Cabletron Systems SSR-GLX19-02, SSR-HFX11-08, SSR-HFX29-08, SSR-GLX70-01, SSR-GSX11-02 User Manual

CoreWatch User’s Manual

9032564-04

Notice

2 CoreWatch User’s Manual

Notice

Notice

Cabletron Systems reserves the right to make changes in specifications and other information
contained in this document without prior notice. The reader should in all cases consult Cabletron
Systems to determine whether any such changes have been made.

The hardware, firmware, or software described in this manual is subject to change without notice.

IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY INCIDENTAL, INDIRECT,
SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED
TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS MANUAL OR THE INFORMATION
CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN ADVISED OF, KNOWN, OR
SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH DAMAGES.

© Copyright December 1998 by:

Cabletron Systems, Inc.
P.O. Box 5005
Rochester, NH 03866-5005

All Rights Reserved
Printed in the United States of America
Order Number: 9032564-04

Cabletron Systems, SPECTRUM, and LANVIEW are registered trademarks and APIM, Element
Manager, FE-100TX, FE-100FX, FE-100F3, HSIM, HubSTACK, SecureFast, SmartSwitch,
SmartSwitch Router, and Synthesis are trademarks of Cabletron Systems, Inc.

All other product names mentioned in this manual may be trademarks or registered trademarks of
their respective companies.

CoreWatch User’s Manual 3

Notice

FCC Notice

This device complies with Part 15 of the FCC rules. Operation is subject to the following two
conditions: (1) this device may not cause harmful interference, and (2) this device must accept any
interference received, including interference that may cause undesired operation.

NOTE: This equipment has been tested and found to comply with the limits for a Class A digital
device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable
protection against harmful interference when the equipment is operated in a commercial environment.
This equipment uses, generates, and can radiate radio frequency energy and if not installed in
accordance with the operator’s manual, may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause interference in which case the user
will be required to correct the interference at his own expense.

WAR NIN G: Changes or modifications made to this device which are not expressly approved by the
party responsible for compliance could void the user’s authority to operate the equipment.

Industry Canada Notice

This digital apparatus does not exceed the Class A limits for radio noise emissions from digital
apparatus set out in the Radio Interference Regulations of the Canadian Department of
Communications.

Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables
aux appareils numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique
édicté par le ministère des Communications du Canada.

VCCI Notice

This is a Class A product based on the standard of the Voluntary Control Council for Interference by
Information Technology Equipment (VCCI). If this equipment is used in a domestic environment,
radio disturbance may arise. When such trouble occurs, the user may be required to take corrective
actions.

4 CoreWatch User’s Manual

Notice

Cabletron Systems, Inc. Program License Agreement

IMPORTANT: Before utilizing this product, carefully read this License Agreement.

This document is an agreement between you, the end user, and Cabletron Systems, Inc. (“Cabletron”)
that sets forth your rights and obligations with respect to the Cabletron software program (the
“Program”) contained in this package. The Program may be contained in firmware, chips or other
media. BY UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND
BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE
LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO
THE TERMS OF THIS AGREEMENT, PROMPTLY RETURN THE UNUSED PRODUCT TO THE
PLACE OF PURCHASE FOR A FULL REFUND.

Cabletron Software Program License

1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this package
subject to the terms and conditions of this License Agreement.

You may not copy, reproduce or transmit any part of the Program except as permitted by the
Copyright Act of the United States or as authorized in writing by Cabletron.

2. OTHER RESTRICTIONS

3. APPLICABLE LAW
and in the state and federal courts of New Hampshire. You accept the personal jurisdiction and
venue of the New Hampshire courts.

. You may not reverse engineer, decompile, or disassemble the Program.

. This License Agreement shall be interpreted and governed under the laws

Exclusion of Warranty and Disclaimer of Liability

1. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing,
Cabletron makes no warranty, expressed or implied, concerning the Program (including its
documentation and media).

CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY
CABLETRON IN WRITING, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING
WRITTEN MATERIALS, AND ANY ACCOMPANYING HARDWARE.

2. NO LIABILITY FOR CONSEQUENTIAL DAMAGES
ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION,
LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR
RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE
THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE
EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL
DAMAGES, OR ON THE DURATION OR LIMITATION OF IMPLIED WARRANTIES, IN SOME
INSTANCES THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU.

. IN NO EVENT SHALL CABLETRON OR

CoreWatch User’s Manual 5

Notice

United States Government Restricted Rights

The enclosed product (a) was developed solely at private expense; (b) contains “restricted computer
software” submitted with restricted rights in accordance with Section 52227-19 (a) through (d) of the
Commercial Computer Software - Restricted Rights Clause and its successors, and (c) in all respects is
proprietary data belonging to Cabletron and/or its suppliers.

For Department of Defense units, the product is licensed with “Restricted Rights” as defined in the
DoD Supplement to the Federal Acquisition Regulations, Section 52.227-7013 (c) (1) (ii) and its
successors, and use, duplication, disclosure by the Government is subject to restrictions as set forth in
subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at 252.227-7013.
Cabletron Systems, Inc., 35 Industrial Way, Rochester, New Hampshire 03867-0505.

6 CoreWatch User’s Manual

Notice

SAFETY INFORMATION

CLASS 1 LASER TRANSCEIVERS

The SSR-HFX11-08 100Base-FX Module, SSR-GSX11-02 1000BASE-LX Module, SSR-GLX19-02
1000BASE-LX Module, SSR-HFX29-08 100BASE-FX SMF Module, and SSR-GLX70-01 1000BASE-LLX
Module use Class 1 Laser transceivers. Read the following safety information before installing
or operating these modules.

The Class 1 laser transceivers use an optical feedback loop to maintain Class 1 operation limits. This
control loop eliminates the need for maintenance checks or adjustments. The output is factory set, and
does not allow any user adjustment. Class 1 Laser transceivers comply with the following safety
standards:

• 21 CFR 1040.10 and 1040.11 U.S. Department of Health and Human Services (FDA).

• IEC Publication 825 (International Electrotechnical Commission).

• CENELEC EN 60825 (European Committee for Electrotechnical Standardization).

When operating within their performance limitations, laser transceiver output meets the Class 1
accessible emission limit of all three standards. Class 1 levels of laser radiation are not considered
hazardous.

SAFETY INFORMATION

CLASS 1 LASER TRANSCEIVERS

Laser Radiation and Connectors

When the connector is in place, all laser radiation remains within the fiber. The maximum amount of
radiant power exiting the fiber (under normal conditions) is -12.6 dBm or 55 x 10

Removing the optical connector from the transceiver allows laser radiation to emit directly from the
optical port. The maximum radiance from the optical port (under worst case conditions) is

0.8 W cm

Do not use optical instruments to view the laser output. The use of optical instruments to view laser
output increases eye hazard. When viewing the output optical port, power must be removed from the
network adapter.

-2

or 8 x 103 W m2 sr-1.

-6

watts.

CoreWatch User’s Manual 7

DECLARATION OF CONFORMITY

ADDENDUM

Application of Council Directive(s): 89/336/EEC

Manufacturer’s Name: Cabletron Systems, Inc.

Manufacturer’s Address: 35 Industrial Way

European Representative Name: Mr. J. Solari

European Representative Address: Cabletron Systems Limited

Conformance to Directive(s)/Product Standards:

Notice

73/23/EEC

PO Box 5005
Rochester, NH 03867

Nexus House, Newbury
Business Park
London Road, Newbury
Berkshire RG13 2PZ, England

EC Directive 89/336/EEC
EC Directive 73/23/EEC
EN 55022
EN 50082-1
EN 60950

Equipment Type/Environment: Networking Equipment, for

use in a Commercial or Light

Industrial Environment.

We the undersigned, hereby declare, under our sole responsibility, that the equipment packaged with
this notice conforms _to the above directives.

Manufacturer Legal Representative in Europe
Mr. Ronald Fotino Mr. J. Solari

Full Name Full Name
Principal Compliance Engineer Managing Director - E.M.E.A.

Title Title
Rochester, NH, USA Newbury, Berkshire, England

Location Location

CoreWatch User’s Manual 8

Contents

Preface..................................................................................................... 17

About This Manual ................................................................................................................17

Who Should Read This Manual? .........................................................................................17

How to Use This Manual ......................................................................................................17

Related Documentation.........................................................................................................19

Chapter 1: A Look at CoreWatch ........................................................... 21

What Are CoreWatch’s Features?........................................................................................21

System Requirements ............................................................................................................22

CoreWatch Capabilities.........................................................................................................22

A Look at the Modes of CoreWatch ....................................................................................23

Which MIBs Does the SSR Support? ...................................................................................23

Chapter 2: CoreWatch Installation ........................................................ 25

Installing CoreWatch.............................................................................................................25

Installing on a Solaris System........................................................................................25

Installing on a Windows NT, Windows 95, or Windows 98 System ......................26

Chapter 3: Learning CoreWatch Basics.................................................. 27

Starting CoreWatch................................................................................................................27

Starting CoreWatch in Solaris.......................................................................................28

Starting CoreWatch in Windows NT, Windows 95, or Windows 98......................28

Starting CoreWatch from within SPECTRUM Enterprise Manager .......................28

Starting CoreWatch from within HP OpenView 5.x .................................................29

A Look at the CoreWatch Interface .....................................................................................29

Front Panel View.............................................................................................................30

A Look at the Modules............................................................................................31

Schematic View ...............................................................................................................32

Opening the Schematic View.................................................................................32

Using the Schematic View......................................................................................33

CoreWatch Menus ..........................................................................................................33

CoreWatch Toolbar.........................................................................................................33

CoreWatch Passwords...........................................................................................................33

Changing the Login Password......................................................................................34

Changing the Privileged Password..............................................................................34

Accessing Help .......................................................................................................................35

Exiting CoreWatch.................................................................................................................36

CoreWatch User’s Manual 9

Contents

Chapter 4: Learning Configuration Expert Basics.................................37

What Is Configuration Expert?............................................................................................ 37

Starting Configuration Expert............................................................................................. 38

Starting Configuration Expert from the Front Panel View...................................... 38

Starting Configuration Expert in Solaris..................................................................... 38

Starting Configuration Expert in Windows NT, Windows 95, or Windows 98 ... 39

A Look at the Configuration Expert Window................................................................... 39

Configuration Tree......................................................................................................... 40

A Look at the Configuration Tree Icons .............................................................. 43

Wizards and Dialog Boxes............................................................................................ 43

Copying Configuration Settings with Drag-and-Drop.................................................... 44

Finding Objects...................................................................................................................... 44

Deleting Objects..................................................................................................................... 45

Order of Configuration Tasks.............................................................................................. 45

Saving and Applying Your Configuration Changes........................................................ 46

Saving Changes to a Configuration File: .................................................................... 46

Loading a Configuration File into an SSR.................................................................. 46

Retrieving a Configuration File from an SSR............................................................. 47

Exiting Configuration Expert .............................................................................................. 48

Chapter 5: Changing System Settings ................................................... 49

Providing System Information............................................................................................ 49

Configuring an SSR Chassis ................................................................................................ 50

Configuring Ports.................................................................................................................. 52

Configuring Global Settings on All Ports................................................................... 52

Configuring an Individual Port ................................................................................... 54

Configuring the SSR for a SYSLOG Server........................................................................ 57

Configuring for DNS ............................................................................................................ 59

Configuring the SSR for SNMP........................................................................................... 60

Setting Up a Target for SNMP Traps .......................................................................... 60

Establishing Community Strings................................................................................. 62

Chapter 6: Configuring SSR Bridging..................................................... 65

A Look at Bridging on the SSR............................................................................................ 65

Configuring the Bridging Mode of Ports........................................................................... 66

Configuring a Port for Flow-Based Bridging............................................................. 67

Configuring a Port for Address-Based Bridging....................................................... 68

Controlling the Aging State of SSR Bridging.................................................................... 70

Setting Up a Default Aging Timeout........................................................................... 70

Overriding the Default Timeout Interval on a Port.................................................. 71

Disabling Aging on a Port............................................................................................. 72

Enabling Aging on a Port.............................................................................................. 74

Setting Up STP on the SSR................................................................................................... 76

Defining STP Settings for SSR Bridging...................................................................... 77

Defining STP Attributes on an Individual Port......................................................... 78

Enabling STP on a Port.................................................................................................. 79

Disabling STP on a Port................................................................................................. 81

Configuring SmartTRUNK Behavior on the SSR ............................................................. 82

Defining SmartTRUNK Settings for SSR Bridging.................................................... 83

10 CoreWatch User’s Manual

Contents

Chapter 7: Configuring VLANs on the SSR............................................ 87

A Look at VLANs on the SSR...............................................................................................87

VLAN Configuration Tips....................................................................................................88

Defining Access Ports and Trunk Ports..............................................................................89

Creating a Protocol-Based VLAN........................................................................................91

Creating a Port-Based VLAN...............................................................................................96

Modifying VLANs ...............................................................................................................100

Changing a Port-Based VLAN’s Name or ID...........................................................101

Changing a Protocol-Based VLAN’s Name, ID, or Protocol Binding...................102

Replacing an Interface’s VLAN..........................................................................................103

Changing Which Ports a VLAN Includes.........................................................................103

Dragging Ports to Add Them to a VLAN .................................................................103

Adding and Removing a VLAN’s Ports Through a Dialog Box............................104

Chapter 8: Configuring IP Interfaces for the SSR ............................... 107

What Is IP? ............................................................................................................................107

