The rules of syntax and output examples are all set out
In order to... Use the following command...
Download a startup configuration
file to the device using SCP (only
applicable when the device mode is
Layer 2)
Download a module configuration
file to the device using SCP
Download a stack configuration file
to the device using SCP
66 Avaya P334T-ML User’s Guide
copy scp startup-config
Note:To use the startup
configuration file, run the
copy running-config
starting-config command
after the configuration file is
downloaded to the device.
copy scp module-config
copy scp stack-config
Page 83
Chapter 10 Switch Configuration
In order to... Use the following command...
Download a startup configuration
file to the device using TFTP (only
applicable when the device mode is
Layer 2)
Download a module configuration
file to the device using TFTP
Download a stack configuration file
to the device using TFTP
Download embedded software
using TFTP
Download embedded Web
software using TFTP
Download PoE software using
TFTP
Upload the startup configuration
file from the device using SCP (only
applicable when the device mode is
Layer 2)
copy tftp startup-config
Note:To use the st a r t u p
configuration file, run the
copy running-config
starting-config command
after the configuration file is
downloaded to the device.
copy tftp module-config
copy tftp stack-config
copy tftp sw_image
copy tftp ew_archive
copy tftp sw_powerinline_image
copy startup-config scp
Upload a module configuration file
copy module-config scp
from the device using SCP
Upload a stack configuration file
copy stack-config scp
from the device using SCP
Upload the running configuration
copy running-config scp
file from the device using SCP (only
applicable when the device mode is
Layer 2)
Upload the startup configuration
copy startup-config tftp
file from the device using TFTP
(only applicable when the device
mode is Layer 2)
Avaya P334T-ML User’s Guide 67
Page 84
Chapter 10 Switch Configuration
In order to... Use the following command...
Upload a module configuration file
from the device using TFTP
Upload a stack configuration file
from the device using TFTP
Upload the running configuration
file from the device using TFTP
(only applicable when the device
mode is Layer 2)
Display the status of file uploads show upload status
Display the status of file downloads show download status
Layer 3 Configuration File
The Configuration File feature allows the user to read the routing configuration
parameters and save them to a file on the station. The routing configuration
commands in the file are in CLI format. The user can edit the file (if required) and
re-configure the router module by uploading the configuration file.
Although the file can be edited, it is recommended to keep changes to the file to a
minimum. The recommended configuration method is using MSNM P330 Device
Manager and/or the CLI. Changes to the configuration file should be limited to
those required to customize a configuration file from one router to suit another.
To upload or download Layer 3 configuration files, you must be in a router mode.
Use the CLI commands briefly described below for uploading and downloading
Layer 3 configuration files. The rules of syntax and output examples are all set out
in detail in the Reference Guide.
copy module-config tftp
copy stack-config tftp
copy running-config tftp
In order to... Use the following command...
Download a startup configuration
file to the device using SCP
copy scp startup-config
Note:To use the startup
configuration file, run the
copy running-config
starting-config command
after the configuration file is
downloaded to the device.
68 Avaya P334T-ML User’s Guide
Page 85
Chapter 10 Switch Configuration
In order to... Use the following command...
Download a startup configuration
file to the device using TFTP
Upload a startup configuration file
from the device using SCP
Upload the running configuration
file from the device using SCP
Upload a startup configuration file
from the device using TFTP
Upload the running configuration
file from the device using TFTP
copy tftp startup-config
Note:To use the st a r t u p
configuration file, run the
copy running-config
starting-config command
after the configuration file is
downloaded to the device.
copy startup-config scp
copy running-config scp
copy startup-config tftp
copy running-config tftp
Avaya P334T-ML User’s Guide 69
Page 86
Chapter 10 Switch Configuration
System Logging
System Logging Introduction
The Avaya P330 System Logging feature is capable of storing system messages on a
device, outputting messages to the CLI console, Telnet session, or SSH session, and
reporting remotely to a Syslog server. System Logging is an important tool used for
routine maintenance, auditing, and monitoring access to the device.
The components of System Logging include:
• Logging Messages
•Sinks
• Message filters based on application, severity, or access level
System Logging Messages
System logging messages provide the following information:
• Module ID – The number of the module from which the message originated.
• Event Time – The time the event occurred. The Event Time is included only if a
time server is configured for the device.
• Application – The software sub-system from which the message originated.
