Cabletron Systems SSR-GLX19-02, SSR-HFX11-08, SSR-HFX29-08, SSR-GLX70-01, SSR-GSX11-02 User Manual

...
Page 1
CoreWatch User’s Manual
9032564-04
Page 2
Notice
2 CoreWatch User’s Manual
Page 3
Notice
Notice
Cabletron Systems reserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult Cabletron Systems to determine whether any such changes have been made.
The hardware, firmware, or software described in this manual is subject to change without notice.
IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS MANUAL OR THE INFORMATION CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN ADVISED OF, KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH DAMAGES.
© Copyright December 1998 by:
Cabletron Systems, Inc. P.O. Box 5005 Rochester, NH 03866-5005
All Rights Reserved Printed in the United States of America Order Number: 9032564-04
Cabletron Systems, SPECTRUM, and LANVIEW are registered trademarks and APIM, Element Manager, FE-100TX, FE-100FX, FE-100F3, HSIM, HubSTACK, SecureFast, SmartSwitch, SmartSwitch Router, and Synthesis are trademarks of Cabletron Systems, Inc.
All other product names mentioned in this manual may be trademarks or registered trademarks of their respective companies.
CoreWatch User’s Manual 3
Page 4
Notice
FCC Notice
This device complies with Part 15 of the FCC rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.
NOTE: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment uses, generates, and can radiate radio frequency energy and if not installed in accordance with the operator’s manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause interference in which case the user will be required to correct the interference at his own expense.
WAR NIN G: Changes or modifications made to this device which are not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment.
Industry Canada Notice
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the Radio Interference Regulations of the Canadian Department of Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux appareils numériques de la class A prescrites dans le Règlement sur le brouillage radioélectrique édicté par le ministère des Communications du Canada.
VCCI Notice
This is a Class A product based on the standard of the Voluntary Control Council for Interference by Information Technology Equipment (VCCI). If this equipment is used in a domestic environment, radio disturbance may arise. When such trouble occurs, the user may be required to take corrective actions.
4 CoreWatch User’s Manual
Page 5
Notice
Cabletron Systems, Inc. Program License Agreement
IMPORTANT: Before utilizing this product, carefully read this License Agreement.
This document is an agreement between you, the end user, and Cabletron Systems, Inc. (“Cabletron”) that sets forth your rights and obligations with respect to the Cabletron software program (the “Program”) contained in this package. The Program may be contained in firmware, chips or other media. BY UTILIZING THE ENCLOSED PRODUCT, YOU ARE AGREEING TO BECOME BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES THE LICENSE AND THE LIMITATION OF WARRANTY AND DISCLAIMER OF LIABILITY. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, PROMPTLY RETURN THE UNUSED PRODUCT TO THE PLACE OF PURCHASE FOR A FULL REFUND.
Cabletron Software Program License
1. LICENSE. You have the right to use only the one (1) copy of the Program provided in this package subject to the terms and conditions of this License Agreement.
You may not copy, reproduce or transmit any part of the Program except as permitted by the Copyright Act of the United States or as authorized in writing by Cabletron.
2. OTHER RESTRICTIONS
3. APPLICABLE LAW and in the state and federal courts of New Hampshire. You accept the personal jurisdiction and venue of the New Hampshire courts.
. You may not reverse engineer, decompile, or disassemble the Program.
. This License Agreement shall be interpreted and governed under the laws
Exclusion of Warranty and Disclaimer of Liability
1. EXCLUSION OF WARRANTY. Except as may be specifically provided by Cabletron in writing, Cabletron makes no warranty, expressed or implied, concerning the Program (including its documentation and media).
CABLETRON DISCLAIMS ALL WARRANTIES, OTHER THAN THOSE SUPPLIED TO YOU BY CABLETRON IN WRITING, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE PROGRAM, THE ACCOMPANYING WRITTEN MATERIALS, AND ANY ACCOMPANYING HARDWARE.
2. NO LIABILITY FOR CONSEQUENTIAL DAMAGES ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THIS CABLETRON PRODUCT, EVEN IF CABLETRON HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. BECAUSE SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, OR ON THE DURATION OR LIMITATION OF IMPLIED WARRANTIES, IN SOME INSTANCES THE ABOVE LIMITATIONS AND EXCLUSIONS MAY NOT APPLY TO YOU.
. IN NO EVENT SHALL CABLETRON OR
CoreWatch User’s Manual 5
Page 6
Notice
United States Government Restricted Rights
The enclosed product (a) was developed solely at private expense; (b) contains “restricted computer software” submitted with restricted rights in accordance with Section 52227-19 (a) through (d) of the Commercial Computer Software - Restricted Rights Clause and its successors, and (c) in all respects is proprietary data belonging to Cabletron and/or its suppliers.
For Department of Defense units, the product is licensed with “Restricted Rights” as defined in the DoD Supplement to the Federal Acquisition Regulations, Section 52.227-7013 (c) (1) (ii) and its successors, and use, duplication, disclosure by the Government is subject to restrictions as set forth in subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at 252.227-7013. Cabletron Systems, Inc., 35 Industrial Way, Rochester, New Hampshire 03867-0505.
6 CoreWatch User’s Manual
Page 7
Notice
SAFETY INFORMATION
CLASS 1 LASER TRANSCEIVERS
The SSR-HFX11-08 100Base-FX Module, SSR-GSX11-02 1000BASE-LX Module, SSR-GLX19-02 1000BASE-LX Module, SSR-HFX29-08 100BASE-FX SMF Module, and SSR-GLX70-01 1000BASE-LLX Module use Class 1 Laser transceivers. Read the following safety information before installing or operating these modules.
The Class 1 laser transceivers use an optical feedback loop to maintain Class 1 operation limits. This control loop eliminates the need for maintenance checks or adjustments. The output is factory set, and does not allow any user adjustment. Class 1 Laser transceivers comply with the following safety standards:
21 CFR 1040.10 and 1040.11 U.S. Department of Health and Human Services (FDA).
IEC Publication 825 (International Electrotechnical Commission).
CENELEC EN 60825 (European Committee for Electrotechnical Standardization).
When operating within their performance limitations, laser transceiver output meets the Class 1 accessible emission limit of all three standards. Class 1 levels of laser radiation are not considered hazardous.
SAFETY INFORMATION
CLASS 1 LASER TRANSCEIVERS
Laser Radiation and Connectors
When the connector is in place, all laser radiation remains within the fiber. The maximum amount of radiant power exiting the fiber (under normal conditions) is -12.6 dBm or 55 x 10
Removing the optical connector from the transceiver allows laser radiation to emit directly from the optical port. The maximum radiance from the optical port (under worst case conditions) is
0.8 W cm
Do not use optical instruments to view the laser output. The use of optical instruments to view laser output increases eye hazard. When viewing the output optical port, power must be removed from the network adapter.
-2
or 8 x 103 W m2 sr-1.
-6
watts.
CoreWatch User’s Manual 7
Page 8
DECLARATION OF CONFORMITY
ADDENDUM
Application of Council Directive(s): 89/336/EEC
Manufacturer’s Name: Cabletron Systems, Inc.
Manufacturer’s Address: 35 Industrial Way
European Representative Name: Mr. J. Solari
European Representative Address: Cabletron Systems Limited
Conformance to Directive(s)/Product Standards:
Notice
73/23/EEC
PO Box 5005 Rochester, NH 03867
Nexus House, Newbury Business Park London Road, Newbury Berkshire RG13 2PZ, England
EC Directive 89/336/EEC EC Directive 73/23/EEC EN 55022 EN 50082-1 EN 60950
Equipment Type/Environment: Networking Equipment, for
use in a Commercial or Light
Industrial Environment.
We the undersigned, hereby declare, under our sole responsibility, that the equipment packaged with this notice conforms _to the above directives.
Manufacturer Legal Representative in Europe Mr. Ronald Fotino Mr. J. Solari
Full Name Full Name Principal Compliance Engineer Managing Director - E.M.E.A.