A Look at IP Addresses................................................................................................108

Creating IP Interfaces ..........................................................................................................110

Creating IP Interfaces Bound to a Single Port ..........................................................110

Creating IP Interfaces Bound to a VLAN..................................................................116

Modifying IP Interface Definitions....................................................................................121

Configuring the SSR for VRRP...........................................................................................124

Specifying VRRP Trace Options.................................................................................125

Configuring a New VRRP Router ..............................................................................126

Modifying an Existing VRRP Router .........................................................................129

What to Do Next...................................................................................................................130

Chapter 9: Configuring Unicast Routing on the SSR.......................... 131

Configuring Unicast Global Parameters and Static Entries...........................................131

Setting Global Parameters for Unicast Routing........................................................132

Defining Static ARP Entries.........................................................................................133

Defining Static Route Entries ......................................................................................135

A Look at RIP Routing in the IP Environment................................................................137

What Is Preference? ......................................................................................................138

Configuring the SSR for RIP...............................................................................................139

Setting RIP Global Parameters....................................................................................139

Defining IP RIP Interfaces............................................................................................141

Adding Trusted Gateways ..........................................................................................144

Adding Source Gateways ............................................................................................145

What to Do Next...................................................................................................................145

Chapter 10: Configuring Multicast Routing on the SSR..................... 147

What Is DVMRP? .................................................................................................................147

Configuring DVMRP Routing on the SSR........................................................................148

Setting DVMRP Global Parameters on the SSR........................................................149

Configuring DVMRP Interfaces..................................................................................150

Defining DVMRP Tunnels...........................................................................................151

CoreWatch User’s Manual 11

Contents

Enabling or Disabling DVMRP on Tunnels ............................................................. 153

What Is IGMP?..................................................................................................................... 154

Configuring IGMP Interfaces on the SSR ........................................................................ 155

Setting IGMP Global Parameters............................................................................... 155

Enabling or Disabling IGMP on Interfaces............................................................... 156

What to Do Next.................................................................................................................. 158

Chapter 11: Configuring the SSR for IPX Routes ................................ 159

What Is IPX?......................................................................................................................... 159

Creating IPX Interfaces....................................................................................................... 161

Creating IPX Interfaces Bound to a Single Port....................................................... 161

Creating IPX Interfaces Bound to a VLAN............................................................... 167

Modifying IPX Interface Definitions ................................................................................ 172

Configuring Static IPX SAP Entries.................................................................................. 175

What to Do Next.................................................................................................................. 178

Chapter 12: Configuring QoS on the SSR............................................ 179

What Is QoS?........................................................................................................................ 179

Establishing the SSR’s Queuing Policy ............................................................................ 180

Associating Precedences to Layer-3/Layer-4 Flows...................................................... 181

Assigning IP QoS Precedence............................................................................................ 181

Assigning IPX QoS Precedence.................................................................................. 183

Creating QoS Profiles.......................................................................................................... 184

Creating a QoS Profile for an IP Flow....................................................................... 185

Creating a QoS Profile for an IPX Flow .................................................................... 190

Creating a QoS Profile for a Layer-2 Flow................................................................ 195

Modifying QoS Profiles...................................................................................................... 199

Redefining an IP Flow ................................................................................................. 199

Redefining an IPX Flow Definition............................................................................ 200

Redefining a Layer-2 Flow Definition....................................................................... 201

Changing an IP or IPX Flow’s Interface List............................................................ 202

Adding or Deleting a Flow’s Interfaces through a Dialog Box...................... 203

Dragging an Interface to Apply a Flow to the Interface.................................. 204

Changing a Layer-2 Port List...................................................................................... 204

Chapter 13: Configuring Security on the SSR ..................................... 207

A Look at ACLs ................................................................................................................... 207

Setting IP Security ............................................................................................................... 208

Setting IPX Security............................................................................................................. 212

Configuring an IPX ACL............................................................................................. 212

Setting Up IPX RIP Filters........................................................................................... 217

Setting Up IPX SAP Filters.......................................................................................... 221

Applying ACLs to IP or IPX Interfaces............................................................................ 224

Copying an ACL to Apply It to an Interface............................................................ 225

Applying an ACL by Editing an Interface’s Definition.......................................... 226

Setting Layer-2 Security...................................................................................................... 228

Configuring Layer-2 Address Filters ........................................................................ 229

Configuring Layer-2 Port-to-Address Lock Filters................................................. 231

Configuring Layer-2 Static-Entry Filters .................................................................. 234

12 CoreWatch User’s Manual

Contents

Configuring Layer-2 Secure Port Filters....................................................................238

Modifying the SSR’s Security Settings..............................................................................241

Changing an ACL’s Name...........................................................................................242

Adding or Modifying ACL Rules...............................................................................243

Modifying Layer-2 Security Filters.............................................................................243

Modifying a Filter’s Settings ................................................................................243

Modifying a Filter’s Port Bindings......................................................................244

Chapter 14: Configuring OSPF on the SSR.......................................... 247

A Look at OSPF Routing on the SSR.................................................................................247

Setting OSPF Global Parameters........................................................................................248

Configuring OSPF Area Tables...................................................................................249

Creating OSPF Area Tables..................................................................................250

Modifying Area Tables .........................................................................................267

Chapter 15: Configuring BGP on the SSR............................................ 269

BGP Overview ......................................................................................................................269

Configuring Your SSR for BGP..........................................................................................270

Setting BGP Global Parameters ..................................................................................270

Configuring a New BGP Peer Group.........................................................................271

Modifying an Existing BGP Peer Group....................................................................288

Chapter 16: Configuring Routing Policies on the SSR........................ 297

Routing Policies on the SSR................................................................................................297

RIP and OSPF Routing Policy Defaults ............................................................................297

Setting RIP Routing Policy Defaults...........................................................................298

Setting OSPF Routing Policy Defaults.......................................................................299

A Look at the Building Blocks of Routing Policies..........................................................300

Export Destination Building Blocks...........................................................................301

Configuring and Modifying RIP Export Destinations .....................................301

Configuring and Modifying OSPF Export Destinations..................................303

Configuring and Modifying BGP Export Destinations....................................304

Aggregate Destination Building Blocks.....................................................................306

Configuring Aggregate Destinations..................................................................306

Modifying Aggregate Destinations.....................................................................308

Export Source Building Blocks....................................................................................309

Configuring and Modifying RIP Export Sources..............................................309

Configuring and Modifying OSPF Export Sources ..........................................311

Configuring and Modifying BGP Export Sources ............................................312

Configuring and Modifying Autonomous System Path Export Sources......314

Configuring and Modifying Tag Export Sources..............................................316

Configuring and Modifying Direct Export Sources .........................................318

Configuring and Modifying Static Export Sources...........................................319

Configuring and Modifying Aggregate Export Sources..................................321

Import Source Building Blocks ...................................................................................322

Configuring and Modifying RIP Import Sources .............................................323

Configuring and Modifying OSPF Import Sources..........................................325

Configuring and Modifying BGP Import Sources............................................327

Configuring and Modifying Aggregate Source Building Blocks...........................329

CoreWatch User’s Manual 13

Contents

IP Route Filter Building Blocks .................................................................................. 330

Configuring IP Route Filters ............................................................................... 331

Modifying IP Route Filters .................................................................................. 333

Configuring and Modifying Optional Attribute Building Blocks ........................ 334

Export Policies ..................................................................................................................... 335

Configuring Export Policies ....................................................................................... 336

Modifying Export Policies .......................................................................................... 341

Import Policies..................................................................................................................... 342

Configuring Import Policies....................................................................................... 342

Modifying Import Policies.......................................................................................... 346

Aggregate Policies............................................................................................................... 347

Configuring Aggregate Policies................................................................................. 347

Modifying Aggregate Policies.................................................................................... 352

Redistribute Policies............................................................................................................ 353

Configuring Redistribute Policies.............................................................................. 353

Modifying Redistribute Policies................................................................................. 357

Summarize Routes .............................................................................................................. 358

Configuring Summarize Routes ................................................................................ 358

Modifying Summarize Routes ................................................................................... 362

Chapter 17: Checking System Status ................................................... 365

Obtaining Chassis Information ......................................................................................... 365

Obtaining Port Information............................................................................................... 366

Obtaining Trap Information .............................................................................................. 368

Obtaining SmartTRUNK Information.............................................................................. 369

Chapter 18: Monitoring Real-Time Performance ................................371

Monitoring System Performance ...................................................................................... 371

Setting the Scaling of Dials ......................................................................................... 373

Monitoring Port Utilization ............................................................................................... 374

Obtaining Statistics About an Individual Port................................................................ 376

Obtaining Packet Statistics.......................................................................................... 377

Obtaining Port Byte Statistics..................................................................................... 378

Obtaining Port Error Statistics ................................................................................... 379

Monitoring IP Interface Statistics...................................................................................... 381

Obtaining IP Packet Statistics..................................................................................... 381

Obtaining IP Reassembly Statistics ........................................................................... 382

Obtaining IP Error Statistics....................................................................................... 384

Monitoring IPX Interface Statistics................................................................................... 385

Obtaining IPX Packet Statistics .................................................................................. 386

Obtaining IPX Error Statistics............................................................................................ 387

Using the Graph Toolbar.................................................................................................... 389

Chapter 19: Checking the Status of Bridge Tables .............................391

Obtaining VLAN Information........................................................................................... 391

Obtaining STP Port Information ....................................................................................... 392

Obtaining L2 Interface Information.................................................................................. 394

14 CoreWatch User’s Manual

Contents

Chapter 20: Checking the Status of Routing Tables........................... 397

Checking IP Routing Status................................................................................................397

Obtaining IP Interface Information............................................................................398

Obtaining IP Forwarding Information ......................................................................399

Checking IPX Routing Status .............................................................................................400

Obtaining IPX Interface Information .........................................................................401

Obtaining IPX Forwarding Information....................................................................403

Checking OSPF Routing Status..........................................................................................405

Obtaining OSPF Interface Information......................................................................405

Obtaining OSPF Area Information.............................................................................409

Obtaining OSPF Neighbor Information ....................................................................410

Obtaining OSPF Link-State Database Information ..................................................412

Obtaining OSPF Area Aggregate Information .........................................................414

Checking RIP Routing Status .............................................................................................416

Obtaining RIP Interface Information .........................................................................416

Obtaining RIP Peer Information.................................................................................417

Checking DVMRP Routing Status.....................................................................................419

Obtaining DVMRP Interface Information.................................................................419

Obtaining DVMRP Neighbor Information................................................................421

Obtaining DVMRP Routing Information..................................................................423

Obtaining DVMRP Next Hop Information...............................................................424

Checking IGMP Status ........................................................................................................425

Obtaining IGMP Interface Information.....................................................................426

Obtaining IGMP Cache Information..........................................................................428

Chapter 21: Checking the Status of QoS Tables................................. 431

Obtaining Layer-2 Priority Information ...........................................................................431

Obtaining Flow Priority Information................................................................................433

Obtaining Layer-2 Switching Information.......................................................................435

Obtaining Layer-3 and Layer-4 Switching Information.................................................436

Chapter 22: Obtaining Reports............................................................ 439

Saving Multiple Tables as a Report...................................................................................439

Saving a Single Table as a Report......................................................................................441

Appendix A: Working with Tables ...................................................... 443

Finding Text in a Table........................................................................................................443

Controlling the Contents of Tables....................................................................................444

Refreshing a Table................................................................................................................445

Restoring Table Information...............................................................................................445

Obtaining Table Records.....................................................................................................445

Saving a Single Table as a Report......................................................................................445

Exporting Data from a Table..............................................................................................446

Sorting Table Information...................................................................................................446

Appendix B: CoreWatch Menus........................................................... 447

File Menu...............................................................................................................................447

Monitor Menu.......................................................................................................................448

CoreWatch User’s Manual 15

Contents

Performance State Submenu....................................................................................... 448

System State Submenu ................................................................................................ 450

Bridging State Submenu.............................................................................................. 450

Routing State Submenu............................................................................................... 451

QoS State Submenu...................................................................................................... 453

Window Menu.....................................................................................................................454

Help Menu............................................................................................................................ 454

Appendix C: Supported Regular Expressions...................................... 457

Appendix D: Error Messages................................................................ 461

Missing or Invalid Field Error Messages ......................................................................... 461

Duplicate Objects Error Messages .................................................................................... 465

Already Exists or in Use Error Messages......................................................................... 465

Unavailable Objects Error Messages................................................................................ 466

Miscellaneous Error Messages .......................................................................................... 467

Glossary .................................................................................................473

Index ......................................................................................................483

16 CoreWatch User’s Manual

About This Manual

This manual provides a general overview of CoreWatch and provides procedures for
using that application to configure and monitor a SmartSwitch Router (SSR). For product
information not available in this manual, see the manuals listed in “Related

Documentation” on page 19.

Who Should Read This Manual?

Read this manual if you are responsible for configuring or monitoring the SSR and you
want to do so using CoreWatch rather than using Command Line Interface (CLI)
commands.