• Severity Level – The severity level of the message. Severity levels from the
highest severity to the lowest include: Emergency, Alert, Critical, Error,
Warning, Notification, Informational, Debug
• Message Content – A description of the event.
In order to reduce the number of collected and transmitted messages, filtering
options should be used. The filtering options are based on message classification by
application and severity. For a specified sink, you can define the threshold severity
for messages output by each application. Messages with a severity lower than the
defined threshold are not sent to the specified sink.
In addition, the session sink filters the messages using the access level of the user.
This filtering depends on the syslog sink type:
• Session – only messages the user is permitted to access (according to the user’s
access level) are output to the console or Telnet/SSH session.
• Log file – when displaying the contents of the log file, the user can see only
messages appropriate to their access level.
• Syslog server – the user should define the access level used when sending
messages to the syslog server. The user cannot specify an access level for the
syslog server higher than the level which has been assigned to the user.
You can define severity filters to overrule the default threshold. The following is a
list of default severity threshold for each syslog sink:
• Syslog server – Warning
• Log file – Informational
70 Avaya P334T-ML User’s Guide
Page 87
Chapter 10 Switch Configuration
• Console – Informational
• Telnet/SSH session – Warning
Sinks
System logging messages can be sent via a number of ’sinks’ or methods. By default,
none of the sinks is enabled. The following table provides a list of available sinks.
Sink Description
Session
(Console/
Logging messages are sent to the current console or a Telnet or
SSH session in non-blocking mode.
Telnet/SSH)
Log File Logging messages are saved to a log file in the NVRAM of the
master module in the stack. NVRAM initialization and device
reset do not erase the log file.
Syslog server Logging messages are sent to a Syslog server as ASCII text. Up to
three Syslog servers can be defined for a stack.
L The system logging configuration for the “session” sink is not saved to
NVRAM. The configuration only affects the active session from which the
commands are executed. Each session must be configured separately.
Applications
An application is a software sub-system from which a logging message can
originate. The following table provides a list of supported applications:
Message Facility
Description
Codes
BOOT Reset events
SYSTEM Operating system failures
ROUTER Core routing system failures
CONFIG Configuration changes
FILESYS File System Problem (flash)
FAN Cooling system messages
SUPPLY Power supply system messages
Avaya P334T-ML User’s Guide 71
Page 88
Chapter 10 Switch Configuration
Message Facility
Description
Codes
SECURITY Authentication Failures
CASCADE Stack CASCADE mechanism messages
QOS Quality of Service messages
SWITCHFABRIC Switch fabric failures
LAG Link Aggregation package messages
VLAN VLAN package messages
SNMP SNMP agent messages
POLICY Policy package messages
CLI Command Line interpreter messages
STP Spanning tree package messages
THRESHOLD RMON alarms messages
CONSOLE Console port events
Syslog Servers
Remote logging using Syslog servers provides the following advantages:
• History and archiving – Storing logs remotely shifts the burden of storing log
output to a device with an actual file system and cheap ample storage. This
provides an option to keep large logs files and the ability to archive and store
log files.
• Data Manipulation – Once the log data is on a system with tools that can
manipulate it, log data can be used to generate valuable reports.
To configure logging via a Syslog server:
1 Define a Syslog host. Up to three Syslog servers can be defined.
2 Define the syslog “facility” that the messages are sent to on the remote syslog
server. If a syslog facility is not defined, the default facility, local7, is used.
3 Define the syslog access-level. The default syslog server access level is read-
write.
4 Enable the Syslog server. Syslog server sinks are created as “disabled”.
5 Addition optional configuration includes setting the different logging filters.
72 Avaya P334T-ML User’s Guide
Page 89
Chapter 10 Switch Configuration
Syslog Configuration CLI Commands
Use the CLI commands briefly described below for configuring System Logging.
The rules of syntax and output examples are all set out in detail in the Reference
Guide.
In order to... Use the following command...