Title Title Rochester, NH, USA Newbury, Berkshire, England
Location Location
CoreWatch User’s Manual 8
Page 9
Contents
Preface..................................................................................................... 17
About This Manual ................................................................................................................17
Who Should Read This Manual? .........................................................................................17
How to Use This Manual ......................................................................................................17
Related Documentation.........................................................................................................19
Chapter 1: A Look at CoreWatch ........................................................... 21
What Are CoreWatch’s Features?........................................................................................21
System Requirements ............................................................................................................22
CoreWatch Capabilities.........................................................................................................22
A Look at the Modes of CoreWatch ....................................................................................23
Which MIBs Does the SSR Support? ...................................................................................23
Chapter 2: CoreWatch Installation ........................................................ 25
Installing CoreWatch.............................................................................................................25
Installing on a Solaris System........................................................................................25
Installing on a Windows NT, Windows 95, or Windows 98 System ......................26
Chapter 3: Learning CoreWatch Basics.................................................. 27
Starting CoreWatch................................................................................................................27
Starting CoreWatch in Solaris.......................................................................................28
Starting CoreWatch in Windows NT, Windows 95, or Windows 98......................28
Starting CoreWatch from within SPECTRUM Enterprise Manager .......................28
Starting CoreWatch from within HP OpenView 5.x .................................................29
A Look at the CoreWatch Interface .....................................................................................29
Front Panel View.............................................................................................................30
A Look at the Modules............................................................................................31
Schematic View ...............................................................................................................32
Opening the Schematic View.................................................................................32
Using the Schematic View......................................................................................33
CoreWatch Menus ..........................................................................................................33
CoreWatch Toolbar.........................................................................................................33
CoreWatch Passwords...........................................................................................................33
Changing the Login Password......................................................................................34
Changing the Privileged Password..............................................................................34
Accessing Help .......................................................................................................................35
Exiting CoreWatch.................................................................................................................36
CoreWatch User’s Manual 9
Page 10
Contents
Chapter 4: Learning Configuration Expert Basics.................................37
What Is Configuration Expert?............................................................................................ 37
Starting Configuration Expert............................................................................................. 38
Starting Configuration Expert from the Front Panel View...................................... 38
Starting Configuration Expert in Solaris..................................................................... 38
Starting Configuration Expert in Windows NT, Windows 95, or Windows 98 ... 39
A Look at the Configuration Expert Window................................................................... 39
Configuration Tree......................................................................................................... 40
A Look at the Configuration Tree Icons .............................................................. 43
Wizards and Dialog Boxes............................................................................................ 43
Copying Configuration Settings with Drag-and-Drop.................................................... 44
Finding Objects...................................................................................................................... 44
Deleting Objects..................................................................................................................... 45
Order of Configuration Tasks.............................................................................................. 45
Saving and Applying Your Configuration Changes........................................................ 46
Saving Changes to a Configuration File: .................................................................... 46
Loading a Configuration File into an SSR.................................................................. 46
Retrieving a Configuration File from an SSR............................................................. 47
Exiting Configuration Expert .............................................................................................. 48
Chapter 5: Changing System Settings ................................................... 49
Providing System Information............................................................................................ 49
Configuring an SSR Chassis ................................................................................................ 50
Configuring Ports.................................................................................................................. 52
Configuring Global Settings on All Ports................................................................... 52
Configuring an Individual Port ................................................................................... 54
Configuring the SSR for a SYSLOG Server........................................................................ 57
Configuring for DNS ............................................................................................................ 59
Configuring the SSR for SNMP........................................................................................... 60
Setting Up a Target for SNMP Traps .......................................................................... 60
Establishing Community Strings................................................................................. 62
Chapter 6: Configuring SSR Bridging..................................................... 65
A Look at Bridging on the SSR............................................................................................ 65
Configuring the Bridging Mode of Ports........................................................................... 66
Configuring a Port for Flow-Based Bridging............................................................. 67
Configuring a Port for Address-Based Bridging....................................................... 68
Controlling the Aging State of SSR Bridging.................................................................... 70
Setting Up a Default Aging Timeout........................................................................... 70
Overriding the Default Timeout Interval on a Port.................................................. 71
Disabling Aging on a Port............................................................................................. 72
Enabling Aging on a Port.............................................................................................. 74
Setting Up STP on the SSR................................................................................................... 76
Defining STP Settings for SSR Bridging...................................................................... 77
Defining STP Attributes on an Individual Port......................................................... 78
Enabling STP on a Port.................................................................................................. 79
Disabling STP on a Port................................................................................................. 81
Configuring SmartTRUNK Behavior on the SSR ............................................................. 82
Defining SmartTRUNK Settings for SSR Bridging.................................................... 83
10 CoreWatch User’s Manual
Page 11
Contents
Chapter 7: Configuring VLANs on the SSR............................................ 87
A Look at VLANs on the SSR...............................................................................................87
VLAN Configuration Tips....................................................................................................88
Defining Access Ports and Trunk Ports..............................................................................89
Creating a Protocol-Based VLAN........................................................................................91
Creating a Port-Based VLAN...............................................................................................96
Modifying VLANs ...............................................................................................................100
Changing a Port-Based VLAN’s Name or ID...........................................................101
Changing a Protocol-Based VLAN’s Name, ID, or Protocol Binding...................102
Replacing an Interface’s VLAN..........................................................................................103
Changing Which Ports a VLAN Includes.........................................................................103
Dragging Ports to Add Them to a VLAN .................................................................103
Adding and Removing a VLAN’s Ports Through a Dialog Box............................104
Chapter 8: Configuring IP Interfaces for the SSR ............................... 107
What Is IP? ............................................................................................................................107
A Look at IP Addresses................................................................................................108
Creating IP Interfaces ..........................................................................................................110
Creating IP Interfaces Bound to a Single Port ..........................................................110
Creating IP Interfaces Bound to a VLAN..................................................................116
Modifying IP Interface Definitions....................................................................................121
Configuring the SSR for VRRP...........................................................................................124
Specifying VRRP Trace Options.................................................................................125
Configuring a New VRRP Router ..............................................................................126
Modifying an Existing VRRP Router .........................................................................129
What to Do Next...................................................................................................................130
Chapter 9: Configuring Unicast Routing on the SSR.......................... 131
Configuring Unicast Global Parameters and Static Entries...........................................131
Setting Global Parameters for Unicast Routing........................................................132
Defining Static ARP Entries.........................................................................................133
Defining Static Route Entries ......................................................................................135
A Look at RIP Routing in the IP Environment................................................................137
What Is Preference? ......................................................................................................138
Configuring the SSR for RIP...............................................................................................139
Setting RIP Global Parameters....................................................................................139
Defining IP RIP Interfaces............................................................................................141
Adding Trusted Gateways ..........................................................................................144
Adding Source Gateways ............................................................................................145
What to Do Next...................................................................................................................145
Chapter 10: Configuring Multicast Routing on the SSR..................... 147
What Is DVMRP? .................................................................................................................147
Configuring DVMRP Routing on the SSR........................................................................148
Setting DVMRP Global Parameters on the SSR........................................................149
Configuring DVMRP Interfaces..................................................................................150
Defining DVMRP Tunnels...........................................................................................151
CoreWatch User’s Manual 11
Page 12
Contents
Enabling or Disabling DVMRP on Tunnels ............................................................. 153
What Is IGMP?..................................................................................................................... 154
Configuring IGMP Interfaces on the SSR ........................................................................ 155
Setting IGMP Global Parameters............................................................................... 155
Enabling or Disabling IGMP on Interfaces............................................................... 156
What to Do Next.................................................................................................................. 158
Chapter 11: Configuring the SSR for IPX Routes ................................ 159
What Is IPX?......................................................................................................................... 159
Creating IPX Interfaces....................................................................................................... 161
Creating IPX Interfaces Bound to a Single Port....................................................... 161
Creating IPX Interfaces Bound to a VLAN............................................................... 167
Modifying IPX Interface Definitions ................................................................................ 172
Configuring Static IPX SAP Entries.................................................................................. 175
What to Do Next.................................................................................................................. 178
Chapter 12: Configuring QoS on the SSR............................................ 179
What Is QoS?........................................................................................................................ 179
Establishing the SSR’s Queuing Policy ............................................................................ 180
Associating Precedences to Layer-3/Layer-4 Flows...................................................... 181
Assigning IP QoS Precedence............................................................................................ 181
Assigning IPX QoS Precedence.................................................................................. 183
Creating QoS Profiles.......................................................................................................... 184
Creating a QoS Profile for an IP Flow....................................................................... 185
Creating a QoS Profile for an IPX Flow .................................................................... 190
Creating a QoS Profile for a Layer-2 Flow................................................................ 195
Modifying QoS Profiles...................................................................................................... 199
Redefining an IP Flow ................................................................................................. 199
Redefining an IPX Flow Definition............................................................................ 200
Redefining a Layer-2 Flow Definition....................................................................... 201
Changing an IP or IPX Flow’s Interface List............................................................ 202
Adding or Deleting a Flow’s Interfaces through a Dialog Box...................... 203
Dragging an Interface to Apply a Flow to the Interface.................................. 204
Changing a Layer-2 Port List...................................................................................... 204
Chapter 13: Configuring Security on the SSR ..................................... 207
A Look at ACLs ................................................................................................................... 207
Setting IP Security ............................................................................................................... 208
Setting IPX Security............................................................................................................. 212