How to Use This Manual

Preface

If You Want To See

Get an overview of CoreWatch Chapter 1 on page 21

Start CoreWatch or familiarize yourself with other basic
tasks and the CoreWatch interface

Start Configuration Expert and familiarize yourself with
its interface

Change system information that is needed before an SSR
can be configured

Configure bridging on the SSR Chapter 6 on page 65

Configure virtual local area networks (VLANs) on the SSR Chapter 7 on page 87

Configure Internet Protocol (IP) interfaces that you want
to use for unicast or multicast routing

Configure the SSR for the Routing Information Protocol
(RIP)

CoreWatch User’s Manual 17

Chapter 3 on page 27

Chapter 4 on page 37

Chapter 5 on page 49

Chapter 8 on page 107

Chapter 9 on page 131

Preface

If You Want To See

Configure the SSR for the Distance Vector Multicast

Chapter 10 on page 147

Routing Protocol (DVMRP) and Internet Group
Management Protocol (IGMP), which IP uses to perform
multicast routing

Configure Internet Packet Exchange (IPX) routes on the

Chapter 11 on page 159

SSR

Configure Quality of Service (QoS) policies Chapter 12 on page 179

Configure security on the SSR Chapter 13 on page 207

Read an overview of OSPF routing and configure OSPF on

Chapter 14 on page 247

the SSR

Configure BGP on the SSR Chapter 15 on page 269

Configure Routing Policies on the SSR Chapter 16 on page 297

Check the status of the SSR chassis and ports Chapter 17 on page 365

Monitor real-time performance on the SSR Chapter 18 on page 371

Display tables that contain bridge information and data

Chapter 19 on page 391

about the SSR’s VLANs

Display tables that contain information about the routing

Chapter 20 on page 397

protocols you are using on the SSR

Obtain information about Layer-2, Layer-3, and

Chapter 21 on page 431

Layer-4

Obtain boot log information to perform fault monitoring Chapter 20 on page 329

Obtain reports that include information CoreWatch

Chapter 22 on page 439

displays in its tables

Work in CoreWatch tables Appendix A on page 443

Learn about the commands available on each CoreWatch

Appendix B on page 447

menu

Learn about the regular expressions CoreWatch supports Appendix C on page 457

Obtain information about CoreWatch error messages Appendix D on page 461

18 CoreWatch User’s Manual

Related Documentation

The Cabletron Systems documentation set includes the following items. Refer to these
other documents to learn more about your product.

For Information About See the

Preface

The SmartSwitch Router (SSR) features and the
procedures for installing the SSR and setting it up
for management using CoreWatch software.

How to use Command Line Interface (CLI)
commands to configure and manage the SSR

The complete syntax for all CLI commands SmartSwitch Router Command

SYSLOG messages and SNMP traps SmartSwitch Router Error

SmartSwitch Router Getting
Started Guide

SmartSwitch Router User
Reference Manual

Line Interface Reference Manual

Reference Manual

CoreWatch User’s Manual 19

Preface

20 CoreWatch User’s Manual

Chapter 1

A Look at

CoreWatch

Cabletron Systems’ CoreWatch is a comprehensive, easy-to-use, device management and
configuration application for SmartSwitch Routers (SSRs). Based on Java Programming
Language, CoreWatch provides configuration, monitoring, and reporting capabilities with
the assistance of wizards, dialog boxes, and drag-and-drop operations.

CoreWatch provides access to Configuration Expert, a utility that makes tasks such as
configuring routers, virtual local area networks (VLANs), application-level Quality of
Service (QoS) policies, and security filters simple and easy.

You can run CoreWatch in the Solaris, Windows NT, Windows 95, or Windows 98
environments.

This chapter:

• summarizes the features of CoreWatch.

• describes the system requirements of CoreWatch.

• provides an overview of CoreWatch capabilities.

• discusses the different modes of CoreWatch.

• provides a list of the Management Information Bases (MIBs) CoreWatch supports.

What Are CoreWatch’s Features?

CoreWatch management features include the following:

• Java-based graphical user interface (GUI)

• Simplified bridging configuration

CoreWatch User’s Manual 21

Chapter 1: A Look at CoreWatch

• Simplified routing configuration

• Quality of Service (QoS) policy management

QoS is a set of parameters that assign priorities to different types of traffic, define flows
for Internet Protocol (IP) and Internetwork Packet Exchange (IPX) packet fields, assign
a precedence to the fields of the flows you define, and establish queuing policies

• Configuration of security filters and access control lists (ACLs). An ACL is a list the
SSR keeps to control access to or from various services

• Drag-and-drop VLAN setup and administration

• Detailed reporting in the hypertext markup language (HTML) format

System Requirements

CoreWatch can run in the Solaris, Windows NT, Windows 95, and Windows 98
environments. As shown in the following table, CoreWatch’s system requirements depend
upon your operating system. The table identifies which browser to use with each
operating system and gives the minimum hardware requirements for each environment.

Table 1. CoreWatch system requirements

Solaris 2.5.1 or 2.6)

Browser

CPU

RAM

Disk

Netscape Navigator 3.0 or above Netscape Navigator 3.0 or above, or

Sparc20 or above Pentium 133 or above

128 MB 64 MB

40 MB Free 20 MB Free

CoreWatch Capabilities

CoreWatch lets you perform the following operations:

• Access Configuration Expert, which is a Cabletron Systems utility that you use to
configure your SSR as discussed later in this manual.

• Perform the following monitoring tasks on the SSR as discussed later in this manual:

– Monitor the status of an SSR’s ports, modules, power supplies, and other hardware

components.

Windows NT 4.0x, Windows 95,

or Windows 98

Microsoft Internet Explorer 4.0 or above

22 CoreWatch User’s Manual

– Check the status of each bridge table, routing table, and QoS table. These tables

contain information that CoreWatch obtains from MIBs it supports. (For a list of
these MIBS, see “Which MIBs Does the SSR Support?” on page 23.)

– Display messages stored in the SSR boot log.

– SNMP is a protocol that provides support for monitoring and controlling network

devices, collecting statistics, and managing configurations, performance, and
security. SNMP is mainly used by Transmission Control Protocol/Internet Protocol
(TCP/IP) networks. (TCP/IP is a suite of protocols that provide a relatively simple
way to connect computers and devices from different vendors on a worldwide
internetwork.)

CoreWatch displays most monitoring information in tables and reports, but there is some
data that is displayed in the form of graphs or dials.

A Look at the Modes of CoreWatch

CoreWatch can run in the following modes:

Chapter 1: A Look at CoreWatch

• User, which is the mode CoreWatch automatically begins operating in after you log in

to CoreWatch. Use this mode to monitor the activity on the SSR or to obtain reports.

• Configure, which is the mode you use to perform any of the following tasks:

– Change system information

– Configure bridging and VLANs

– Set QoS policies

– Set security filters

• Configure multiple configuration databases as discussed later in this manual

You switch to the configure mode by starting Configuration Expert. Access to
Configuration Expert is controlled by a password that your system administrator can set
as discussed in “Changing the Privileged Password” on page 34.

Which MIBs Does the SSR Support?

CoreWatch obtains information from MIBs when displaying the CoreWatch tables
discussed later in this manual. The SSR supports the following MIBs:

• IETF Standard MIBs:

MIB2/RFC 1213 (r/w to system group and to snmpEnableAuthTraps only)

• IETF Draft Standard MIBs:

– OSPF-MIB/RFC 1850

CoreWatch User’s Manual 23

Chapter 1: A Look at CoreWatch

– BGP4-MIB/RFC 1657

– RIPv2-MIB/RFC 1724

– EtherLike-MIB/RFC 1643

– BRIDGE-MIB/RFC 1493

• IETF Proposed Standard MIBS:

– IF-MIB/RFC 1573

– IP-Group IPCIDRTable-MIB/RFC 2096

• Experimental/Enterprise MIBs:

– DOT1Q-VLAN-MIB/draft-jeya-vlan-8021q-mib-00.txt

– IGMP/draft-ietf-idmr-igmp-mib-05.txt

– DVMRP/draft-thaler-dvmrp-mib-04.txt

– NOVELL RIP-SAP MIB

– NOVELL IPX MIB

–CTRON-YAGO-CONFIG

–CTRON-YAGO-HARDWARE

–CTRON-YAGO-L2

–CTRON-YAGO-L3

– CTRON-YAGO-SERVICE-STATUS

– CTRON-YAGO-TRAP

Note: More information on these MIBs can be found at www.ietf.org and

www.cabletron.com.

24 CoreWatch User’s Manual

Installing CoreWatch

You can install CoreWatch on a Solaris 2.5.1 or Solaris 2.6 running CDE, Windows NT,
Windows 95, or Windows 98 system. The method you use to install CoreWatch depends
on your environment. Separate discussions on installing CoreWatch in the Solaris or
Windows environments follow.

Chapter 2

CoreWatch

Installation

Note:

CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating
systems. Ensure that your Solaris system includes CDE before attempting to run
CoreWatch.

Installing on a Solaris System

To install CoreWatch from a CD onto a Solaris 2.5.1 or 2.6 system running CDE:

1. If you plan to integrate CoreWatch with HP OpenView, be sure the HP OpenView

daemon is running. For details, see your HP OpenView documentation.

2. Insert the CoreWatch CD into your CD-ROM drive.

3. Log in as super user by entering the following command:

su - root

4. Ensure that you are in the appropriate subdirectory to access the CD-ROM by

entering the following command:

cd /cdrom/cdrom0

CoreWatch User’s Manual 25

Chapter 2: CoreWatch Installation

5. Run the CoreWatch installation script by entering the following command:

install.sh

CoreWatch is installed in on your system in the /opt/CScw directory.

6. Add /opt/CScw/bin to your environment path.

For details on adding items to a path, see your Solaris documentation.

Installing on a Windows NT, Windows 95, or Windows 98 System

Note:

You must have Admin privileges to install CoreWatch on a Windows NT system.

To install CoreWatch on a Windows NT, Windows 95, or Windows 98 system:

1. If you plan to integrate CoreWatch with HP OpenView on a Windows NT system, be
sure the HP OpenView daemon is running. For details, see your HP OpenView
documentation.

2. Insert the CoreWatch CD into your CD-ROM drive.

3. After the CoreWatch installation wizard appears, click Next.

4. After reviewing the license agreement, click Yes to accept it.

5. Enter your name and your company’s name in the appropriate text boxes. Then click
Next.

6. Specify the folder in which you want to install the software and click Next.

You can keep the default folder or click Browse and then browse to another folder.

7. Set up the type of installation by doing one of the following:

– Choose Ty pi ca l to install the most common options.

– Choose Compact to install the minimum files needed to run CoreWatch.

– Choose Custom and click Next if you are an advanced user and want to specify

which files to install. Options with a check mark will be installed. Click to the left
of an item to select or clear its check box.

8. Click Next.

9. Specify a name for the CoreWatch program group, which is Cabletron CoreWatch by
default. Then click Next.

10. When the browser window reappears, close it.

11. Specify whether you want to view the CoreWatch readme file, then click Finish.

Options with a check mark will be performed. Click to the left of an item to select or
clear its check box.

26 CoreWatch User’s Manual

Chapter 3

Learning

CoreWatch Basics

Before using CoreWatch, you should be familiar with some basic CoreWatch tasks and be
familiar with the application’s interface. This chapter

• discusses starting CoreWatch.

• provides an overview of the CoreWatch interface.

• discusses changing CoreWatch passwords.

• discusses how to access the CoreWatch online help.

• explains how to exit CoreWatch.

For information on installing CoreWatch in Solaris and Windows environments, see

Chapter 2: “CoreWatch Installation” on page 25.

Starting CoreWatch

The method you use to start CoreWatch depends on whether you installed it in the Solaris
or Windows environment. If you choose to integrate CoreWatch with SPECTRUM or HP
OpenView during installation, you can start CoreWatch from within either system in both
Solaris and Windows NT/Windows 95/Windows 98.

Caution:

packet to the SSR and that the SSR is configured for SNMP. For details on configuring
SNMP on the SSR, see the SmartSwitch Router User Reference Manual.

Separate discussions on starting CoreWatch in the Solaris and Windows environments
and from within SPECTRUM or HP OpenView follow.

CoreWatch User’s Manual 27

Before starting CoreWatch in any environment, be sure that you can send a ping

Chapter 3: Learning CoreWatch Basics

Starting CoreWatch in Solaris

Note:

To start CoreWatch in the Solaris 2.5.1 or 2.6 environment:

1. Enter the following command at the Solaris prompt:

2. Type the name or IP address and community string for the SSR. If you do not know

3. Click OK.

CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating
systems. Ensure that your Solaris system includes CDE before attempting to run
CoreWatch.

CoreWatch

The Login Dialog dialog box appears.

Note:

this information, see your network administrator.

For details on the window that CoreWatch opens, see “A Look at the CoreWatch

Interface” on page 29.

If the CoreWatch command is not found, you can locate it in /opt/CScw/bin.

Starting CoreWatch in Windows NT, Windows 95, or Windows 98

To start CoreWatch in the Windows NT, Windows 95, or Windows 98 environment:

1. Choose the Start menu, select Programs, select Cabletron CoreWatch, and then choose
CoreWatch. The Login Dialog dialog box appears.

Note:

2. Type the name or IP address and community string for the SSR. If you do not know
this information, see your network administrator.

3. Click OK.

For details on the window that CoreWatch opens, see the “A Look at the CoreWatch

Interface” on page 29.

If you installed the program in a startup folder other than Programs >
Cabletron CoreWatch, select that folder from the Start menu and then select
CoreWatch.

Starting CoreWatch from within SPECTRUM Enterprise Manager

SPECTRUM Enterprise Manager is Cabletron Systems’ flexible and scalable network
management platform based on leading-edge, object-oriented, artificial intelligence
technology. SPECTRUM, which is available on Solaris and Windows NT, provides a suite
of bundled applications as well as additional optional applications. The SSR is modeled in
SPECTRUM using the SmartSwRtr model type. The SSR can be Auto-Discovered or

28 CoreWatch User’s Manual

Chapter 3: Learning CoreWatch Basics

manually created in a SPECTRUM Topology View and then copied to an Organization
and/or Location View.