Enable or disable logging for the
current session
Define a filter rule for logging
messages for the current session
Display the logging configuration
for the current session
Define the IP addresses of the
Syslog servers
Delete a Syslog server from the
Syslog server table
Enable or disable logging for a
Syslog server
Define a filter rule for logging
messages for a Syslog server
Update the server facility
parameter of a configured Syslog
server
Defines the access level associated
with a Syslog server sink.
set logging session {enable |
disable}
set logging session condition
show logging session condition
set logging server
clear logging server
set logging server {enable | disable}
set logging server condition
set logging server facility
set logging server access-level
Display the logging configuration
show logging server condition
for the specified Syslog server or for
all servers
Enable or disable logging to a file
set logging file {enable | disable}
on NVRAM
Define a filter rule for logging
set logging file condition
messages to a file
Display the logging configuration
show logging file condition
for the file sink.
Avaya P334T-ML User’s Guide 73
Page 90
Chapter 10 Switch Configuration
In order to... Use the following command...
Delete the log file and open an
empty log file
Outputs the messages logged in the
log file to the CLI console. The
output is arranged in descending
order of occurrence, with the most
recent events first.
clear logging file
show logging file content
74 Avaya P334T-ML User’s Guide
Page 91
Monitoring CPU Utilization
The Avaya P330 provides you with the ability to monitor CPU utilization on each
module of the stack. Use the CLI commands briefly described below for enabling
and disabling CPU utilization monitoring and viewing CPU utilization statistics.
The rules of syntax and output examples are all set out in detail in the Reference
Guide.
In order to... Use the following command...
Chapter 10 Switch Configuration
Enable CPU utilization monitoring
on a module or stack
Disable CPU utilization monitoring
on a module or stack
Display CPU utilization statistics
for a module or stack
set utilization cpu
clear utilization cpu
show utilization
Avaya P334T-ML User’s Guide 75
Page 92
Chapter 10 Switch Configuration
76 Avaya P334T-ML User’s Guide
Page 93
Chapter 11
Avaya P330 Layer 2 Features
This section describes the Avaya P330 Layer 2 features. It provides the basic
procedures for configuring the P330 for Layer 2 operation.
Overview
The P330 family supports a range of Layer 2 features. Each feature has CLI
commands associated with it. These commands are used to configure, operate, or
monitor switch activity for each of the Layer 2 features.
This section of the User’s Guide explains each of the features. Specifically, the topics
discussed here include:
•Ethernet
•VLAN
• Port Based Network Access Control
• Spanning Tree Protocol
• Rapid Spanning Tree Protocol
•MAC Security
•MAC Aging
• Link Aggregation Group (LAG)
•Port Redundancy
• IP Multicast Filtering
•RMON
•SMON
• Port Mirroring
• Multilayer Policy
• Weighted Queuing
• Port Classification
• Stack Redundancy
• Stack Health
Avaya P334T-ML User’s Guide 77
Page 94
Chapter 11 Avaya P330 Layer 2 Features
Ethernet
Ethernet is one of the most widely implemented LAN standards. It uses the Carrier
Sense Multiple Access with Collision Detection (CSMA/CD) access method to
handle simultaneous demands. CSMA/CD is a multi-user network allocation
procedure in which every station can receive the transmissions of every other
station. Each station waits for the network to be idle before transmitting and each
station can detect collisions by other stations.
The first version of Ethernet supported data transfer rates of 10 Mbps, and is
therefore known as 10BASE-T.
Fast Ethernet
Fast Ethernet is a newer version of Ethernet, supporting data transfer rates of 100
Mbps. Fast Ethernet is sufficiently similar to Ethernet to support the use of most
existing Ethernet applications and network management tools. Fast Ethernet is also
known as 100BASE-T (over copper) or 100BASE-FX (over fiber).
Fast Ethernet is standardized as IEEE 802.3u.
Gigabit Ethernet
Gigabit Ethernet supports data rates of 1 Gbps. It is also known as 1000BASE-T
(over copper) or 1000BASE-FX (over fiber).
Gigabit Ethernet is standardized as IEEE 802.3z.
Configuring Ethernet Parameters
Auto-Negotiation
Auto-Negotiation is a protocol that runs between two stations, two switches or a
station and a switch. When enabled, Auto-Negotiation negotiates port speed and
duplex mode by detecting the highest common denominator port connection for the
endstations. For example, if one workstation supports both 10 Mbps and 100 Mbps
speed ports, while the other workstation only supports 10 Mbps, then
Auto-Negotiation sets the port speed to 10 Mbps.
For Gigabit ports, Auto-Negotiation determines the Flow Control configuration of
the port.
Full-Duplex/Half-Duplex
Devices that support Full-Duplex can transmit and receive data simultaneously, as
opposed to half-duplex transmission where each device can only communicate in
turn.