Configuring an IPX ACL............................................................................................. 212
Setting Up IPX RIP Filters........................................................................................... 217
Setting Up IPX SAP Filters.......................................................................................... 221
Applying ACLs to IP or IPX Interfaces............................................................................ 224
Copying an ACL to Apply It to an Interface............................................................ 225
Applying an ACL by Editing an Interface’s Definition.......................................... 226
Setting Layer-2 Security...................................................................................................... 228
Configuring Layer-2 Address Filters ........................................................................ 229
Configuring Layer-2 Port-to-Address Lock Filters................................................. 231
Configuring Layer-2 Static-Entry Filters .................................................................. 234
12 CoreWatch User’s Manual
Page 13
Contents
Configuring Layer-2 Secure Port Filters....................................................................238
Modifying the SSR’s Security Settings..............................................................................241
Changing an ACL’s Name...........................................................................................242
Adding or Modifying ACL Rules...............................................................................243
Modifying Layer-2 Security Filters.............................................................................243
Modifying a Filter’s Settings ................................................................................243
Modifying a Filter’s Port Bindings......................................................................244
Chapter 14: Configuring OSPF on the SSR.......................................... 247
A Look at OSPF Routing on the SSR.................................................................................247
Setting OSPF Global Parameters........................................................................................248
Configuring OSPF Area Tables...................................................................................249
Creating OSPF Area Tables..................................................................................250
Modifying Area Tables .........................................................................................267
Chapter 15: Configuring BGP on the SSR............................................ 269
BGP Overview ......................................................................................................................269
Configuring Your SSR for BGP..........................................................................................270
Setting BGP Global Parameters ..................................................................................270
Configuring a New BGP Peer Group.........................................................................271
Modifying an Existing BGP Peer Group....................................................................288
Chapter 16: Configuring Routing Policies on the SSR........................ 297
Routing Policies on the SSR................................................................................................297
RIP and OSPF Routing Policy Defaults ............................................................................297
Setting RIP Routing Policy Defaults...........................................................................298
Setting OSPF Routing Policy Defaults.......................................................................299
A Look at the Building Blocks of Routing Policies..........................................................300
Export Destination Building Blocks...........................................................................301
Configuring and Modifying RIP Export Destinations .....................................301
Configuring and Modifying OSPF Export Destinations..................................303
Configuring and Modifying BGP Export Destinations....................................304
Aggregate Destination Building Blocks.....................................................................306
Configuring Aggregate Destinations..................................................................306
Modifying Aggregate Destinations.....................................................................308
Export Source Building Blocks....................................................................................309
Configuring and Modifying RIP Export Sources..............................................309
Configuring and Modifying OSPF Export Sources ..........................................311
Configuring and Modifying BGP Export Sources ............................................312
Configuring and Modifying Autonomous System Path Export Sources......314
Configuring and Modifying Tag Export Sources..............................................316
Configuring and Modifying Direct Export Sources .........................................318
Configuring and Modifying Static Export Sources...........................................319
Configuring and Modifying Aggregate Export Sources..................................321
Import Source Building Blocks ...................................................................................322
Configuring and Modifying RIP Import Sources .............................................323
Configuring and Modifying OSPF Import Sources..........................................325
Configuring and Modifying BGP Import Sources............................................327
Configuring and Modifying Aggregate Source Building Blocks...........................329
CoreWatch User’s Manual 13
Page 14
Contents
IP Route Filter Building Blocks .................................................................................. 330
Configuring IP Route Filters ............................................................................... 331
Modifying IP Route Filters .................................................................................. 333
Configuring and Modifying Optional Attribute Building Blocks ........................ 334
Export Policies ..................................................................................................................... 335
Configuring Export Policies ....................................................................................... 336
Modifying Export Policies .......................................................................................... 341
Import Policies..................................................................................................................... 342
Configuring Import Policies....................................................................................... 342
Modifying Import Policies.......................................................................................... 346
Aggregate Policies............................................................................................................... 347
Configuring Aggregate Policies................................................................................. 347
Modifying Aggregate Policies.................................................................................... 352
Redistribute Policies............................................................................................................ 353
Configuring Redistribute Policies.............................................................................. 353
Modifying Redistribute Policies................................................................................. 357
Summarize Routes .............................................................................................................. 358
Configuring Summarize Routes ................................................................................ 358
Modifying Summarize Routes ................................................................................... 362
Chapter 17: Checking System Status ................................................... 365
Obtaining Chassis Information ......................................................................................... 365
Obtaining Port Information............................................................................................... 366
Obtaining Trap Information .............................................................................................. 368
Obtaining SmartTRUNK Information.............................................................................. 369
Chapter 18: Monitoring Real-Time Performance ................................371
Monitoring System Performance ...................................................................................... 371
Setting the Scaling of Dials ......................................................................................... 373
Monitoring Port Utilization ............................................................................................... 374
Obtaining Statistics About an Individual Port................................................................ 376
Obtaining Packet Statistics.......................................................................................... 377
Obtaining Port Byte Statistics..................................................................................... 378
Obtaining Port Error Statistics ................................................................................... 379
Monitoring IP Interface Statistics...................................................................................... 381
Obtaining IP Packet Statistics..................................................................................... 381
Obtaining IP Reassembly Statistics ........................................................................... 382
Obtaining IP Error Statistics....................................................................................... 384
Monitoring IPX Interface Statistics................................................................................... 385
Obtaining IPX Packet Statistics .................................................................................. 386
Obtaining IPX Error Statistics............................................................................................ 387
Using the Graph Toolbar.................................................................................................... 389
Chapter 19: Checking the Status of Bridge Tables .............................391
Obtaining VLAN Information........................................................................................... 391
Obtaining STP Port Information ....................................................................................... 392
Obtaining L2 Interface Information.................................................................................. 394
14 CoreWatch User’s Manual
Page 15
Contents
Chapter 20: Checking the Status of Routing Tables........................... 397
Checking IP Routing Status................................................................................................397
Obtaining IP Interface Information............................................................................398
Obtaining IP Forwarding Information ......................................................................399
Checking IPX Routing Status .............................................................................................400
Obtaining IPX Interface Information .........................................................................401
Obtaining IPX Forwarding Information....................................................................403
Checking OSPF Routing Status..........................................................................................405
Obtaining OSPF Interface Information......................................................................405
Obtaining OSPF Area Information.............................................................................409
Obtaining OSPF Neighbor Information ....................................................................410
Obtaining OSPF Link-State Database Information ..................................................412
Obtaining OSPF Area Aggregate Information .........................................................414
Checking RIP Routing Status .............................................................................................416
Obtaining RIP Interface Information .........................................................................416
Obtaining RIP Peer Information.................................................................................417
Checking DVMRP Routing Status.....................................................................................419
Obtaining DVMRP Interface Information.................................................................419
Obtaining DVMRP Neighbor Information................................................................421
Obtaining DVMRP Routing Information..................................................................423
Obtaining DVMRP Next Hop Information...............................................................424
Checking IGMP Status ........................................................................................................425
Obtaining IGMP Interface Information.....................................................................426
Obtaining IGMP Cache Information..........................................................................428
Chapter 21: Checking the Status of QoS Tables................................. 431
Obtaining Layer-2 Priority Information ...........................................................................431
Obtaining Flow Priority Information................................................................................433
Obtaining Layer-2 Switching Information.......................................................................435
Obtaining Layer-3 and Layer-4 Switching Information.................................................436
Chapter 22: Obtaining Reports............................................................ 439
Saving Multiple Tables as a Report...................................................................................439
Saving a Single Table as a Report......................................................................................441
Appendix A: Working with Tables ...................................................... 443
Finding Text in a Table........................................................................................................443
Controlling the Contents of Tables....................................................................................444
Refreshing a Table................................................................................................................445
Restoring Table Information...............................................................................................445
Obtaining Table Records.....................................................................................................445
Saving a Single Table as a Report......................................................................................445
Exporting Data from a Table..............................................................................................446
Sorting Table Information...................................................................................................446
Appendix B: CoreWatch Menus........................................................... 447
File Menu...............................................................................................................................447
Monitor Menu.......................................................................................................................448
CoreWatch User’s Manual 15
Page 16
Contents
Performance State Submenu....................................................................................... 448
System State Submenu ................................................................................................ 450
Bridging State Submenu.............................................................................................. 450
Routing State Submenu............................................................................................... 451
QoS State Submenu...................................................................................................... 453
Window Menu.....................................................................................................................454
Help Menu............................................................................................................................ 454
Appendix C: Supported Regular Expressions...................................... 457
Appendix D: Error Messages................................................................ 461
Missing or Invalid Field Error Messages ......................................................................... 461
Duplicate Objects Error Messages .................................................................................... 465
Already Exists or in Use Error Messages......................................................................... 465
Unavailable Objects Error Messages................................................................................ 466
Miscellaneous Error Messages .......................................................................................... 467
Glossary .................................................................................................473
Index ......................................................................................................483
16 CoreWatch User’s Manual
Page 17
About This Manual
This manual provides a general overview of CoreWatch and provides procedures for using that application to configure and monitor a SmartSwitch Router (SSR). For product information not available in this manual, see the manuals listed in “Related
Documentation” on page 19.
Who Should Read This Manual?
Read this manual if you are responsible for configuring or monitoring the SSR and you want to do so using CoreWatch rather than using Command Line Interface (CLI) commands.