To Start CoreWatch from within SPECTRUM:

1. Start SPECTRUM.

2. If you know the topology location for your SmartSwRtr model, proceed to that

location. Otherwise, open the Find View by choosing the View menu, selecting New
View, and then selecting Find. Select Model-Type Name and enter the SmartSwRtr
command to display all the SmartSwRtr models or select Network Address to display
a particular model.

3. Bring up the menu for the SmartSwRtr model and select CoreWatch.

This starts CoreWatch using the SmartSwRtr model's network address and community
name. For details on the window that CoreWatch opens, see “Front Panel View” on page

30.

Starting CoreWatch from within HP OpenView 5.x

HP OpenView 5.x is network node management software for the Solaris and Windows NT
environments. If HP OpenView is integrated with CoreWatch, you may use HP OpenView
to start CoreWatch and recognize your SSRs. HP OpenView is automatically integrated
with CoreWatch when you install CoreWatch while the HP OpenView daemon is running.

To start CoreWatch from within HP OpenView:

1. Start HP OpenView.

2. Click a network node.

3. Select the Misc menu and then choose CoreWatch. The Login Dialog dialog box

appears.

4. Type the name or IP address and community string for the SSR. If you do not know

this information, see your network administrator

5. Click OK.

For details on the window that CoreWatch opens, see “Front Panel View” on page 30.

A Look at the CoreWatch Interface

CoreWatch offers two views of the SSR and runs in different modes that you should be
familiar with before using CoreWatch. You may also find it helpful to know how to use the
CoreWatch Toolbar before using CoreWatch. Separate discussions on each CoreWatch
view, its modes, and the CoreWatch Toolbar follow.

CoreWatch User’s Manual 29

Chapter 3: Learning CoreWatch Basics

Front Panel View

After you start CoreWatch, a Front Panel view similar to the following appears:

Legend

Figure 1. Front Panel view (SSR 8000)

The Front Panel view is a graphical representation of an SSR 8000's front-panel chassis.
You can use this view to do the following:

• Obtain port statistics

• Configure ports

• Check the status of ports

The legend identified in the previous figure includes the abbreviations described in the
following table:

Table 2. Legend abbreviations

Abbreviation Description

PS1 Identifies the location of the SSR's main power supply.

PS2 Identifies the location of the SSR's redundant power supply.

CM Identifies the location of the SSR's Control Module.

CM/1 Indicates the location of slot 1 of the SSR chassis. Slot 1 can accept

either the SSR's Control Module or any module the SSR supports.

2 Indicates the location of slot 2 of the SSR chassis.

3 Indicates the location of slot 3 of the SSR chassis.

4 Indicates the location of slot 4 of the SSR chassis.

30 CoreWatch User’s Manual

Table 2. Legend abbreviations (Continued)

Abbreviation Description

5 Indicates the location of slot 5 of the SSR chassis.

6 Indicates the location of slot 6 of the SSR chassis.

7 Indicates the location of slot 7 of the SSR chassis.

A Look at the Modules

In the Front Panel view, an SSR’s modules appear similar to the following figure. This
figure is for an Ethernet 10/100BASE-TX module, but the information CoreWatch displays
to represent a module depends on that module’s type.

Chapter 3: Learning CoreWatch Basics

Figure 2. Front Panel view of SSR’s ethernet 10/100BASE-TX module

Each port on an Ethernet 10/100BASE-TX module is represented by an object similar to
the following figure. The upper-left light-emitting diode (LED) and the center LED of a
port indicates whether the port is online.

Figure 3. Ethernet 10/100BASE-TX port

Each port on a Gigabit module (1000BASE-SX or 1000BASE-LX) is represented by an
object similar to the following figure. The bottom LED of a port indicates whether the port
is online.

Figure 4. Gigabit module (1000BASE-SX or 1000BASE-LX) port

The Front Panel view also includes online and offline LEDs similar to those on the
physical chassis. Unlike their physical counterparts on the actual chassis, these LEDs do
not change in the Front Panel view whenever a module goes online or offline.

CoreWatch User’s Manual 31

Chapter 3: Learning CoreWatch Basics

Schematic View

The Schematic view, which looks similar to the following figure, is a graphical
representation of an SSR's functions (such as bridging, switching, and routing services)
and data objects (such as QoS flows). It also indicates which functions are active, inactive,
or in error. The information in the Schematic view is updated every 30 seconds. The
legend that appears at the bottom of the Schematic view indicates the scheme used to
represent the various items displayed in that view.

Opening the Schematic View

To open the Schematic view, do one of the following:

• Select the File menu and then choose Open Schematic View.

• Click the Open Schematic View button on the CoreWatch toolbar.

32 CoreWatch User’s Manual

Figure 5. CoreWatch Schematic view

Using the Schematic View

You can use the Schematic view to display the CoreWatch tables and dials discussed later
in this manual, and configure QoS flows and security filters. To do so, perform one of the
following operations:

• Move the cursor to an object, click the right-mouse button, and choose a command

from the menu that appears.

• Double-click a function or data object. CoreWatch then performs the default task for

that function or data object.

CoreWatch Menus

The CoreWatch menus are located at the top of the CoreWatch main window. Use the
commands available on these menus to perform tasks in CoreWatch. For a description of
each menu command, see Appendix B: “CoreWatch Menus” on page 447.

CoreWatch Toolbar

Chapter 3: Learning CoreWatch Basics

The CoreWatch toolbar is a set of buttons located at the top of the CoreWatch window.
Clicking buttons in this toolbar performs some CoreWatch tasks quickly. The following
figure identifies the function of each CoreWatch toolbar button. Details on the Schematic
View, System Dashboard, Configuration Expert, Port Utilization Summary, reports, and
online help are discussed later in this manual.

Provides Access to the
System Dashboard

Opens the
Schematic View

Figure 6. CoreWatch toolbar buttons

CoreWatch Passwords

If you can access Configuration Expert, you can change the following CoreWatch
passwords:

Opens Configuration
Expert

Displays the Port
Utilization Summary

Opens CoreWatch
Online Help

Creates HTML
Reports

• Login Password, which is the password you are prompted for when you start

CoreWatch.

CoreWatch User’s Manual 33

Chapter 3: Learning CoreWatch Basics

• Privileged Password, which is the password you are prompted for when you start
Configuration Expert. This password logs you in to Configuration Expert so that you
can then use that utility to configure your SSR.

Changing the Login Password

If you can access Configuration Expert, you can change your CoreWatch Login password.
To change your Login password:

1. Select the Configure menu and choose Change Login Password.

2. If you are prompted for the Privileged password, enter it to start Configuration
Expert. Otherwise, skip to step 3.

You are prompted for the Privileged password if you are not running CoreWatch in
Configure mode.

3. After the Change Login Password form appears, enter your current Login password
in the Old Password text box.

4. Enter your new password in the New Password and Re-enter New Password text
boxes.

5. Click OK.

Changing the Privileged Password

If you can access Configuration Expert, you can change the Privileged password. To
change the Privileged password:

1. Select the Configure menu and choose Change Privileged Password.

2. If you are prompted for the Privileged password, enter it to start Configuration
Expert. Otherwise, skip to step 3.

You are prompted for the Privileged password if you are not running CoreWatch in
the configure mode.

3. After the Change Privileged Password form appears, enter your current Privileged
password in the Old Password text box.

4. Enter your new password in the New Password and Re-enter New Password text
boxes.

5. Click OK.

34 CoreWatch User’s Manual

Accessing Help

When using CoreWatch, you can access online help by choosing commands from the Help
menu or clicking the Help button. If you click the Help button, CoreWatch displays help
specific to the form, dialog box, or other item you are currently using. The following table
describes the commands you can choose from the Help menu. As the table indicates, you
can choose some commands directly from the Help menu and other commands from the
Cabletron Web Site submenu.

Table 3. CoreWatch Help menu commands

Chapter 3: Learning CoreWatch Basics

Command Description

Cabletron Web Site
submenu

Contents and
Index

Glossary Opens the online help glossary for

Release Note Displays the release note(s) for your

Product News Displays information about Cabletron

White Papers Provides access to technical discussions

Frequently Asked
Questions

Technical Support Displays information about how to

Send Feedback Displays a form that you may use to let

Opens CoreWatch Online Help.

CoreWatch.

version of CoreWatch.

Systems products.

of Cabletron Systems products.

Provides technical support for some
issues or concerns that you may have
while using CoreWatch.

contact Cabletron Systems technical
support.

Cabletron Systems know what you
think about its products. You can
complete and send this form online.

CoreWatch User’s Manual 35

Cabletron Home
Page

About CoreWatch Displays information about which

Displays the Cabletron Systems home
page in your Web browser.

version of CoreWatch you are using.

Chapter 3: Learning CoreWatch Basics

Exiting CoreWatch

To exit CoreWatch, select the File menu and choose Exit. CoreWatch prompts you to verify
that you want to exit. Click the Quit button.

36 CoreWatch User’s Manual

Chapter 4

Learning

Configuration

Expert Basics

You can use Cabletron’s Configuration Expert to produce configuration files for an SSR.
Once you have set up a configuration file, you can load it into the SSR. This chapter:

• provides an overview of Configuration Expert.

• explains how to start Configuration Expert.

• discusses the Configuration Expert window.

• describes the different configuration files Configuration Expert uses.

• explains the purpose of Configuration Expert’s wizards and dialog boxes.

• discusses finding, copying, and deleting objects.

• explains how to save and apply your changes.

• discusses exiting Configuration Expert.

If you prefer to produce a configuration file for your SSR using commands instead of
Configuration Expert, see the SmartSwitch Router Command Line Interface Reference Manual.

What Is Configuration Expert?

You can use Configuration Expert to perform the following tasks:

• Change system information

• Configure bridging polices

CoreWatch User’s Manual 37

Chapter 4: Learning Configuration Expert Basics

• Configure VLANs

• Configure IP and IPX routing

• Configure multicast routing

• Set QoS policies

• Set ACLs and security filters

• Configure multiple configuration files on the SSR

Like CoreWatch, Configuration Expert is a Java-based GUI. This GUI offers drag-and­drop setup and administration for VLANs and ACLs. It also supports comprehensive
configuration through wizards and dialog boxes.

Starting Configuration Expert

You can start Configuration Expert from the Front Panel view or independently in the
Solaris or Windows operating environments. Separate discussions on starting
Configuration Expert from the different environments follow.

Starting Configuration Expert from the Front Panel View

To save time navigating through your operating system, you can open Configuration
Expert while in the CoreWatch front panel view.

To open Configuration Expert from the Front Panel view:

1. Select the File menu and choose Open Configuration Expert.

2. If the Configuration Expert Login dialog box appears, enter the Privileged password
and click OK. The Configuration Expert window appears.

For details on this window, see “A Look at the Configuration Expert Window” on page 39.

Starting Configuration Expert in Solaris

Note:

To start Configuration Expert in the Solaris 2.5.1 or 2.6 environment:

• Enter the following command at the Solaris prompt:

CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating
systems. Ensure that your Solaris system includes CDE before attempting to run
CoreWatch.

ConfigExpert

38 CoreWatch User’s Manual

Chapter 4: Learning Configuration Expert Basics

The Configuration Expert window appears.

Note: If the ConfigExpert command is not found, you can locate it in

/opt/CScw/bin.

For details on this window, see “A Look at the Configuration Expert Window” on this

page.

Starting Configuration Expert in Windows NT, Windows 95, or
Windows 98

To start Configuration Expert in the Windows NT, Windows 95, or Windows 98
environment:

• Choose the Start menu, select Programs, select Cabletron CoreWatch, and then choose

ConfigExpert.

Note: If you installed the program in a startup folder other than Programs >

Cabletron CoreWatch, select that folder from the Start menu and then select

ConfigExpert.

For details on this window, see “A Look at the Configuration Expert Window” next.

A Look at the Configuration Expert Window

When you start Configuration Expert, a window similar to the following appears:

CoreWatch User’s Manual 39

Chapter 4: Learning Configuration Expert Basics

Configuration tree Content of this pane changes depending on

The left pane of the Configuration Expert window includes the configuration tree, which
you use to navigate to the objects (modules, ports, system, bridging, routing, and so on)
you want to create, edit, or delete while configuring the SSR. For details on the
configuration tree, see “Configuration Tree” next.

The contents of the right pane changes depending on what task you are performing in
Configuration Expert. Initially the right pane contains the legend that describes some of
the Configuration Expert icons. As you configure the SSR, the right pane will contain the
wizard or dialog box necessary for the configuration task you are performing.

Configuration Tree

The configuration tree is a graphical representation of the SSR’s configuration. When you
are configuring the SSR, you can use the configuration tree to view the contents of the
configuration files so you can add, edit, or delete objects in those files.

You can view the contents of a configuration file by double-clicking its name or icon in the
configuration tree. When you do so, Configuration Expert displays the file’s subtree. As
shown in the following figure, a configuration file’s subtree includes system, bridging,

which task you are performing

Figure 7. Configuration Expert window

40 CoreWatch User’s Manual

Chapter 4: Learning Configuration Expert Basics

routing, QoS, and security configuration objects. There are separate subtrees for each
configuration file.