Full-Duplex provides higher throughput than half-duplex.
78 Avaya P334T-ML User’s Guide
Page 95
Chapter 11 Avaya P330 Layer 2 Features
Speed
The IEEE defines three standard speeds for Ethernet: 10, 100 and 1000 Mbps (also
known as Ethernet, Fast Ethernet and Gigabit Ethernet respectively).
Flow Control
The process of adjusting the flow of data from one device to another to ensure that
the receiving device can handle all of the incoming data. This is particularly
important where the sending device is capable of sending data much faster than the
receiving device can receive it.
There are many flow control mechanisms. One of the most common flow control
protocols, used in Ethernet full-duplex, is called xon-xoff. In this case, the receiving
device sends a an xoff message to the sending device when its buffer is full. The
sending device then stops sending data. When the receiving device is ready to
receive more data, it sends an xon signal.
Priority
By its nature, network traffic varies greatly over time, so short-term peak loads may
exceed the switch capacity. When this occurs, the switch must buffer frames until
there is enough capacity to forward them to the appropriate ports.
This, however, can interrupt time-sensitive traffic streams, such as Voice and other
converged applications. These packets need to be forwarded with the minimum of
delay or buffering. In other words, they need to be given high priority over other
types of network traffic.
Priority determines in which order packets are sent on the network and is a key part
of QoS (Quality of Service). The IEEE standard for priority on Ethernet networks is
802.1p.
The Avaya P334T-ML supports two internal priority queues – the High Priority
queue and the Normal Priority queue – on its Gigabit Ethernet ports (51,52) and
four internal priority queues on its 10/100Mbps ports. The classification of packets
within the queues is as follows:
•Gigabit Ethernet ports:
— packets tagged with priorities 4-7 are assigned to the High Priority queue
— packets tagged with priorities 0-3 are assigned to the Normal Priority
queue.
• 10/100Mbps ports:
— packets tagged with priorities 0-1 are assigned to the Low Priority queue
— packets tagged with priorities 2-3 are assigned to the Normal Priority
queue;
— packets tagged with priorities 4-5 are assigned to the High Priority queue
— packets tagged with priorities 6-7 are assigned to the Highest Priority
queue.
Avaya P334T-ML User’s Guide 79
Page 96
Chapter 11 Avaya P330 Layer 2 Features
This classification is based either on the packet’s original priority tag, or, if the
packet arrives at the port untagged, based on the priority configured for the ingress
port (using the set port level CLI command).
In cases where the packet was received tagged, this priority tag is retained when the
packet is transmitted through a tagging port.
In cases where the priority is assigned based on the ingress priority of the port, then
on an egress tagging port the packet will carry a priority tag of:
• If the ingress port was a P330 port or a Gigabit Ethernet port (51,52) on the
P334T-ML, the packet will be tagged either priority 0 or priority 4, depending
on the queue it was assigned to (High Priority=4, Normal Priority=0).
• If the ingress port was a 10/100 Ethernet port on the P334T-ML, the packet will
be tagged according to the ingress port priority value configured by the set
port level CLI command.
MAC Address
The MAC address is a unique 48-bit value associated with any network adapter.
MAC addresses are also known as hardware addresses or physical addresses. They
uniquely identify an adapter on a LAN.
MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By
convention, MAC addresses are usually written in one of the following two formats:
• MM:MM:MM:SS:SS:SS
• MM-MM-MM-SS-SS-SS
The first half of a MAC address contains the ID number of the device manufacturer.
These IDs are regulated by an Internet standards body. The second half of a MAC
address represents the serial number assigned to the device by the manufacturer.
CAM Table
The CAM Table contains a mapping of learned MAC addresses to port and VLANs.
The switch checks forwarding requests against the addresses contained in the CAM
Table:
• If the MAC address appears in the CAM Table, the packet is forwarded to the
appropriate port.
• If the MAC address does not appear in the CAM Table, or the MAC Address
mapping has changed, the frame is duplicated and copied to all the ports. Once
a reply is received, the CAM table is updated with the new address/VLAN port
mapping.
80 Avaya P334T-ML User’s Guide
Page 97
Ethernet Configuration CLI Commands
The following table contains a list of the configuration CLI commands for the
Ethernet feature. The rules of syntax and output examples are all set out in detail in
the Reference Guide.