How to Use This Manual
Preface
If You Want To See
Get an overview of CoreWatch Chapter 1 on page 21
Start CoreWatch or familiarize yourself with other basic tasks and the CoreWatch interface
Start Configuration Expert and familiarize yourself with its interface
Change system information that is needed before an SSR can be configured
Configure bridging on the SSR Chapter 6 on page 65
Configure virtual local area networks (VLANs) on the SSR Chapter 7 on page 87
Configure Internet Protocol (IP) interfaces that you want to use for unicast or multicast routing
Configure the SSR for the Routing Information Protocol (RIP)
CoreWatch User’s Manual 17
Chapter 3 on page 27
Chapter 4 on page 37
Chapter 5 on page 49
Chapter 8 on page 107
Chapter 9 on page 131
Page 18
Preface
If You Want To See
Configure the SSR for the Distance Vector Multicast
Chapter 10 on page 147
Routing Protocol (DVMRP) and Internet Group Management Protocol (IGMP), which IP uses to perform multicast routing
Configure Internet Packet Exchange (IPX) routes on the
Chapter 11 on page 159
SSR
Configure Quality of Service (QoS) policies Chapter 12 on page 179
Configure security on the SSR Chapter 13 on page 207
Read an overview of OSPF routing and configure OSPF on
Chapter 14 on page 247
the SSR
Configure BGP on the SSR Chapter 15 on page 269
Configure Routing Policies on the SSR Chapter 16 on page 297
Check the status of the SSR chassis and ports Chapter 17 on page 365
Monitor real-time performance on the SSR Chapter 18 on page 371
Display tables that contain bridge information and data
Chapter 19 on page 391
about the SSR’s VLANs
Display tables that contain information about the routing
Chapter 20 on page 397
protocols you are using on the SSR
Obtain information about Layer-2, Layer-3, and
Chapter 21 on page 431
Layer-4
Obtain boot log information to perform fault monitoring Chapter 20 on page 329
Obtain reports that include information CoreWatch
Chapter 22 on page 439
displays in its tables
Work in CoreWatch tables Appendix A on page 443
Learn about the commands available on each CoreWatch
Appendix B on page 447
menu
Learn about the regular expressions CoreWatch supports Appendix C on page 457
Obtain information about CoreWatch error messages Appendix D on page 461
18 CoreWatch User’s Manual
Page 19
Related Documentation
The Cabletron Systems documentation set includes the following items. Refer to these other documents to learn more about your product.
For Information About See the
Preface
The SmartSwitch Router (SSR) features and the procedures for installing the SSR and setting it up for management using CoreWatch software.
How to use Command Line Interface (CLI) commands to configure and manage the SSR
The complete syntax for all CLI commands SmartSwitch Router Command
SYSLOG messages and SNMP traps SmartSwitch Router Error
SmartSwitch Router Getting Started Guide
SmartSwitch Router User Reference Manual
Line Interface Reference Manual
Reference Manual
CoreWatch User’s Manual 19
Page 20
Preface
20 CoreWatch User’s Manual
Page 21
Chapter 1
A Look at
CoreWatch
Cabletron Systems’ CoreWatch is a comprehensive, easy-to-use, device management and configuration application for SmartSwitch Routers (SSRs). Based on Java Programming Language, CoreWatch provides configuration, monitoring, and reporting capabilities with the assistance of wizards, dialog boxes, and drag-and-drop operations.
CoreWatch provides access to Configuration Expert, a utility that makes tasks such as configuring routers, virtual local area networks (VLANs), application-level Quality of Service (QoS) policies, and security filters simple and easy.
You can run CoreWatch in the Solaris, Windows NT, Windows 95, or Windows 98 environments.
This chapter:
summarizes the features of CoreWatch.
describes the system requirements of CoreWatch.
provides an overview of CoreWatch capabilities.
discusses the different modes of CoreWatch.
provides a list of the Management Information Bases (MIBs) CoreWatch supports.
What Are CoreWatch’s Features?
CoreWatch management features include the following:
Java-based graphical user interface (GUI)
Simplified bridging configuration
CoreWatch User’s Manual 21
Page 22
Chapter 1: A Look at CoreWatch
Simplified routing configuration
Quality of Service (QoS) policy management
QoS is a set of parameters that assign priorities to different types of traffic, define flows for Internet Protocol (IP) and Internetwork Packet Exchange (IPX) packet fields, assign a precedence to the fields of the flows you define, and establish queuing policies
Configuration of security filters and access control lists (ACLs). An ACL is a list the SSR keeps to control access to or from various services
Drag-and-drop VLAN setup and administration
Detailed reporting in the hypertext markup language (HTML) format
System Requirements
CoreWatch can run in the Solaris, Windows NT, Windows 95, and Windows 98 environments. As shown in the following table, CoreWatch’s system requirements depend upon your operating system. The table identifies which browser to use with each operating system and gives the minimum hardware requirements for each environment.
Table 1. CoreWatch system requirements
Solaris 2.5.1 or 2.6)
Browser
CPU
RAM
Disk
Netscape Navigator 3.0 or above Netscape Navigator 3.0 or above, or
Sparc20 or above Pentium 133 or above
128 MB 64 MB
40 MB Free 20 MB Free
CoreWatch Capabilities
CoreWatch lets you perform the following operations:
Access Configuration Expert, which is a Cabletron Systems utility that you use to configure your SSR as discussed later in this manual.
Perform the following monitoring tasks on the SSR as discussed later in this manual:
Monitor the status of an SSR’s ports, modules, power supplies, and other hardware
components.
Windows NT 4.0x, Windows 95,
or Windows 98
Microsoft Internet Explorer 4.0 or above
22 CoreWatch User’s Manual
Page 23
Check the status of each bridge table, routing table, and QoS table. These tables
contain information that CoreWatch obtains from MIBs it supports. (For a list of these MIBS, see “Which MIBs Does the SSR Support?” on page 23.)
Display messages stored in the SSR boot log.
SNMP is a protocol that provides support for monitoring and controlling network
devices, collecting statistics, and managing configurations, performance, and security. SNMP is mainly used by Transmission Control Protocol/Internet Protocol (TCP/IP) networks. (TCP/IP is a suite of protocols that provide a relatively simple way to connect computers and devices from different vendors on a worldwide internetwork.)
CoreWatch displays most monitoring information in tables and reports, but there is some data that is displayed in the form of graphs or dials.
A Look at the Modes of CoreWatch
CoreWatch can run in the following modes:
Chapter 1: A Look at CoreWatch
User, which is the mode CoreWatch automatically begins operating in after you log in
to CoreWatch. Use this mode to monitor the activity on the SSR or to obtain reports.
Configure, which is the mode you use to perform any of the following tasks:
Change system information
Configure bridging and VLANs
Set QoS policies
Set security filters
Configure multiple configuration databases as discussed later in this manual
You switch to the configure mode by starting Configuration Expert. Access to Configuration Expert is controlled by a password that your system administrator can set as discussed in “Changing the Privileged Password” on page 34.
Which MIBs Does the SSR Support?
CoreWatch obtains information from MIBs when displaying the CoreWatch tables discussed later in this manual. The SSR supports the following MIBs:
IETF Standard MIBs:
MIB2/RFC 1213 (r/w to system group and to snmpEnableAuthTraps only)
IETF Draft Standard MIBs:
OSPF-MIB/RFC 1850
CoreWatch User’s Manual 23
Page 24
Chapter 1: A Look at CoreWatch
BGP4-MIB/RFC 1657
RIPv2-MIB/RFC 1724
EtherLike-MIB/RFC 1643
BRIDGE-MIB/RFC 1493
IETF Proposed Standard MIBS:
IF-MIB/RFC 1573
IP-Group IPCIDRTable-MIB/RFC 2096
Experimental/Enterprise MIBs:
DOT1Q-VLAN-MIB/draft-jeya-vlan-8021q-mib-00.txt
IGMP/draft-ietf-idmr-igmp-mib-05.txt
DVMRP/draft-thaler-dvmrp-mib-04.txt
NOVELL RIP-SAP MIB
NOVELL IPX MIB
–CTRON-YAGO-CONFIG
–CTRON-YAGO-HARDWARE
–CTRON-YAGO-L2
–CTRON-YAGO-L3
CTRON-YAGO-SERVICE-STATUS
CTRON-YAGO-TRAP
Note: More information on these MIBs can be found at www.ietf.org and
www.cabletron.com.
24 CoreWatch User’s Manual
Page 25
Installing CoreWatch
You can install CoreWatch on a Solaris 2.5.1 or Solaris 2.6 running CDE, Windows NT, Windows 95, or Windows 98 system. The method you use to install CoreWatch depends on your environment. Separate discussions on installing CoreWatch in the Solaris or Windows environments follow.
Chapter 2
CoreWatch
Installation
Note:
CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating systems. Ensure that your Solaris system includes CDE before attempting to run CoreWatch.
Installing on a Solaris System
To install CoreWatch from a CD onto a Solaris 2.5.1 or 2.6 system running CDE:
1. If you plan to integrate CoreWatch with HP OpenView, be sure the HP OpenView
daemon is running. For details, see your HP OpenView documentation.