Double-clicking a
configuration file
displays that file’s
subtree

Figure 8. Configuration tree

You navigate a subtree by double-clicking its objects or clicking the plus sign (+) of
objects. As you do so, Configuration Expert expands the subtree to display the object’s
contents. In the following figure, the System Configuration subtree has been expanded to
display the contents of the Chassis Configuration object and the Module-1 object. As the
figure shows, a plus sign (+) indicates an object can be expanded further and a minus sign
(-) indicates an object cannot be expanded. You can close an expanded object by double­clicking it or clicking its minus sign (-).

CoreWatch User’s Manual 41

Chapter 4: Learning Configuration Expert Basics

Minus sign (-)
indicates an
object cannot be
expanded
further

Display the contents of an
object by double-clicking it
to expand the subtree

Plus sign (+)
indicates an object
can be expanded
to display its
contents

Figure 9. Expanded configuration tree

While configuring the SSR, you can continue double-clicking subtree objects until you are
able to select the object you want to add, edit, or delete. After you select a configurable
object, the wizard or dialog box used to configure that object appears in the right pane of
the Configuration Expert window.

42 CoreWatch User’s Manual

A Look at the Configuration Tree Icons

The configuration tree uses the icons described in the following table to represent
configuration tree objects, to indicate that there is a wizard or dialog box associated with
an object, and to identify configuration file changes and errors:

Table 4. Configuration tree icons and descriptions

Icon Description

Represents a configuration file or configurable object, such as an interface,
VLAN, QoS policy, ACL, and so on.

Double-clicking an object’s folder icon displays the contents of that object.

Represents a chassis module.

Double-clicking a module icon displays that module’s ports. However, this is
not the case with the Control Module icon because there are no ports
associated with the Control Module.

Represents a port.

Chapter 4: Learning Configuration Expert Basics

Indicates that a dialog box is associated with an object. You can configure the
object by using its dialog box.

Indicates that a wizard is associated with an object. You can configure the
object by using its wizard.

Wizards and Dialog Boxes

You can configure objects through wizards and dialog boxes, which are forms that prompt
you for the appropriate configuration information.

Wizards take you step-by-step through the process of adding objects that are complex to
configure. If you add an object using a wizard, there will be a wizard icon next to that
object.

Property sheets are used to add easily configurable objects and also to modify the
configuration settings of objects once they have been added. If there is a dialog box
associated with an object, there will be a dialog box icon next to that object.

CoreWatch User’s Manual 43

Chapter 4: Learning Configuration Expert Basics

Copying Configuration Settings with Drag-and-Drop

You can drag objects to copy their configuration settings. When using this method to copy
ACLs or QoS profiles, you should remember that you drag ACLs to interfaces, but you
drag interfaces to QoS profiles.

Note:

To drag objects to copy their configuration settings:

1. Navigate through the configuration tree until you locate the object possessing the

2. Navigate through the configuration tree until you locate the object to which you want

3. Select the object you want to copy, then drag that object to the object to which you

4. Release the mouse button to apply the configuration settings to the desired object.

Dragging an object from one location to another copies the object’s configuration
settings. It does not move the object.

configuration settings you wish to copy.

to apply the configuration settings.

want to apply the configuration settings.

Configuration Expert displays a folder icon while you are dragging an object. A green
check mark appears whenever the cursor is on an object to which the configuration
settings can be applied.

Finding Objects

You can search for an object in the configuration tree by entering all or part of the name of
an object you want to find. To find an object in Configuration Expert using a text-string
search:

1. Select the Edit menu and choose Find Item. A Find Item dialog box similar to the
following appears:

Figure 10. Find Item dialog box

2. Enter the string of text you would like to search for in the Find String in tree box.

3. If the text you are searching for is case sensitive, turn on the Match Case option.

44 CoreWatch User’s Manual

4. If you wish to limit the range of your search to encompass only the immediate

subtree, turn on the Search only subtree option.

5. Click the Find Next button. Configuration Expert searches the current configuration

file (or the specified portion of it) for the text string you entered in step 2.

Deleting Objects

You can delete any object you add except for VLANs. To delete an object:

1. Select the object you want to delete.

2. Select the File menu and choose Delete Selection.

3. Click OK when Configuration Expert prompts you to verify whether you want to

delete the object.

Order of Configuration Tasks

Chapter 4: Learning Configuration Expert Basics

Perform configuration tasks in the following order:

1. Provide system information (such as the SSR’s name and location), define the SSR’s

ports, set up the SSR for a SYSLOG server and Domain Naming System (DNS)
servers, and configure the SSR for SNMP traps. For details on performing these tasks,
see Chapter 5: “Changing System Settings” on page 49.

2. Configure bridging on the SSR as discussed in Chapter 6: “Configuring SSR Bridging”

on page 65.

3. Group physical ports on the SSR by configuring VLANs as discussed in Chapter 7:

“Configuring VLANs on the SSR” on page 87.

4. If you are using the SSR in an IP environment, create IP interfaces and then configure

those interfaces for unicast or multicast routing.

For details on IP interfaces, see Chapter 8: “Configuring IP Interfaces for the SSR” on

page 107. For details on unicast routing, see Chapter 9: “Configuring Unicast Routing
on the SSR” on page 13 1. For details on multicast routing, see Chapter 10: “Configuring
Multicast Routing on the SSR” on page 147.

5. If you are using the SSR in an IPX environment, configure IPX interfaces as discussed

in Chapter 11: “Configuring the SSR for IPX Routes” on page 159.

6. If you want to control traffic on the SSR, configure the SSR’s QoS policies as discussed

in Chapter 12: “Configuring QoS on the SSR” on page 179.

7. If you want to set security on the SSR, define ACLs and Layer-2 security filters as

discussed in Chapter 13: “Configuring Security on the SSR” on page 207.

8. If you want to set OSPF on the SSR, configure the SSR’s OSPF behavior as discussed in

Chapter 14: “Configuring OSPF on the SSR” on page 247.

CoreWatch User’s Manual 45

Chapter 4: Learning Configuration Expert Basics

Saving and Applying Your Configuration Changes

When you finish working in Configuration Expert you will have to save your changes in
the form of a configuration file, then load them into the SSR.

Saving Changes to a Configuration File:

To save your configuration changes:

1. Select the File menu and choose Save As. The Save Configuration dialog box opens.

Figure 11. Save Configuration dialog box

2. Navigate to the directory in which you wish to store your configuration file and do
one of the following:

– Select on one of the existing configuration files and click the Save button to

overwrite it.

– Type the name of the new configuration file you wish to add to the directory and

click the Save button.

Loading a Configuration File into an SSR

Once you have created a new configuration file, you can use Configuration Expert to load
it into your SSR as both the startup and active configuration file.

46 CoreWatch User’s Manual

Chapter 4: Learning Configuration Expert Basics

To load a configuration file into the SSR:

1. Select the File menu and choose Apply Config. An Apply Configuration dialog box

similar to the following appears:

Figure 12. Apply Configuration dialog box

2. Do one of the following:

– If you are already in the appropriate directory, enter the name of the configuration

file you wish to apply to the SSR in the Configuration file box.

– Choose the Browse button, navigate to the directory containing the configuration

file you wish to apply to the SSR, and select it.

3. Enter the IP address and community string for the SSR in the Switch Name/IP box

and Community String boxes, respectively.

4. Choose the Apply Config button. Configuration Expert loads the specified

configuration file into the SSR as both the Startup and Active configuration files.

Retrieving a Configuration File from an SSR

Just as you can load configuration files into an SSR, you can retrieve the active
configuration file from an SSR, as well.

To retrieve a configuration file from an SSR:

1. Select the File menu and choose Retrieve Config. A Retrieve Configuration dialog

box similar to the following appears:

CoreWatch User’s Manual 47

Chapter 4: Learning Configuration Expert Basics

Figure 13. Retrieve Configuration dialog box

2. Enter the name of the configuration file you wish to retrieve from the SSR in the
Configuration file box.

3. Enter the IP address and community string for the SSR in the Switch Name/IP box
and Community String boxes, respectively.

4. Choose the Retrieve Config button. Configuration Expert retrieves the specified
configuration file and opens it in the main Configuration Expert window.

Exiting Configuration Expert

To exit Configuration Expert and return to CoreWatch, click the button in the upper
right of the Configuration Expert window.

If Configuration Expert prompts you to commit your changes because you have not
already done so, click Yes. Then commit your changes as discussed in “Saving and

Applying Your Configuration Changes” on page 46.

48 CoreWatch User’s Manual

Chapter 5

Changing System

Settings

You change system settings through the System Configuration object of a configuration
file. This chapter discusses using Configuration Expert to perform the following tasks:

• Providing system information to set the SSR’s name, identify who users should contact

regarding the SSR, and indicate the SSR’s location.

• Configuring an SSR’s chassis

• Configuring an SSR’s ports.

• Configuring the SSR to send system messages to a SYSLOG server.

• Configuring the SSR for Domain Naming System (DNS) servers.

• Setting up targets for SNMP traps and establishing SNMP community strings for those

traps.

Providing System Information

Before setting up the SSR, you may want to set the SSR’s name, provide information about
who users should contact regarding the SSR, and indicate where the SSR is located. To
enter this system information:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

System Configuration object.

3. Select the System Identification object.

CoreWatch User’s Manual 49

Chapter 5: Changing System Settings

A System ID dialog box similar to the following appears:

Figure 14. System ID dialog box

4. Enter the SSR’s name, the name of the SSR administrator, and the location of the SSR
in the appropriate text boxes.

5. Click OK.

Configuring an SSR Chassis

One of the first tasks you must perform when you create a new configuration file for your
SSR is to properly configure the chassis, which will be the foundation of your router's
configuration file. Using Configuration Expert, you can determine which modules take up
which slots in your router and so on.

To configure the chassis for your SSR:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.

3. Double-click the Chassis Configuration object. A Chassis Configuration dialog box
similar to the following appears in the right hand frame of the Configuration Expert
window:

50 CoreWatch User’s Manual

Chapter 5: Changing System Settings

Figure 15. Chassis Configuration dialog box

4. Specify whether you are setting up a configuration file for a 2-slot, 8-slot, or 16-slot

router by selecting the appropriate option.

5. Specify which type of module you want to configure for a given slot by taking the

following steps:

a. Click on one of the router's empty (blank) slots to select it.

If you accidentally select a slot other than the one you intended, simply click it
again to deselect it.

b. Click one of the four module type buttons to assign that module to the slot you

selected in step a. The four currently available module types are: 10/100-TX, 100-
FX-M, Gigabit-SX, and Gigabit-LX.

If you accidentally assign a module other than the one you intended to a given slot,
you can reverse that assignment by clicking on the slot and then choosing the
Delete button.

c. Repeat step a and step b until you have configured all of the necessary slots for

your router.

6. Click OK.

CoreWatch User’s Manual 51

Chapter 5: Changing System Settings

Configuring Ports

Configuration Expert lets you enable and disable ports as well as configure the following
characteristics:

• Operating mode (half-duplex or full-duplex).

In half-duplex mode, a port can transmit data in only one direction at a time between
two stations.

In full-duplex mode, a port can simultaneously send and receive data.

• Port speed (10-Mbps or 100-Mbps). This parameter applies only to ports on the
10/100 modules.

• Auto negotiation (for Gigabit Ethernet ports)

• Hash mode, which controls the distribution of flow entries in Layer-2 and Layer-3
lookup tables. (For more information on hash modes, see “Configuring Global Settings

on All Ports” on page 52.)

Note:

You can configure global settings for all SSR ports as well as configure individual ports. If
most of an SSR’s ports are to be configured with the same or similar settings, you can first
apply global settings to all ports and then modify those settings on individual ports as
needed. Separate discussions on configuring default settings for all ports and configuring
an individual port follow.

Cabletron has configured the SSR’s hash mode to its optimal setting. It is
recommended you not change the hash mode unless advised to do so by
Cabletron Technical Support.

Configuring Global Settings on All Ports

To configure global settings on all of the SSR’s ports:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.

3. Double-click the Chassis Configuration object.

4. Click the Global Port Parameters object.

A Global Attributes of Ports dialog box similar to the following appears:

52 CoreWatch User’s Manual

Chapter 5: Changing System Settings

Figure 16. Global Attributes of Ports dialog box

5. If you want all Gigabit Ethernet ports to detect and then use the operating mode and

speed of the network segment to which those ports are connected, select the Auto
Negotiate Port Speed and Mode check box. Otherwise, clear the check box to disable auto
negotiation on all Gigabit Ethernet ports.

All Gigabit Ethernet ports use auto negotiation. If auto negotiation is not set on a
Gigabit Ethernet port, that port uses the full-duplex mode and operates at 1000 Mbps.

6. If you want to configure 10/100 Mbps Ethernet ports, do one of the following.

Otherwise, skip to step 7.

– If you want all 10/100 Mbps Ethernet ports to detect and then use the operating

mode or speed of the network segment to which the port is connected, select the
appropriate Autodetect options.

– If you want to set all 10/100 Mbps Ethernet ports’ operating mode or speed to a

specific setting, select the appropriate buttons.

All 10/100 Mbps Ethernet ports use autodetection by default.

The 100 FX ports do not use auto-detection. They always use full-duplex mode and
operate at 100 Mbps.

Note: If you select an operating mode or speed, the setting disables autodetection

for that parameter on the port. For example, if you set the speed of a segment
to 10 Mbps, that segment no longer uses autodetection for the port speed and
will always attempt to operate at 10 Mbps.