In order to... Use the following command...
Chapter 11 Avaya P330 Layer 2 Features
Set the auto negotiation mode of a
set port negotiation
port
Administratively enable a port set port enable
Administratively disable a port set port disable
Set the speed for a 10/100 port set port speed
Configure the duplex mode of a
set port duplex
10/100BASE-T port
Configure a name for a port set port name
Set the send/receive mode for flow-
set port flowcontrol
control frames for a full duplex port
Set the flow control advertisement
for a Gigabit port when performing
set port auto-negotiationflowcontrol-advertisement
autonegotiation
Set the priority level of a port set port level
Display settings and status for all
show port
ports
Display per-port status information
show port flowcontrol
related to flow control
Display the flow control
advertisement for a Gigabit port
show port auto-negotiationflowcontrol-advertisement
used to perform auto-negotiation
Display the CAM table entries for a
show cam
specific port
Display the CAM table entries for a
show cam mac
specific MAC address
Clear all the CAM entries. clear cam
Display the autopartition settings show autopartition
Avaya P334T-ML User’s Guide 81
Page 98
Chapter 11 Avaya P330 Layer 2 Features
Ethernet Implementation in the Avaya P334T-ML
This section describes the implementation of the Ethernet feature in the Avaya
P334T-ML:
• Speed — 10/100 ports (1-48); 1G ports (51, 52)
• Priority queuing — 10/100 ports 4 queues; 1G ports 2 queues
• CAM size — 8K addresses
82 Avaya P334T-ML User’s Guide
Page 99
VLAN Configuration
VLAN Overview
A VLAN is made up of a group of devices on one or more LANs that are configured
so that they operate as if they form an independent LAN, when in fact they may be
located on a number of different LAN segments. VLANs can be used to group
together departments and other logical groups, thereby reducing network traffic
flow and increasing security within the VLAN.
The figure below illustrates how a simple VLAN can connect several endpoints in
different locations and attached to different hubs. In this example, the Management
VLAN consists of stations on numerous floors of the building and which are
connected to both Device A and Device B.
Figure 11.1 VLAN Overview
Chapter 11 Avaya P330 Layer 2 Features
In virtual topological networks, the network devices may be located in diverse
places around the LAN—such as in different departments, on different floors or in
different buildings. Connections are made through software. Each network device is
connected to a hub, and the network manager uses management software to assign
each device to a virtual topological network. Elements can be combined into a
VLAN even if they are connected to different devices.
VLANs should be used whenever there are one or more groups of network users
that you want to separate from the rest of the network.
Avaya P334T-ML User’s Guide 83
Page 100
Chapter 11 Avaya P330 Layer 2 Features
In Figure 11.2, the switch has three separate VLANs: Sales, Engineering, and
Marketing (Mktg). Each VLAN has several physical ports assigned to it with PC’s
connected to those ports. When traffic flows from a PC on the Sales VLAN for
example, that traffic is only forwarded out the other ports assigned to that VLAN.
Thus, the Engineering and Mktg VLANs are not burdened with processing that
traffic.
Figure 11.2 VLAN Switching and Bridging
VLAN Tagging
Sales
Mktg
Sales
Engineering
Mktg
Engineering
VLAN Tagging is a method of controlling the distribution of information on the
network. The ports on devices supporting VLAN Tagging are configured with the
following parameters:
•Port VLAN ID
•Tagging Mode
The Port VLAN ID is the number of the VLAN to which the port is assigned.
Untagged frames (and frames tagged with VLAN 0) entering the port are assigned
the port's VLAN ID. Tagged frames are unaffected by the port's VLAN ID.
The Tagging Mode determines the behavior of the port that processes outgoing
frames:
• If Tagging Mode is set to “Clear”, the port transmits frames that belong to the
port's VLAN table. These frames leave the device untagged.
• If Tagging Mode is set to “IEEE-802.1Q”, all frames keep their tags when they
leave the device. Frames that enter the switch without a VLAN tag will be
tagged with the VLAN ID of the port they entered through.
Multi VLAN Binding
Multi VLAN binding (Multiple VLANs per port) allows access to shared resources
by stations that belong to different VLANs through the same port. This is useful in
applications such as multi-tenant networks, where each user has his a VLAN for
84 Avaya P334T-ML User’s Guide
Loading...