2. Insert the CoreWatch CD into your CD-ROM drive.
3. Log in as super user by entering the following command:
su - root
4. Ensure that you are in the appropriate subdirectory to access the CD-ROM by
entering the following command:
cd /cdrom/cdrom0
CoreWatch User’s Manual 25
Page 26
Chapter 2: CoreWatch Installation
5. Run the CoreWatch installation script by entering the following command:
install.sh
CoreWatch is installed in on your system in the /opt/CScw directory.
6. Add /opt/CScw/bin to your environment path.
For details on adding items to a path, see your Solaris documentation.
Installing on a Windows NT, Windows 95, or Windows 98 System
Note:
You must have Admin privileges to install CoreWatch on a Windows NT system.
To install CoreWatch on a Windows NT, Windows 95, or Windows 98 system:
1. If you plan to integrate CoreWatch with HP OpenView on a Windows NT system, be sure the HP OpenView daemon is running. For details, see your HP OpenView documentation.
2. Insert the CoreWatch CD into your CD-ROM drive.
3. After the CoreWatch installation wizard appears, click Next.
4. After reviewing the license agreement, click Yes to accept it.
5. Enter your name and your company’s name in the appropriate text boxes. Then click Next.
6. Specify the folder in which you want to install the software and click Next.
You can keep the default folder or click Browse and then browse to another folder.
7. Set up the type of installation by doing one of the following:
Choose Ty pi ca l to install the most common options.
Choose Compact to install the minimum files needed to run CoreWatch.
Choose Custom and click Next if you are an advanced user and want to specify
which files to install. Options with a check mark will be installed. Click to the left of an item to select or clear its check box.
8. Click Next.
9. Specify a name for the CoreWatch program group, which is Cabletron CoreWatch by default. Then click Next.
10. When the browser window reappears, close it.
11. Specify whether you want to view the CoreWatch readme file, then click Finish.
Options with a check mark will be performed. Click to the left of an item to select or clear its check box.
26 CoreWatch User’s Manual
Page 27
Chapter 3
Learning
CoreWatch Basics
Before using CoreWatch, you should be familiar with some basic CoreWatch tasks and be familiar with the application’s interface. This chapter
discusses starting CoreWatch.
provides an overview of the CoreWatch interface.
discusses changing CoreWatch passwords.
discusses how to access the CoreWatch online help.
explains how to exit CoreWatch.
For information on installing CoreWatch in Solaris and Windows environments, see
Chapter 2: “CoreWatch Installation” on page 25.
Starting CoreWatch
The method you use to start CoreWatch depends on whether you installed it in the Solaris or Windows environment. If you choose to integrate CoreWatch with SPECTRUM or HP OpenView during installation, you can start CoreWatch from within either system in both Solaris and Windows NT/Windows 95/Windows 98.
Caution:
packet to the SSR and that the SSR is configured for SNMP. For details on configuring SNMP on the SSR, see the SmartSwitch Router User Reference Manual.
Separate discussions on starting CoreWatch in the Solaris and Windows environments and from within SPECTRUM or HP OpenView follow.
CoreWatch User’s Manual 27
Before starting CoreWatch in any environment, be sure that you can send a ping
Page 28
Chapter 3: Learning CoreWatch Basics
Starting CoreWatch in Solaris
Note:
To start CoreWatch in the Solaris 2.5.1 or 2.6 environment:
1. Enter the following command at the Solaris prompt:
2. Type the name or IP address and community string for the SSR. If you do not know
3. Click OK.
CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating systems. Ensure that your Solaris system includes CDE before attempting to run CoreWatch.
CoreWatch
The Login Dialog dialog box appears.
Note:
this information, see your network administrator.
For details on the window that CoreWatch opens, see “A Look at the CoreWatch
Interface” on page 29.
If the CoreWatch command is not found, you can locate it in /opt/CScw/bin.
Starting CoreWatch in Windows NT, Windows 95, or Windows 98
To start CoreWatch in the Windows NT, Windows 95, or Windows 98 environment:
1. Choose the Start menu, select Programs, select Cabletron CoreWatch, and then choose CoreWatch. The Login Dialog dialog box appears.
Note:
2. Type the name or IP address and community string for the SSR. If you do not know this information, see your network administrator.
3. Click OK.
For details on the window that CoreWatch opens, see the “A Look at the CoreWatch
Interface” on page 29.
If you installed the program in a startup folder other than Programs > Cabletron CoreWatch, select that folder from the Start menu and then select CoreWatch.
Starting CoreWatch from within SPECTRUM Enterprise Manager
SPECTRUM Enterprise Manager is Cabletron Systems’ flexible and scalable network management platform based on leading-edge, object-oriented, artificial intelligence technology. SPECTRUM, which is available on Solaris and Windows NT, provides a suite of bundled applications as well as additional optional applications. The SSR is modeled in SPECTRUM using the SmartSwRtr model type. The SSR can be Auto-Discovered or
28 CoreWatch User’s Manual
Page 29
Chapter 3: Learning CoreWatch Basics
manually created in a SPECTRUM Topology View and then copied to an Organization and/or Location View.
To Start CoreWatch from within SPECTRUM:
1. Start SPECTRUM.
2. If you know the topology location for your SmartSwRtr model, proceed to that
location. Otherwise, open the Find View by choosing the View menu, selecting New View, and then selecting Find. Select Model-Type Name and enter the SmartSwRtr command to display all the SmartSwRtr models or select Network Address to display a particular model.
3. Bring up the menu for the SmartSwRtr model and select CoreWatch.
This starts CoreWatch using the SmartSwRtr model's network address and community name. For details on the window that CoreWatch opens, see “Front Panel View” on page
30.
Starting CoreWatch from within HP OpenView 5.x
HP OpenView 5.x is network node management software for the Solaris and Windows NT environments. If HP OpenView is integrated with CoreWatch, you may use HP OpenView to start CoreWatch and recognize your SSRs. HP OpenView is automatically integrated with CoreWatch when you install CoreWatch while the HP OpenView daemon is running.
To start CoreWatch from within HP OpenView:
1. Start HP OpenView.
2. Click a network node.
3. Select the Misc menu and then choose CoreWatch. The Login Dialog dialog box
appears.
4. Type the name or IP address and community string for the SSR. If you do not know
this information, see your network administrator
5. Click OK.
For details on the window that CoreWatch opens, see “Front Panel View” on page 30.
A Look at the CoreWatch Interface
CoreWatch offers two views of the SSR and runs in different modes that you should be familiar with before using CoreWatch. You may also find it helpful to know how to use the CoreWatch Toolbar before using CoreWatch. Separate discussions on each CoreWatch view, its modes, and the CoreWatch Toolbar follow.
CoreWatch User’s Manual 29
Page 30
Chapter 3: Learning CoreWatch Basics
Front Panel View
After you start CoreWatch, a Front Panel view similar to the following appears:
Legend
Figure 1. Front Panel view (SSR 8000)
The Front Panel view is a graphical representation of an SSR 8000's front-panel chassis. You can use this view to do the following:
Obtain port statistics
Configure ports
Check the status of ports
The legend identified in the previous figure includes the abbreviations described in the following table:
Table 2. Legend abbreviations
Abbreviation Description
PS1 Identifies the location of the SSR's main power supply.
PS2 Identifies the location of the SSR's redundant power supply.
CM Identifies the location of the SSR's Control Module.
CM/1 Indicates the location of slot 1 of the SSR chassis. Slot 1 can accept
either the SSR's Control Module or any module the SSR supports.
2 Indicates the location of slot 2 of the SSR chassis.
3 Indicates the location of slot 3 of the SSR chassis.
4 Indicates the location of slot 4 of the SSR chassis.
30 CoreWatch User’s Manual
Page 31
Table 2. Legend abbreviations (Continued)
Abbreviation Description
5 Indicates the location of slot 5 of the SSR chassis.
6 Indicates the location of slot 6 of the SSR chassis.
7 Indicates the location of slot 7 of the SSR chassis.
A Look at the Modules
In the Front Panel view, an SSR’s modules appear similar to the following figure. This figure is for an Ethernet 10/100BASE-TX module, but the information CoreWatch displays to represent a module depends on that module’s type.
Chapter 3: Learning CoreWatch Basics
Figure 2. Front Panel view of SSR’s ethernet 10/100BASE-TX module
Each port on an Ethernet 10/100BASE-TX module is represented by an object similar to the following figure. The upper-left light-emitting diode (LED) and the center LED of a port indicates whether the port is online.
Figure 3. Ethernet 10/100BASE-TX port
Each port on a Gigabit module (1000BASE-SX or 1000BASE-LX) is represented by an object similar to the following figure. The bottom LED of a port indicates whether the port is online.
Figure 4. Gigabit module (1000BASE-SX or 1000BASE-LX) port
The Front Panel view also includes online and offline LEDs similar to those on the physical chassis. Unlike their physical counterparts on the actual chassis, these LEDs do not change in the Front Panel view whenever a module goes online or offline.