CoreWatch User’s Manual 53

Chapter 5: Changing System Settings

7. Set the Layer 2 hash mode for all ports. The hash mode controls the distribution of
flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the
value 0011:2233:4455, the following list describes the various hash modes.

– M0 – 0011:2233:4455

– M1 – 0011:2233:5544

– M2 – 0011:3322:4455 (default hash mode)

– M3 – 1100:2233:4455

Note: Cabletron has configured the SSR’s hash mode to its optimal setting. It is

recommended you not change the hash mode unless advised to do so by
Cabletron Technical Support.

8. Click OK.

Configuring an Individual Port

Configure an individual port if you want to enable or disable that port or set the port’s
physical characteristics. To configure an individual port:

1. Start Configuration Expert if you have not already done so.

Note: If you open Configuration Expert by clicking a port in the Front Panel view,

Configuration Expert assumes you want to modify that port in the Active
Configuration file and automatically opens that port’s dialog box. If you are
modifying that port in the Active Configuration file, go to step 6.

2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.

3. Double-click the Chassis Configuration object.

A list of modules similar to the following appears.

.

54 CoreWatch User’s Manual

Figure 17. Sample list of modules

Chapter 5: Changing System Settings

4. Double-click the module on which the port you want to configure is located.

The module’s port list appears. The number of ports in the list depends on the module
type.

Figure 18. Sample port list

5. Select the port you want to configure.

CoreWatch User’s Manual 55

Chapter 5: Changing System Settings

A Physical Attributes of Port dialog box similar to the following appears:

Figure 19. Physical Attributes of Port dialog box

6. Specify whether you want to enable or disable the port by selecting the appropriate
option button.

Disabled ports do not send or receive any traffic. You might want to disable unused
ports to prevent network users from inadvertently or unscrupulously connecting to
unoccupied but enabled ports on the SSR.

7. Do one of the following:

– If you want the port to detect and then use the operating mode and speed of the

network segment to which the port is connected, select the Autodetect Port Duplex
Mode and Speed check box. Otherwise, clear the check box to disable autodetection
on the port.

All 10/100 Mbps Ethernet and Gigabit Ethernet ports use autodetection by default.

The 100 FX ports do not use auto-detection. They always use full-duplex mode and
operate at 100 Mbps.

– If you want to set the port’s operating mode or speed to a specific setting, select the

appropriate buttons.

Note: If you select an operating mode or speed, the setting disables autodetection

for that parameter on the port. For example, if you set the speed of a segment
to 10-Mbps, that segment no longer uses autodetection for the port speed and
will always attempt to operate at 10-Mbps.

56 CoreWatch User’s Manual

Chapter 5: Changing System Settings

8. Set the Layer 2 hash mode for the port. The hash mode controls the distribution of

flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the
value 0011:2233:4455, the following list describes the various hash modes:

– M0 – 0011:2233:4455

– M1 – 0011:2233:5544

– M2 – 0011:3322:4455 (default hash mode)

– M3 – 1100:2233:4455

Note: Cabletron has configured the SSR’s hash mode to its optimal setting. It is

recommended you not change the hash mode unless advised to do so by
Cabletron Technical Support.

9. Click OK.

Configuring the SSR for a SYSLOG Server

You can configure the SSR to send system messages to a SYSLOG server. To do so, identify
the server the SSR is to send messages to and also specify the type of messages that the
SSR is to send. On the SYSLOG server, you can decide whether to discard the messages,
write them to a file, or send them out to the console.

To configure the SSR for a SYSLOG server:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

System Configuration object.

3. Select the System Log object.

CoreWatch User’s Manual 57

Chapter 5: Changing System Settings

A System Log dialog box similar to the following appears:

Figure 20. System Log dialog box

4. Enter the host name or IP address of the SYSLOG server.

5. Select the level of messages you want the SSR to log. You may select one of the levels
described in the following table:

Table 5. SYSLOG error message levels

Level Description

Fatal Logs only fatal messages.

Error Logs fatal messages and error messages.

Warning Logs fatal messages, error messages, and warning messages. This is

the default.

Information Logs all messages, including informational messages.

6. Click OK.

58 CoreWatch User’s Manual

Configuring for DNS

As an alternative to a host table on every system, some networks use a centralized
Domain Naming System (DNS) server to maintain name-to-IP-address mappings. You
may configure the SSR to reach up to three DNS servers. When doing so, you can also
specify the domain name the SSR uses for each DNS query and the order in which the SSR
searches for the specified DNS servers.

To configure the SSR for DNS servers:

1. Make sure there is a network connection to the DNS servers you want the SSR to use.

You can do so by sending a ping packet to those servers.

2. Start Configuration Expert if you have not already done so.

3. Open the configuration file you want to modify and then double-click that file’s

System Configuration object.

4. Select the DNS Configuration object.

A System Configuration DNS dialog Box similar to the following appears:

Chapter 5: Changing System Settings

5. Specify which DNS servers you want the SSR to use by taking the following steps to

add those servers. When the SSR searches for DNS servers, it will do so using the
order in which those servers were added.

a. In the Domain text box, enter the name of the domain on which the DNS server

you want to add is an authority.

CoreWatch User’s Manual 59

Figure 21. System Configuration DNS dialog box

Chapter 5: Changing System Settings

b. In the Name Server Search Order text box, enter the IP address of the DNS server

you want to add. Then click the Add button.

You can specify the address in dotted-decimal notation.

After you click the Add button, Configuration Expert adds the specified server to
the list.

c. If you want to configure the SSR for additional DNS servers, repeat step a and

step b until you add up to three DNS servers.

If you add a server and then later want to remove it, you may do so by selecting its
name in the list and then clicking the Delete button.

6. Click OK.

Configuring the SSR for SNMP

The Simple Network Management Protocol (SNMP) provides support for monitoring and
controlling network devices, collecting statistics, and managing configurations,
performance, and security. SNMP is mainly used by TCP/IP networks.

You configure the SSR for SNMP by performing the following tasks:

• Setting up targets for SNMP traps. A target is a management station to which the SSR
sends SNMP traps, which are messages that describe an event (such as restarting the
SSR or a link going down).

• Establishing community strings that SNMP management stations must supply to
access the SSR.

Separate discussions on these SNMP tasks follow.

Setting Up a Target for SNMP Traps

Set up a target for SNMP traps to specify to which server you want the SSR to send SNMP
traps. To set up an SNMP trap target on the SSR:

1. Make sure there is a network connection to the server to which you want the SSR to
send SNMP traps. You can do so by sending a ping packet to the desired server.

2. Start Configuration Expert if you have not already done so.

3. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.

4. Double-click the SNMP Configuration object.

5. Configuration Expert displays the SNMP Trap Target and SNMP Community String
objects.

60 CoreWatch User’s Manual

Chapter 5: Changing System Settings

6. Double-click the SNMP Trap Target object.

7. Do one of the following:

– If you are configuring a new trap target, select the Configure New Trap Target

object from the list of trap targets.

– If you are modifying an existing trap target, select it from the list that appeared

after you expanded the SNMP Trap Target object.

An SNMP Trap Target dialog box similar to the following appears:

Figure 22. SNMP Trap Target dialog box

8. Enter the IP address of the management station from which you want to be able to

access the traps.

Note: The target IP address should be for a management station locally attached to

the SSR. Cold start traps might not reach their destination if the target
requires dynamic route table entries to be forwarded correctly. The system
will retry for four minutes.

9. In the Community String text box, enter the SNMP community for which you are

setting the trap target.

10. Click OK.

CoreWatch User’s Manual 61

Chapter 5: Changing System Settings

Establishing Community Strings

SNMP management stations that want to access the SSR must supply a community string
that you establish on the SSR. You can establish an SSR community string by specifying
the string’s name and selecting the access privileges for that string. To establish
community strings on the SSR:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.

3. Double-click the SNMP Configuration object.

Configuration Expert displays the SNMP Trap Target and SNMP Community String
objects.

4. Double-click the SNMP Community String object.

5. Do one of the following:

– If you are configuring a new community string, select the Configure New

Community String object.

– If you are modifying an existing community string, select it from the list of

community strings that appeared after you expanded the SNMP Community
String object.

An SNMP Community Strings dialog box similar to the following appears:

62 CoreWatch User’s Manual

Figure 23. SNMP Community Strings dialog box

Chapter 5: Changing System Settings

6. In the Community String text box, enter a character string for the community string.

7. Set the level of access to the SSR by selecting one of the options described in the

following table:

Table 6. Level-of-access options

Option Description

Read-only Allows SNMP GETs but not SNMP SETs on the SNMP management

stations that access the SSR through the specified community string.

Read-write Allows both SNMP GETs and SNMP SETs on the SNMP management

stations that access the SSR through the specified community string.

8. Click OK.

CoreWatch User’s Manual 63

Chapter 5: Changing System Settings

64 CoreWatch User’s Manual

Chapter 6

Configuring SSR

Bridging

The SSR provides bridging functions. This chapter

• provides an overview of bridging on an SSR.

• discusses configuring the bridging mode of ports. A port’s bridging mode determines

the contents of that port’s Layer-2 lookup table.

• discusses controlling the aging state of SSR bridging. The SSR’s aging state determines

how long the SSR stores the MAC address information.

• explains setting up the SSR for the Spanning Tree Protocol (STP), which the SSR uses

to work around loops.

• explains using Configuration Expert to configure of SmartTRUNKing on the SSR.

A Look at Bridging on the SSR

The SSR uses transparent bridging to link together different segments of an Ethernet
network.

In transparent bridging, the SSR operates as a learning bridge. As such, it monitors traffic
on subnetworks to learn about destination locations, down bridges, traffic congestion, and
other network information. This frees packets from having to carry routing information
and permits the SSR to forward packets based on current network conditions.

As a learning bridge, the SSR stores the source MAC address of each packet it receives.
This permits the SSR to forward future packets destined for a MAC address to be
forwarded to the port on which the source address was found. It does not forward those
packets to other ports, and thus reduces traffic on the network. If the SSR does not
recognize a packet’s MAC address, however, it forwards that packet to every port.

CoreWatch User’s Manual 65

Chapter 6: Configuring SSR Bridging

Configuring the Bridging Mode of Ports

You can configure ports to use either of the following bridging modes. Each port has a
Layer-2 lookup table where MAC address or flows are stored. A port’s bridging mode
determines the contents of each Layer-2 table entry. A port can use only one type of
bridging at a time.

• Flow-based bridging

If a port is configured for flow-based bridging, each Layer-2 table entry contains
entries consisting of a source MAC address, destination MAC address, and VLAN ID.

• Address-based bridging

If a port is configured for address-based bridging (the default), each Layer-2 table entry
contains a unique destination MAC address and VLAN ID.

Suppose that a port on the SSR is connected to a hub that is connected to three
workstations, A, B, and C. If each workstation is talking to one another and sending
broadcast traffic, the Layer-2 table on the SSR’s port would contain the following entries
for the workstations (assume that the VLAN ID is 1 for all entries):

Table 7. Bridging modes

Port Configuration Entries

Flow-based bridging • MAC addresses A->B

• MAC addresses A->C

• MAC addresses B->A

• MAC addresses B->C

• MAC addresses C->A

• MAC addresses C->B

• MAC addresses A->broadcast

• MAC addresses B->broadcast

• MAC addresses C->broadcast

Address-based bridging • MAC address A

• MAC address B

• MAC address C

• MAC broadcast address

66 CoreWatch User’s Manual

Configuring a Port for Flow-Based Bridging

To configure a port for flow-based bridging:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the Bridging Mode object.

A Bridging Mode dialog box similar to the following appears:

Chapter 6: Configuring SSR Bridging

Figure 24. Bridging Mode dialog box (flow-based bridging)

4. In the Address Mode list, double-click the module on which the port you want to

configure is located. Configuration Expert displays the module’s ports that are
currently using address-based bridging. From the list of ports that appears, select the
port that you want to configure.

CoreWatch User’s Manual 67

Chapter 6: Configuring SSR Bridging

Note: Clicking a module in the Address Mode list rather than double-clicking it

selects all of the module’s ports that are currently using address-based
bridging. Use this method if you are configuring all the ports on a module to
use flow-based bridging.

5. Click the Add button.

Configuration Expert moves the selected port from the Address Mode list to the
corresponding module in the Flow Mode list.

6. Click OK.

Configuration Expert adds the port to those found in the Flow Mode Bridging object,
which is located in the Bridging Mode object.

Configuring a Port for Address-Based Bridging

Ports are configured to use address-based bridging by default. If you previously
configured a port for flow-based bridging and later decide you want that port to use
address-based bridging, you can change its bridging mode. To do so, take the following
steps:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the Bridging Mode object.

A Bridging Mode dialog box similar to the following appears:

68 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

Figure 25. Bridging Mode dialog box (address-based bridging)

4. In the Flow Mode list, double-click the module on which the port you want to

configure is located. Configuration Expert displays the module’s ports that are
currently using flow-based bridging. From the list of ports that appears, select the
port that you want to configure.

Note: Clicking a module in the Flow Mode list rather than double-clicking it selects

all of the module’s ports that are currently using flow-based bridging. Use

CoreWatch User’s Manual 69

Chapter 6: Configuring SSR Bridging

this method if you are configuring all the ports on a module to use address­based bridging.

5. Click the Remove button.

Configuration Expert moves the selected port from the Flow Mode list to the
corresponding module in the Address Mode list box.

6. Click OK.

Configuration Expert adds the port to those found in the Address Mode Bridging
object, which is located in the Bridging Mode object.