CoreWatch User’s Manual 31
Page 32
Chapter 3: Learning CoreWatch Basics
Schematic View
The Schematic view, which looks similar to the following figure, is a graphical representation of an SSR's functions (such as bridging, switching, and routing services) and data objects (such as QoS flows). It also indicates which functions are active, inactive, or in error. The information in the Schematic view is updated every 30 seconds. The legend that appears at the bottom of the Schematic view indicates the scheme used to represent the various items displayed in that view.
Opening the Schematic View
To open the Schematic view, do one of the following:
Select the File menu and then choose Open Schematic View.
Click the Open Schematic View button on the CoreWatch toolbar.
32 CoreWatch User’s Manual
Figure 5. CoreWatch Schematic view
Page 33
Using the Schematic View
You can use the Schematic view to display the CoreWatch tables and dials discussed later in this manual, and configure QoS flows and security filters. To do so, perform one of the following operations:
Move the cursor to an object, click the right-mouse button, and choose a command
from the menu that appears.
Double-click a function or data object. CoreWatch then performs the default task for
that function or data object.
CoreWatch Menus
The CoreWatch menus are located at the top of the CoreWatch main window. Use the commands available on these menus to perform tasks in CoreWatch. For a description of each menu command, see Appendix B: “CoreWatch Menus” on page 447.
CoreWatch Toolbar
Chapter 3: Learning CoreWatch Basics
The CoreWatch toolbar is a set of buttons located at the top of the CoreWatch window. Clicking buttons in this toolbar performs some CoreWatch tasks quickly. The following figure identifies the function of each CoreWatch toolbar button. Details on the Schematic View, System Dashboard, Configuration Expert, Port Utilization Summary, reports, and online help are discussed later in this manual.
Provides Access to the System Dashboard
Opens the Schematic View
Figure 6. CoreWatch toolbar buttons
CoreWatch Passwords
If you can access Configuration Expert, you can change the following CoreWatch passwords:
Opens Configuration Expert
Displays the Port Utilization Summary
Opens CoreWatch Online Help
Creates HTML Reports
Login Password, which is the password you are prompted for when you start
CoreWatch.
CoreWatch User’s Manual 33
Page 34
Chapter 3: Learning CoreWatch Basics
Privileged Password, which is the password you are prompted for when you start Configuration Expert. This password logs you in to Configuration Expert so that you can then use that utility to configure your SSR.
Changing the Login Password
If you can access Configuration Expert, you can change your CoreWatch Login password. To change your Login password:
1. Select the Configure menu and choose Change Login Password.
2. If you are prompted for the Privileged password, enter it to start Configuration Expert. Otherwise, skip to step 3.
You are prompted for the Privileged password if you are not running CoreWatch in Configure mode.
3. After the Change Login Password form appears, enter your current Login password in the Old Password text box.
4. Enter your new password in the New Password and Re-enter New Password text boxes.
5. Click OK.
Changing the Privileged Password
If you can access Configuration Expert, you can change the Privileged password. To change the Privileged password:
1. Select the Configure menu and choose Change Privileged Password.
2. If you are prompted for the Privileged password, enter it to start Configuration Expert. Otherwise, skip to step 3.
You are prompted for the Privileged password if you are not running CoreWatch in the configure mode.
3. After the Change Privileged Password form appears, enter your current Privileged password in the Old Password text box.
4. Enter your new password in the New Password and Re-enter New Password text boxes.
5. Click OK.
34 CoreWatch User’s Manual
Page 35
Accessing Help
When using CoreWatch, you can access online help by choosing commands from the Help menu or clicking the Help button. If you click the Help button, CoreWatch displays help specific to the form, dialog box, or other item you are currently using. The following table describes the commands you can choose from the Help menu. As the table indicates, you can choose some commands directly from the Help menu and other commands from the Cabletron Web Site submenu.
Table 3. CoreWatch Help menu commands
Chapter 3: Learning CoreWatch Basics
Command Description
Cabletron Web Site submenu
Contents and Index
Glossary Opens the online help glossary for
Release Note Displays the release note(s) for your
Product News Displays information about Cabletron
White Papers Provides access to technical discussions
Frequently Asked Questions
Technical Support Displays information about how to
Send Feedback Displays a form that you may use to let
Opens CoreWatch Online Help.
CoreWatch.
version of CoreWatch.
Systems products.
of Cabletron Systems products.
Provides technical support for some issues or concerns that you may have while using CoreWatch.
contact Cabletron Systems technical support.
Cabletron Systems know what you think about its products. You can complete and send this form online.
CoreWatch User’s Manual 35
Cabletron Home Page
About CoreWatch Displays information about which
Displays the Cabletron Systems home page in your Web browser.
version of CoreWatch you are using.
Page 36
Chapter 3: Learning CoreWatch Basics
Exiting CoreWatch
To exit CoreWatch, select the File menu and choose Exit. CoreWatch prompts you to verify that you want to exit. Click the Quit button.
36 CoreWatch User’s Manual
Page 37
Chapter 4
Learning
Configuration
Expert Basics
You can use Cabletron’s Configuration Expert to produce configuration files for an SSR. Once you have set up a configuration file, you can load it into the SSR. This chapter:
provides an overview of Configuration Expert.
explains how to start Configuration Expert.
discusses the Configuration Expert window.
describes the different configuration files Configuration Expert uses.
explains the purpose of Configuration Expert’s wizards and dialog boxes.
discusses finding, copying, and deleting objects.
explains how to save and apply your changes.
discusses exiting Configuration Expert.
If you prefer to produce a configuration file for your SSR using commands instead of Configuration Expert, see the SmartSwitch Router Command Line Interface Reference Manual.
What Is Configuration Expert?
You can use Configuration Expert to perform the following tasks:
Change system information
Configure bridging polices
CoreWatch User’s Manual 37
Page 38
Chapter 4: Learning Configuration Expert Basics
Configure VLANs
Configure IP and IPX routing
Configure multicast routing
Set QoS policies
Set ACLs and security filters
Configure multiple configuration files on the SSR
Like CoreWatch, Configuration Expert is a Java-based GUI. This GUI offers drag-and­drop setup and administration for VLANs and ACLs. It also supports comprehensive configuration through wizards and dialog boxes.
Starting Configuration Expert
You can start Configuration Expert from the Front Panel view or independently in the Solaris or Windows operating environments. Separate discussions on starting Configuration Expert from the different environments follow.
Starting Configuration Expert from the Front Panel View
To save time navigating through your operating system, you can open Configuration Expert while in the CoreWatch front panel view.
To open Configuration Expert from the Front Panel view:
1. Select the File menu and choose Open Configuration Expert.
2. If the Configuration Expert Login dialog box appears, enter the Privileged password and click OK. The Configuration Expert window appears.
For details on this window, see “A Look at the Configuration Expert Window” on page 39.
Starting Configuration Expert in Solaris
Note:
To start Configuration Expert in the Solaris 2.5.1 or 2.6 environment:
Enter the following command at the Solaris prompt:
CoreWatch requires CDE to run properly on Solaris 2.5.1 and 2.6 operating systems. Ensure that your Solaris system includes CDE before attempting to run CoreWatch.
ConfigExpert
38 CoreWatch User’s Manual
Page 39
Chapter 4: Learning Configuration Expert Basics
The Configuration Expert window appears.
Note: If the ConfigExpert command is not found, you can locate it in
/opt/CScw/bin.
For details on this window, see “A Look at the Configuration Expert Window” on this
page.
Starting Configuration Expert in Windows NT, Windows 95, or Windows 98
To start Configuration Expert in the Windows NT, Windows 95, or Windows 98 environment:
Choose the Start menu, select Programs, select Cabletron CoreWatch, and then choose
ConfigExpert.
Note: If you installed the program in a startup folder other than Programs >
Cabletron CoreWatch, select that folder from the Start menu and then select
ConfigExpert.
For details on this window, see “A Look at the Configuration Expert Window” next.
A Look at the Configuration Expert Window
When you start Configuration Expert, a window similar to the following appears:
CoreWatch User’s Manual 39
Page 40
Chapter 4: Learning Configuration Expert Basics
Configuration tree Content of this pane changes depending on
The left pane of the Configuration Expert window includes the configuration tree, which you use to navigate to the objects (modules, ports, system, bridging, routing, and so on) you want to create, edit, or delete while configuring the SSR. For details on the configuration tree, see “Configuration Tree” next.
The contents of the right pane changes depending on what task you are performing in Configuration Expert. Initially the right pane contains the legend that describes some of the Configuration Expert icons. As you configure the SSR, the right pane will contain the wizard or dialog box necessary for the configuration task you are performing.
Configuration Tree
The configuration tree is a graphical representation of the SSR’s configuration. When you are configuring the SSR, you can use the configuration tree to view the contents of the configuration files so you can add, edit, or delete objects in those files.
You can view the contents of a configuration file by double-clicking its name or icon in the configuration tree. When you do so, Configuration Expert displays the file’s subtree. As shown in the following figure, a configuration file’s subtree includes system, bridging,
which task you are performing
Figure 7. Configuration Expert window
40 CoreWatch User’s Manual
Page 41
Chapter 4: Learning Configuration Expert Basics
routing, QoS, and security configuration objects. There are separate subtrees for each configuration file.