Controlling the Aging State of SSR Bridging

The SSR ages learned MAC addresses in the Layer-2 lookup tables. Each port has its own
Layer-2 lookup table. When a learned MAC address entry ages out, the SSR removes that
entry from a port’s Layer-2 lookup tables unless you disable aging on that port.

You can control the aging of learned MAC address entries in the SSR’s Layer-2 lookup
tables. To do so, use Configuration Expert to perform the following tasks:

• Setting up an aging timeout that ports use by default. The SSR uses the aging timeout
to determine how long to keep learned MAC addresses. Aging is a regulation
mechanism the SSR uses to clean up MAC address entries that have not been used for
awhile.

• Overriding the default timeout interval. You do so by setting timeout intervals on any
ports that are to use an interval different from the default aging timeout.

• Disabling aging on a port if you do not want the SSR to remove MAC address entries
from that port’s Layer-2 lookup table.

Separate discussions on each task follow.

Setting Up a Default Aging Timeout

You can set an aging time for learned MAC address entries that all ports use by default.
When the aging time expires for a MAC address, the SSR removes the MAC address from
the port that uses the default timeout. To set up a default aging timeout for MAC address
entries:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the Aging Configuration object.

4. In the list of aging objects that appears, select the Default Aging Timeout object.

70 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

A Default Aging Timeout dialog box similar to the following appears:

Figure 26. Default Aging Timeout dialog box

5. Enter the number of seconds that the SSR is to allow a learned MAC address to

remain in the Layer-2 lookup table.

You can specify from 15 to 1,000,000 seconds. The default is 300 seconds.

6. Click OK.

Overriding the Default Timeout Interval on a Port

As discussed in “Setting Up a Default Aging Timeout” on page 70, you can set an aging
timeout for learned MAC address entries that ports use by default. You may override this
default timeout if you want a port to use a different timeout interval. To override the
timeout interval on a port:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the Aging Configuration object.

4. In the list of aging objects that appears, double-click the Aging Timeout Interval

object. Then select the Configure Aging Timeout on a New Port object that appears.

A Set Aging Timeout dialog box similar to the following appears:

CoreWatch User’s Manual 71

Chapter 6: Configuring SSR Bridging

Figure 27. Set Aging Timeout dialog box

5. From the Module drop-down list, select the module containing the port you want to
configure.

6. From the Port drop-down list, select the port you want to configure.

7. In the Tim eout box, enter the number of seconds that the SSR is to allow a learned
MAC address to remain in the Layer-2 lookup table for the specified port.

You can specify from 15 to 1,000,000 seconds. The default is 300 seconds.

8. Click OK.

Disabling Aging on a Port

Disable aging on a port if you do not want the SSR to age MAC address entries in the
port’s Layer-2 lookup tables.

Caution:

to become full because the SSR will not remove MAC addresses from those tables.

To disable aging on a port:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Disabling aging on a port may eventually cause the port’s Layer-2 lookup tables

Bridging Configuration object.

3. Double-click the Aging Configuration object.

72 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

4. In the list of aging objects that appears, select the Aging State object.

A Bridge Aging State dialog box similar to the following appears:

Figure 28. Bridge Aging State dialog box

5. In the Aging State Enabled list, double-click the module on which the port you want

to disable is located. Configuration Expert displays the module’s ports on which
aging is enabled. From the list of ports that appears, select the port on which you want
to disable aging.

CoreWatch User’s Manual 73

Chapter 6: Configuring SSR Bridging

Note: Clicking a module in the Aging State Enabled list rather than double-clicking

it selects all of the module’s ports on which aging is currently enabled. Use
this method if you want to disable aging on all of those ports.

6. Click the Add button.

Configuration Expert moves the selected port from the Aging State Enabled list to the
corresponding module in the Aging State Disabled list.

7. Click OK.

Configuration Expert adds the port to those found in the Aging Disabled Ports object,
which is located in the Aging State object.

Enabling Aging on a Port

The SSR removes aged MAC address entries from a port’s Layer-2 lookup table if aging is
enabled on that port. Aging is enabled on all ports by default. Therefore, you do not need
to enable aging on a port unless you previously disabled it and then later decide you want
to enable it on that port again.

To enable aging on a port:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the Aging Configuration object.

4. In the list of aging objects that appears, select the Aging State object.

A Bridge Aging State dialog box similar to the following appears:

74 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

Figure 29. Bridge Aging State dialog box

5. In the Aging State Disabled list, double-click the module on which the port you want

to enable is located. Configuration Expert displays the module’s ports on which aging
is disabled. From the list of ports that appears, select the port on which you want to
enable aging.

Note: Clicking a module in the Aging State Disabled list rather than double-

clicking it selects all of the module’s ports on which aging is currently
disabled. Use this method if you want to enable aging on all of those ports.

CoreWatch User’s Manual 75

Chapter 6: Configuring SSR Bridging

6. Click the Remove button.

Configuration Expert moves the selected port from the Aging State Disabled list to the
corresponding module in the Aging State Enabled list.

7. Click OK.

Configuration Expert adds the port to those found in the Aging Enabled Ports object,
which is located in the Aging State object.

Setting Up STP on the SSR

The SSR uses the Spanning Tree Protocol (STP) to dynamically discover a loop-free
topology.

STP includes an algorithm that permits bridges to send Bridge Protocol Data Units
(BPDUs). Unless a bridge is a root bridge, it uses the information in a BPDU to perform
the following operations. (A root bridge is a bridge that uses STP to prevent loops by
periodically exchanging topology information with other bridges.)

1. Select a root bridge.

2. Calculate the shortest path from itself to the root bridge.

3. Select a designated bridge.

A designated bridge is the bridge responsible for forwarding frames to a LAN
segment.

4. Select a root port.

A root port is a port that provides the best path from the bridge to the root bridge.

5. Select which ports are included in a spanning tree.

On the SSR, you can enable STP per port. This approach offers flexibility. STP BPDUs that
arrive on ports on which STP is disabled are forwarded only to ports which are part of the
receiving port's VLAN.

You can set up STP on the SSR by performing the following tasks:

Note:

• Defining STP settings for an SSR bridge.

• Defining STP settings for individual ports.

STP is disabled on the SSR by default. If you want the SSR to use STP, you will
need to define the different settings and enable STP.

• Enabling and disabling STP on individual ports.

Separate discussions on these STP tasks follow.

76 CoreWatch User’s Manual

Defining STP Settings for SSR Bridging

You can define global STP settings that the SSR uses for bridging. To define global STP
settings:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the Spanning Tree Protocol object.

4. In the list of STP objects that appears, select the Global STP Settings object.

An STP Global Settings dialog box similar to the following appears:

Chapter 6: Configuring SSR Bridging

5. In the Bridging Priority box, enter the STP bridging priority for the SSR.

The bridging priority determines which bridge functions as the root bridge. You can
specify a number from 0 to 65535. The bridge assigned the lowest value is the root
bridge. The default is 32768.

6. In the Hello-time box, enter the number of seconds that you want to elapse between

the BPDUs STP sends.

Specify a number from 1to 10. The default is 2.

7. In the Msg Max Age box, enter the number of seconds you want to specify for the

SSR’s maximum age.

CoreWatch User’s Manual 77

Figure 30. STP Global Settings dialog box

Chapter 6: Configuring SSR Bridging

The maximum age is the length of time the SSR keeps the STP-protocol information it
receives. You can specify a number from 6 to 40. The default is 20.

8. In the Forward Delay box, enter the number of seconds you want to elapse between
the transitions of the different STP states.

Specify a number from 4 to 30. The default is 15.

9. Click OK.

The SSR bridge will use the specified STP settings. However, individual ports also have
STP settings that you can configure as discussed in “Defining STP Attributes on an

Individual Port” on page 78.

Defining STP Attributes on an Individual Port

In addition to the global STP settings discussed in “Defining STP Settings for SSR

Bridging” on page 77, the SSR uses the following STP attributes that are set on individual

ports.

•Port priority

The STP algorithm uses the port priority to determine which port to use if a bridge has
two ports connected in a loop.

•Port cost

This attribute specifies how much a port contributes to the total cost of the path to the
root bridge when the port is the root.

A port uses the default settings for these attributes. You may, however, change these
default settings on individual ports. To change a port’s priority or cost:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the Spanning Tree Protocol object.

4. In the list of STP objects that appears, double-click the Port Specific STP Settings
object.

Configuration Expert displays the Configure New Port object and objects for any
previously configured ports.

5. Do one of the following:

– If you are configuring a port’s STP attributes for the first time, select the Configure

STP Settings on a New Port object.

– If you are modifying existing STP settings of a port, select that port’s object from

the list that appeared after you expanded the Port Specific STP Settings object.

78 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

A Set STP Port Specific Settings dialog box similar to the following appears:

Figure 31. Set STP Port Specific Settings dialog box

6. From the Module drop-down list, select the module containing the port you want to

configure.

7. From the Port drop-down list, select the port you want to configure.

8. In the Cost box, enter the STP cost you are assigning to the ports.

Specify a number from 1 to 65535. The default depends on the port speed: 1 for Gigabit
(100-Mbps) ports, 10 for 100-Mbps ports, and 100 for 10-Mbps ports.

9. In the Priority box, enter the priority you want to assign to the port.

Specify a number from 0 to 255. The default is 128.

10. Click OK.

Enabling STP on a Port

Enable STP on a port to eliminate the possibility of there being a loop on that port. To
enable STP on a port:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the Spanning Tree Protocol object.

CoreWatch User’s Manual 79

Chapter 6: Configuring SSR Bridging

4. In the list of STP objects that appears, select the STP Port State object.

A Bridging STP dialog box similar to the following appears:

Figure 32. Bridging STP dialog box (enabling STP)

5. In the STP Disabled Ports list, double-click the module containing the port you want
to configure. Configuration Expert displays the module’s ports on which STP is
disabled. From the list of ports that appears, select the port on which you want to
enable STP.

80 CoreWatch User’s Manual

Note: Clicking a module in the STP Disabled Ports list rather than double-clicking

it selects all of the module’s ports on which STP is currently disabled. Use this
method if you want to enable STP on all of those ports.

6. Click the Add button.

Configuration Expert moves the selected port from the STP Disabled Ports list to the
corresponding module in the STP Enabled Ports list.

7. Click OK.

Configuration Expert adds the port to those found in the STP Enabled Ports object,
which is located in the STP Port State object.

Disabling STP on a Port

Disable STP on a port if the port does not need to participate in STP. To disable STP on a
port:

1. Start Configuration Expert if you have not already done so.

Chapter 6: Configuring SSR Bridging

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the Spanning Tree Protocol object.

4. In the list of STP objects that appears, select the STP Port State object.

A Bridging STP dialog box similar to the following appears:

CoreWatch User’s Manual 81

Figure 33. Bridging STP dialog box (disabling STP)

Chapter 6: Configuring SSR Bridging

5. In the STP Enabled Ports list, double-click the module containing the port you want
to configure. Configuration Expert displays the module’s ports on which STP is
enabled. From the list of ports that appears, select the port on which you want to
disable STP.

Note: Clicking a module in the STP Enabled Ports list rather than double-clicking it

selects all of the module’s ports on which STP is currently enabled. Use this
method if you want to disable STP on all of those ports.

6. Click the Remove button.

Configuration Expert moves the selected port from the STP Enabled Ports list to the
corresponding module in the STP Disabled Ports list.

7. Click OK.

Configuration Expert adds the port to those found in the STP Disabled Ports object,
which is located in the STP Port State object.

Configuring SmartTRUNK Behavior on the SSR

The SSR uses SmartTRUNKing to help maximize throughput with the help of load
balancing and load sharing. A SmartTRUNK is a group of two or more ports that have
been logically combined into a single port. Network traffic is divided across the ports in
parallel to provide additional throughput, which provides increased throughput and link
redundancy.

82 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

Defining SmartTRUNK Settings for SSR Bridging

To set up the SSR to perform SmartTRUNKing:

1. Start Configuration Expert if you have not already done so.

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Double-click the SmartTRUNKing Configuration object.

4. Click the Configure New SmartTRUNKing Port object.

Configuration Expert opens the ARP wizard:

5. Click Next.

The SmartTRUNKing Name Entry panel appears:

6. Define the port(s) to be included in the SmartTRUNK by taking the following steps:

a. In the SmartTRUNKing Port box, enter a name for the port you wish to assign to

the SmartTRUNK.

The SmartTRUNKing port name is a string up to 32 characters long. You cannot
begin a SmartTRUNKing port name with an underscore ( _ ) or the prefix “SYS_.'

b. Specify the Load Policy by selecting either the Least Loaded or Round Robin option.

c. Under Options, select either Protocol or Timeout. If you select the Protocol option,

CoreWatch User’s Manual 83

Figure 34. SmartTRUNKing Name Entry panel

Chapter 6: Configuring SSR Bridging

you must also specify whether you wish to use the Hunt Group or no protocol by
selecting the appropriate option from the drop-down list.

7. Click Next.

The Bound Port list panel appears:

Figure 35. Bound Port list panel

8. Add a port to the SmartTRUNK by doing the following:

a. In the Available Port list, double-click the module on which the port you want to

add is located. From the list of available ports that appears, select the port that
you want to add.

84 CoreWatch User’s Manual

Chapter 6: Configuring SSR Bridging

Figure 36. Expanded Bound Port list panel

b. Click the Add button.