Double-clicking a configuration file displays that file’s subtree
Figure 8. Configuration tree
You navigate a subtree by double-clicking its objects or clicking the plus sign (+) of objects. As you do so, Configuration Expert expands the subtree to display the object’s contents. In the following figure, the System Configuration subtree has been expanded to display the contents of the Chassis Configuration object and the Module-1 object. As the figure shows, a plus sign (+) indicates an object can be expanded further and a minus sign (-) indicates an object cannot be expanded. You can close an expanded object by double­clicking it or clicking its minus sign (-).
CoreWatch User’s Manual 41
Page 42
Chapter 4: Learning Configuration Expert Basics
Minus sign (-) indicates an object cannot be expanded further
Display the contents of an object by double-clicking it to expand the subtree
Plus sign (+) indicates an object can be expanded to display its contents
Figure 9. Expanded configuration tree
While configuring the SSR, you can continue double-clicking subtree objects until you are able to select the object you want to add, edit, or delete. After you select a configurable object, the wizard or dialog box used to configure that object appears in the right pane of the Configuration Expert window.
42 CoreWatch User’s Manual
Page 43
A Look at the Configuration Tree Icons
The configuration tree uses the icons described in the following table to represent configuration tree objects, to indicate that there is a wizard or dialog box associated with an object, and to identify configuration file changes and errors:
Table 4. Configuration tree icons and descriptions
Icon Description
Represents a configuration file or configurable object, such as an interface, VLAN, QoS policy, ACL, and so on.
Double-clicking an object’s folder icon displays the contents of that object.
Represents a chassis module.
Double-clicking a module icon displays that module’s ports. However, this is not the case with the Control Module icon because there are no ports associated with the Control Module.
Represents a port.
Chapter 4: Learning Configuration Expert Basics
Indicates that a dialog box is associated with an object. You can configure the object by using its dialog box.
Indicates that a wizard is associated with an object. You can configure the object by using its wizard.
Wizards and Dialog Boxes
You can configure objects through wizards and dialog boxes, which are forms that prompt you for the appropriate configuration information.
Wizards take you step-by-step through the process of adding objects that are complex to configure. If you add an object using a wizard, there will be a wizard icon next to that object.
Property sheets are used to add easily configurable objects and also to modify the configuration settings of objects once they have been added. If there is a dialog box associated with an object, there will be a dialog box icon next to that object.
CoreWatch User’s Manual 43
Page 44
Chapter 4: Learning Configuration Expert Basics
Copying Configuration Settings with Drag-and-Drop
You can drag objects to copy their configuration settings. When using this method to copy ACLs or QoS profiles, you should remember that you drag ACLs to interfaces, but you drag interfaces to QoS profiles.
Note:
To drag objects to copy their configuration settings:
1. Navigate through the configuration tree until you locate the object possessing the
2. Navigate through the configuration tree until you locate the object to which you want
3. Select the object you want to copy, then drag that object to the object to which you
4. Release the mouse button to apply the configuration settings to the desired object.
Dragging an object from one location to another copies the object’s configuration settings. It does not move the object.
configuration settings you wish to copy.
to apply the configuration settings.
want to apply the configuration settings.
Configuration Expert displays a folder icon while you are dragging an object. A green check mark appears whenever the cursor is on an object to which the configuration settings can be applied.
Finding Objects
You can search for an object in the configuration tree by entering all or part of the name of an object you want to find. To find an object in Configuration Expert using a text-string search:
1. Select the Edit menu and choose Find Item. A Find Item dialog box similar to the following appears:
Figure 10. Find Item dialog box
2. Enter the string of text you would like to search for in the Find String in tree box.
3. If the text you are searching for is case sensitive, turn on the Match Case option.
44 CoreWatch User’s Manual
Page 45
4. If you wish to limit the range of your search to encompass only the immediate
subtree, turn on the Search only subtree option.
5. Click the Find Next button. Configuration Expert searches the current configuration
file (or the specified portion of it) for the text string you entered in step 2.
Deleting Objects
You can delete any object you add except for VLANs. To delete an object:
1. Select the object you want to delete.
2. Select the File menu and choose Delete Selection.
3. Click OK when Configuration Expert prompts you to verify whether you want to
delete the object.
Order of Configuration Tasks
Chapter 4: Learning Configuration Expert Basics
Perform configuration tasks in the following order:
1. Provide system information (such as the SSR’s name and location), define the SSR’s
ports, set up the SSR for a SYSLOG server and Domain Naming System (DNS) servers, and configure the SSR for SNMP traps. For details on performing these tasks, see Chapter 5: “Changing System Settings” on page 49.
2. Configure bridging on the SSR as discussed in Chapter 6: “Configuring SSR Bridging”
on page 65.
3. Group physical ports on the SSR by configuring VLANs as discussed in Chapter 7:
“Configuring VLANs on the SSR” on page 87.
4. If you are using the SSR in an IP environment, create IP interfaces and then configure
those interfaces for unicast or multicast routing.
For details on IP interfaces, see Chapter 8: “Configuring IP Interfaces for the SSR” on
page 107. For details on unicast routing, see Chapter 9: “Configuring Unicast Routing on the SSR” on page 13 1. For details on multicast routing, see Chapter 10: “Configuring Multicast Routing on the SSR” on page 147.
5. If you are using the SSR in an IPX environment, configure IPX interfaces as discussed
in Chapter 11: “Configuring the SSR for IPX Routes” on page 159.
6. If you want to control traffic on the SSR, configure the SSR’s QoS policies as discussed
in Chapter 12: “Configuring QoS on the SSR” on page 179.
7. If you want to set security on the SSR, define ACLs and Layer-2 security filters as
discussed in Chapter 13: “Configuring Security on the SSR” on page 207.
8. If you want to set OSPF on the SSR, configure the SSR’s OSPF behavior as discussed in
Chapter 14: “Configuring OSPF on the SSR” on page 247.
CoreWatch User’s Manual 45
Page 46
Chapter 4: Learning Configuration Expert Basics
Saving and Applying Your Configuration Changes
When you finish working in Configuration Expert you will have to save your changes in the form of a configuration file, then load them into the SSR.
Saving Changes to a Configuration File:
To save your configuration changes:
1. Select the File menu and choose Save As. The Save Configuration dialog box opens.
Figure 11. Save Configuration dialog box
2. Navigate to the directory in which you wish to store your configuration file and do one of the following:
Select on one of the existing configuration files and click the Save button to
overwrite it.
Type the name of the new configuration file you wish to add to the directory and
click the Save button.
Loading a Configuration File into an SSR
Once you have created a new configuration file, you can use Configuration Expert to load it into your SSR as both the startup and active configuration file.
46 CoreWatch User’s Manual
Page 47
Chapter 4: Learning Configuration Expert Basics
To load a configuration file into the SSR:
1. Select the File menu and choose Apply Config. An Apply Configuration dialog box
similar to the following appears:
Figure 12. Apply Configuration dialog box
2. Do one of the following:
If you are already in the appropriate directory, enter the name of the configuration
file you wish to apply to the SSR in the Configuration file box.
Choose the Browse button, navigate to the directory containing the configuration
file you wish to apply to the SSR, and select it.
3. Enter the IP address and community string for the SSR in the Switch Name/IP box
and Community String boxes, respectively.
4. Choose the Apply Config button. Configuration Expert loads the specified
configuration file into the SSR as both the Startup and Active configuration files.
Retrieving a Configuration File from an SSR
Just as you can load configuration files into an SSR, you can retrieve the active configuration file from an SSR, as well.
To retrieve a configuration file from an SSR:
1. Select the File menu and choose Retrieve Config. A Retrieve Configuration dialog
box similar to the following appears:
CoreWatch User’s Manual 47
Page 48
Chapter 4: Learning Configuration Expert Basics
Figure 13. Retrieve Configuration dialog box
2. Enter the name of the configuration file you wish to retrieve from the SSR in the Configuration file box.
3. Enter the IP address and community string for the SSR in the Switch Name/IP box and Community String boxes, respectively.
4. Choose the Retrieve Config button. Configuration Expert retrieves the specified configuration file and opens it in the main Configuration Expert window.
Exiting Configuration Expert
To exit Configuration Expert and return to CoreWatch, click the button in the upper right of the Configuration Expert window.
If Configuration Expert prompts you to commit your changes because you have not already done so, click Yes. Then commit your changes as discussed in “Saving and
Applying Your Configuration Changes” on page 46.
48 CoreWatch User’s Manual
Page 49
Chapter 5
Changing System
Settings
You change system settings through the System Configuration object of a configuration file. This chapter discusses using Configuration Expert to perform the following tasks:
Providing system information to set the SSR’s name, identify who users should contact
regarding the SSR, and indicate the SSR’s location.
Configuring an SSR’s chassis
Configuring an SSR’s ports.