Configuration Expert moves the selected port from the Available Port list to the
corresponding module in the Selected Port list.

If you accidentally add a port that you do not want to include in the SmartTRUNK,
you may remove it by double-clicking that port’s module in the Selected Port list.
From the list of ports that appears, select the port you do not want in the
SmartTRUNK, then click the Remove button.

9. Continue selecting ports and clicking the Add button until you have added all the

ports you want the SmartTRUNK to include.

Clicking a module rather than double-clicking it in a list box selects all of the module’s
ports in that list box. This is a quick way to select all of a module’s ports if you want to
add or remove them all at the same time.

10. Click Finish.

Configuration Expert adds the new SamrtTRUNK to the SmartTRUNKs found in the
SmartTRUNKing object.

CoreWatch User’s Manual 85

Chapter 6: Configuring SSR Bridging

86 CoreWatch User’s Manual

Chapter 7

Configuring VLANs

on the SSR

You can configure VLANs to limit the scope of traffic on the SSR. This chapter

• provides an overview of VLANs on the SSR.

• lists tips that make VLAN configuration easy.

• discusses defining ports for VLANs.

• discusses creating the different VLANs the SSR supports.

• describes copying ports to add them to a VLAN.

• discusses modifying VLANs.

A Look at VLANs on the SSR

VLANs contain Layer-2 broadcast and multicast traffic. No traffic is allowed to cross
VLAN boundaries unless it passes through routers. Once connected by routers, VLANs
are equivalent to subnets.

VLANs are created by grouping a set of bridged ports together as part of one bridged
network. Broadcasts from one of the ports in a VLAN are received by other ports in the
group but not by any ports outside of the group. Similarly, unicast traffic is bridged only
between ports in a group but not to ports outside of the group. Thus, traffic is not allowed
to cross the group boundary. A bridge may have multiple VLANs defined thus appearing
as multiple virtual bridges on the SSR.

The SSR supports the following types of VLANs. The VLAN type determines the type of
traffic the SSR will forward on the VLAN.

CoreWatch User’s Manual 87

Chapter 7: Configuring VLANs on the SSR

• Protocol-based VLAN, which divides the physical network into logical VLANs based
on one or more of the following protocols:

– IP VLAN, which is a VLAN used for IP traffic.

– IPX VLAN, which is a VLAN used for IPX traffic.

– Bridged-protocol VLAN, which is a VLAN used for bridged protocols (such as

AppleTalk).

• Port-based VLAN, which is a VLAN that is independent of the traffic type. Port-based
VLANs treat IP, IPX, and bridged protocols alike.

The ports in a VLAN can be configured as one of the following:

• Access ports

Access ports can belong to only one VLAN per protocol (IP, IPX, or a bridged protocol).
This is the default for all ports.

On access ports, traffic is sent out without 802.1Q frame format.

• Trunk ports

Trunk ports can belong to any number of VLANs. Use trunk ports when you want to
connect SSR routers together and send traffic for multiple VLANs on a single network
segment connecting the routers.

On trunk ports, traffic is always sent out with 802.1Q frame format.

VLAN Configuration Tips

The following list includes tips that you should keep in mind while configuring VLANs
on an SSR as discussed later in this chapter:

• You can quickly add ports to a VLAN, by copying ports as discussed in “Dragging

Ports to Add Them to a VLAN” on page 103.

• When defining trunk ports, you can define all the ports on a module as trunk ports at
one time rather than defining them individually. To do so, click rather than double­click the module in the Access Port list box of the dialog box you use to define ports.
Then click the Add button.

• When defining access ports in a dialog box, you can define all the ports on a module as
access ports at one time rather than defining them individually. To do so, click rather
than double-click the module in the Trunk Port list box of the dialog box you use to
define ports. Then click the Remove button.

• When adding ports to a VLAN, you can add all of a module’s available ports at one
time rather than adding them individually. To do so, click rather than double-click the
module in the Available Port List box of the dialog box you use to add ports. Then click
the Add button.

88 CoreWatch User’s Manual

Chapter 7: Configuring VLANs on the SSR

• When removing ports from a VLAN, you can remove all of a module’s ports at one

time rather than removing them individually.To do so, click rather than double-clock
the module in the Selected Port List box of the dialog box you use to add ports. Then
click the Remove button.

Defining Access Ports and Trunk Ports

You can define ports as either access or trunk ports.

All ports are configured as access ports by default. Therefore, you need to define a port as
an access port only if you previously defined it as a trunk port and now want to use it as
an access port, instead. Access ports can be added to only one VLAN.

Define a port as a trunk port if you want to include that port in multiple VLANs. Trunk
ports are useful for connecting SSRs together and for sending traffic of multiple VLANs
on a single network segment connecting the routers. Suppose you have two
VLANs/subnetworks of IP users on separate SSRs and those VLANs need to belong to
the same layer broadcast domain. You could trunk two SSRs together as shown in the
following figure:

VLAN1 VLAN1

SSR1 SSR2

VLAN2 VLAN2

To define access ports and trunk ports:

1. Start Configuration Expert if you have not already done so.

Note:

2. Open the configuration file you want to modify and then double-click that file’s

Bridging Configuration object.

3. Click the Port Bridging Mode object.

A Bridging VLAN Mode dialog box similar to the following appears:

If you start Configuration Expert from the Schematic view choosing the
Configure VLAN command, Configuration Expert automatically expands
the Active Configuration file’s tree to the VLAN Configuration object. If you
are adding a VLAN to the Active Configuration file, go to step 3.

Trun k

Link

CoreWatch User’s Manual 89

Chapter 7: Configuring VLANs on the SSR

Figure 37. Bridging VLAN Mode dialog box

4. Do one of the following:

– Define an access port by double-clicking that port’s module in the Trunk Ports list.

From the list of trunk ports that appears, select the port that you want to define as
an access port. Then click the Remove button.

After you click the Remove button, Configuration Expert moves the selected port from
the Trunk Ports list to the corresponding module in the Access Ports list.

90 CoreWatch User’s Manual

Chapter 7: Configuring VLANs on the SSR

– Define a trunk port by double-clicking that port’s module in the Access Ports list.

From the list of access ports that appears, select the port that you want to define as
a trunk port. Then click the Add button.

After you click the Add button, Configuration Expert moves the selected port from the
Access Ports list to the corresponding module in the Trunk Ports list.

5. Repeat step 4 until you define all the access and trunk ports you will include in your

VLANs.

Clicking a module rather than double-clicking it in a list box selects all of the module’s
ports in that list box. This is a quick way to select all of module’s ports when you are
defining those ports as all the same type.

6. Click OK.

Configuration Expert adds the access ports and trunk ports to those listed in the Access
Ports and Trunk Ports objects, which are located in the Port Bridging Mode object.

Creating a Protocol-Based VLAN

To create a VLAN that the SSR will use for IP, IPX, or bridged-protocol traffic:

1. Start Configuration Expert if you have not already done so.

Note:

If you start Configuration Expert from the Schematic view choosing the
Configure VLAN command, Configuration Expert automatically expands
the Active Configuration file’s tree to the VLAN Configuration object. If you
are adding a VLAN to the Active Configuration file, go to step 3.

CoreWatch User’s Manual 91

Chapter 7: Configuring VLANs on the SSR

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the VLAN Configuration object.

4. Click the Configure New VLAN object.

Configuration Expert opens the VLAN wizard.

Figure 38. VLAN wizard (protocol-based)

5. Click Next.

Configuration Expert prompts you to specify which type of VLAN you want to
configure.

92 CoreWatch User’s Manual

Chapter 7: Configuring VLANs on the SSR

Figure 39. VLAN Type panel (protocol-based)

6. Select the Protocol-Based VLAN option and then click Next.

7. In the wizard panel that appears, define the VLAN by taking the following steps:

a. In the VLAN Name box, enter a name for the VLAN.

The VLAN name is a string up to 32 characters long. You cannot begin a VLAN
name with an underscore ( _ ) or the prefix “SYS_.'

b. In the VLAN ID box, enter an ID number from 2 to 4093 for the VLAN.

The ID you enter must be unique for the VLAN. If you are creating a VLAN that
will be used on two SSRs and you want to connect those SSRs together on the same
trunk port, be sure to use the same ID when creating the VLAN on each SSR. The
SSRs will use the ID to recognize that the same VLAN is configured across two
SSRs.

c. Specify which type of traffic you want to allow on the VLAN. To do so, select one

CoreWatch User’s Manual 93

Chapter 7: Configuring VLANs on the SSR

or more of the options described in the following table:

Table 8. VLAN traffic types

Option Description

IP Specifies that the VLAN is for IP traffic.

IPX Specifies that the VLAN is for IPX traffic.

Other Specifies that the VLAN is for bridged protocols.

The following figure is an example of the information you enter to define a protocol­based VLAN:

8. Click Next.

A wizard panel similar to the following appears:

94 CoreWatch User’s Manual

Figure 40. VLAN Definition panel (protocol-based)

Chapter 7: Configuring VLANs on the SSR

Figure 41. Update Port list panel (protocol-based)

9. Add a port to the VLAN by doing the following:

a. In the Available Port list, double-click the module on which the port you want to

add is located. From the list of available ports that appears, select the port that
you want to add.

Figure 42. Expanded Update Port list panel (protocol-based)

CoreWatch User’s Manual 95

Chapter 7: Configuring VLANs on the SSR

b. Click the Add button.

Configuration Expert moves the selected port from the Available Port list to the
corresponding module in the Selected Port list.

If you accidentally add a port that you do not want to include in the VLAN, you
may remove it by double-clicking that port’s module in the Selected Port list. From
the list of ports that appears, select the port you do not want in the VLAN. Then
click the Remove button.

10. Continue selecting ports and clicking the Add button until you have added all the
ports you want the VLAN to include.

Clicking a module rather than double-clicking it in a list box selects all of the module’s
ports in that list box. This is a quick way to select all of a module’s ports if you want to
add or remove them all at the same time.

11. Click Finish.

Configuration Expert adds the new VLAN to the VLANs found in the Protocol Based
VLANs object.

Creating a Port-Based VLAN

To create a VLAN that the SSR will use for IP, IPX, and bridged-protocol traffic:

1. Start Configuration Expert if you have not already done so.

Note:

2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.

3. Double-click the VLAN Configuration object.

4. Click the Configure New VLAN object.

Configuration Expert opens the VLAN wizard.

If you start Configuration Expert from the Schematic view choosing the
Configure VLAN command, Configuration Expert automatically expands
the Active Configuration file’s tree to the VLAN Configuration object. If you
are adding a VLAN to the Active Configuration file, go to step 3.

96 CoreWatch User’s Manual

Chapter 7: Configuring VLANs on the SSR

Figure 43. VLAN wizard (port-based)

5. Click Next.

Configuration Expert prompts you to specify which type of VLAN you want to
configure.

Figure 44. VLAN Type panel (port-based)

6. Select the Port-Based VLAN option, then click Next.

CoreWatch User’s Manual 97

Chapter 7: Configuring VLANs on the SSR

7. In the wizard panel that appears, define the VLAN by taking the following steps:

a. In the VLAN Name box, enter a name for the VLAN.

The VLAN name is a string up to 32 characters long. You cannot begin a VLAN
name with an underscore ( _ ) or the prefix “SYS_.”

b. In the VLAN ID box, enter an ID number from 2 to 4093 for the VLAN.

The ID you enter must be unique for the VLAN. If you are creating a VLAN that
will be used on two SSRs and you want to connect those SSRs together on the same
trunk port, be sure to use the same ID when creating the VLAN on each SSR. The
SSRs will use the ID to recognize that the same VLAN is configured across two
SSRs.

The following figure is an example of the information you enter to define a port­based VLAN:

98 CoreWatch User’s Manual

Figure 45. VLAN Definition panel (port-based)

Chapter 7: Configuring VLANs on the SSR

Because port-based VLANs are used for all the different types of protocol traffic,
Configuration Expert automatically selects all the Protocol Binding options described
in the following table. You cannot change these selections.

Table 9. Protocol binding options

Option Description

IP Specifies that the VLAN is for IP traffic.

IPX Specifies that the VLAN is for IPX traffic.

Other Specifies that the VLAN is for bridged protocols.

8. Click Next.

A wizard panel similar to the following appears:

9. Add a port to the VLAN by doing the following:

a. In the Available Port list, double-click the module on which the port you want to

add is located. From the list of available ports that appears, select the port that
you want to add.

CoreWatch User’s Manual 99

Figure 46. Update Port list panel (port-based)

Chapter 7: Configuring VLANs on the SSR

Figure 47. Expanded Update Port list panel (port-based)

b. Click the Add button.

Configuration Expert moves the selected port from the Available Port list to the
corresponding module in the Selected Port list.

If you accidentally add a port that you do not want to include in the VLAN, you
may remove it by double-clicking that port’s module in the Selected Port list. From
the list of ports that appears, select the port you do not want in the VLAN. Then
click the Remove button.

10. Continue selecting ports and clicking the Add button until you have added all the
ports you want the VLAN to include.

Clicking a module rather than double-clicking it in a list box selects all of the module’s
ports in that list box. This is a quick way to select all of a module’s ports if you want to
add or remove them all at the same time.

11. Click Finish.

Configuration Expert adds the new VLAN to the VLANs found in the Port Based
VLANs object.

Modifying VLANs

You can modify any VLAN’s name, ID, and the ports included in a VLAN. On a protocol­based VLAN you can also modify the protocols bound to that VLAN. Separate

100 CoreWatch User’s Manual