Configuring the SSR to send system messages to a SYSLOG server.
Configuring the SSR for Domain Naming System (DNS) servers.
Setting up targets for SNMP traps and establishing SNMP community strings for those
traps.
Providing System Information
Before setting up the SSR, you may want to set the SSR’s name, provide information about who users should contact regarding the SSR, and indicate where the SSR is located. To enter this system information:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.
3. Select the System Identification object.
CoreWatch User’s Manual 49
Page 50
Chapter 5: Changing System Settings
A System ID dialog box similar to the following appears:
Figure 14. System ID dialog box
4. Enter the SSR’s name, the name of the SSR administrator, and the location of the SSR in the appropriate text boxes.
5. Click OK.
Configuring an SSR Chassis
One of the first tasks you must perform when you create a new configuration file for your SSR is to properly configure the chassis, which will be the foundation of your router's configuration file. Using Configuration Expert, you can determine which modules take up which slots in your router and so on.
To configure the chassis for your SSR:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s System Configuration object.
3. Double-click the Chassis Configuration object. A Chassis Configuration dialog box similar to the following appears in the right hand frame of the Configuration Expert window:
50 CoreWatch User’s Manual
Page 51
Chapter 5: Changing System Settings
Figure 15. Chassis Configuration dialog box
4. Specify whether you are setting up a configuration file for a 2-slot, 8-slot, or 16-slot
router by selecting the appropriate option.
5. Specify which type of module you want to configure for a given slot by taking the
following steps:
a. Click on one of the router's empty (blank) slots to select it.
If you accidentally select a slot other than the one you intended, simply click it again to deselect it.
b. Click one of the four module type buttons to assign that module to the slot you
selected in step a. The four currently available module types are: 10/100-TX, 100- FX-M, Gigabit-SX, and Gigabit-LX.
If you accidentally assign a module other than the one you intended to a given slot, you can reverse that assignment by clicking on the slot and then choosing the Delete button.
c. Repeat step a and step b until you have configured all of the necessary slots for
your router.
6. Click OK.
CoreWatch User’s Manual 51
Page 52
Chapter 5: Changing System Settings
Configuring Ports
Configuration Expert lets you enable and disable ports as well as configure the following characteristics:
Operating mode (half-duplex or full-duplex).
In half-duplex mode, a port can transmit data in only one direction at a time between two stations.
In full-duplex mode, a port can simultaneously send and receive data.
Port speed (10-Mbps or 100-Mbps). This parameter applies only to ports on the 10/100 modules.
Auto negotiation (for Gigabit Ethernet ports)
Hash mode, which controls the distribution of flow entries in Layer-2 and Layer-3 lookup tables. (For more information on hash modes, see “Configuring Global Settings
on All Ports” on page 52.)
Note:
You can configure global settings for all SSR ports as well as configure individual ports. If most of an SSR’s ports are to be configured with the same or similar settings, you can first apply global settings to all ports and then modify those settings on individual ports as needed. Separate discussions on configuring default settings for all ports and configuring an individual port follow.
Cabletron has configured the SSR’s hash mode to its optimal setting. It is recommended you not change the hash mode unless advised to do so by Cabletron Technical Support.
Configuring Global Settings on All Ports
To configure global settings on all of the SSR’s ports:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s System Configuration object.
3. Double-click the Chassis Configuration object.
4. Click the Global Port Parameters object.
A Global Attributes of Ports dialog box similar to the following appears:
52 CoreWatch User’s Manual
Page 53
Chapter 5: Changing System Settings
Figure 16. Global Attributes of Ports dialog box
5. If you want all Gigabit Ethernet ports to detect and then use the operating mode and
speed of the network segment to which those ports are connected, select the Auto Negotiate Port Speed and Mode check box. Otherwise, clear the check box to disable auto negotiation on all Gigabit Ethernet ports.
All Gigabit Ethernet ports use auto negotiation. If auto negotiation is not set on a Gigabit Ethernet port, that port uses the full-duplex mode and operates at 1000 Mbps.
6. If you want to configure 10/100 Mbps Ethernet ports, do one of the following.
Otherwise, skip to step 7.
If you want all 10/100 Mbps Ethernet ports to detect and then use the operating
mode or speed of the network segment to which the port is connected, select the appropriate Autodetect options.
If you want to set all 10/100 Mbps Ethernet ports’ operating mode or speed to a
specific setting, select the appropriate buttons.
All 10/100 Mbps Ethernet ports use autodetection by default.
The 100 FX ports do not use auto-detection. They always use full-duplex mode and operate at 100 Mbps.
Note: If you select an operating mode or speed, the setting disables autodetection
for that parameter on the port. For example, if you set the speed of a segment to 10 Mbps, that segment no longer uses autodetection for the port speed and will always attempt to operate at 10 Mbps.
CoreWatch User’s Manual 53
Page 54
Chapter 5: Changing System Settings
7. Set the Layer 2 hash mode for all ports. The hash mode controls the distribution of flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the value 0011:2233:4455, the following list describes the various hash modes.
M0 – 0011:2233:4455
M1 – 0011:2233:5544
M2 – 0011:3322:4455 (default hash mode)
M3 – 1100:2233:4455
Note: Cabletron has configured the SSR’s hash mode to its optimal setting. It is
recommended you not change the hash mode unless advised to do so by Cabletron Technical Support.
8. Click OK.
Configuring an Individual Port
Configure an individual port if you want to enable or disable that port or set the port’s physical characteristics. To configure an individual port:
1. Start Configuration Expert if you have not already done so.
Note: If you open Configuration Expert by clicking a port in the Front Panel view,
Configuration Expert assumes you want to modify that port in the Active Configuration file and automatically opens that port’s dialog box. If you are modifying that port in the Active Configuration file, go to step 6.
2. Open the configuration file you want to modify and then double-click that file’s System Configuration object.
3. Double-click the Chassis Configuration object.
A list of modules similar to the following appears.
.
54 CoreWatch User’s Manual
Figure 17. Sample list of modules
Page 55
Chapter 5: Changing System Settings
4. Double-click the module on which the port you want to configure is located.
The module’s port list appears. The number of ports in the list depends on the module type.
Figure 18. Sample port list
5. Select the port you want to configure.
CoreWatch User’s Manual 55
Page 56
Chapter 5: Changing System Settings
A Physical Attributes of Port dialog box similar to the following appears:
Figure 19. Physical Attributes of Port dialog box
6. Specify whether you want to enable or disable the port by selecting the appropriate option button.
Disabled ports do not send or receive any traffic. You might want to disable unused ports to prevent network users from inadvertently or unscrupulously connecting to unoccupied but enabled ports on the SSR.
7. Do one of the following:
If you want the port to detect and then use the operating mode and speed of the
network segment to which the port is connected, select the Autodetect Port Duplex Mode and Speed check box. Otherwise, clear the check box to disable autodetection on the port.
All 10/100 Mbps Ethernet and Gigabit Ethernet ports use autodetection by default.
The 100 FX ports do not use auto-detection. They always use full-duplex mode and operate at 100 Mbps.
If you want to set the port’s operating mode or speed to a specific setting, select the
appropriate buttons.
Note: If you select an operating mode or speed, the setting disables autodetection
for that parameter on the port. For example, if you set the speed of a segment to 10-Mbps, that segment no longer uses autodetection for the port speed and will always attempt to operate at 10-Mbps.
56 CoreWatch User’s Manual
Page 57
Chapter 5: Changing System Settings
8. Set the Layer 2 hash mode for the port. The hash mode controls the distribution of
flow entries in Layer-2 and Layer-3 lookup tables. Assuming a MAC address of the value 0011:2233:4455, the following list describes the various hash modes:
M0 – 0011:2233:4455
M1 – 0011:2233:5544
M2 – 0011:3322:4455 (default hash mode)
M3 – 1100:2233:4455
Note: Cabletron has configured the SSR’s hash mode to its optimal setting. It is
recommended you not change the hash mode unless advised to do so by Cabletron Technical Support.
9. Click OK.
Configuring the SSR for a SYSLOG Server
You can configure the SSR to send system messages to a SYSLOG server. To do so, identify the server the SSR is to send messages to and also specify the type of messages that the SSR is to send. On the SYSLOG server, you can decide whether to discard the messages, write them to a file, or send them out to the console.
To configure the SSR for a SYSLOG server:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.
3. Select the System Log object.
CoreWatch User’s Manual 57
Page 58
Chapter 5: Changing System Settings
A System Log dialog box similar to the following appears:
Figure 20. System Log dialog box
4. Enter the host name or IP address of the SYSLOG server.
5. Select the level of messages you want the SSR to log. You may select one of the levels described in the following table:
Table 5. SYSLOG error message levels
Level Description
Fatal Logs only fatal messages.
Error Logs fatal messages and error messages.
Warning Logs fatal messages, error messages, and warning messages. This is
the default.
Information Logs all messages, including informational messages.
6. Click OK.
58 CoreWatch User’s Manual
Page 59
Configuring for DNS
As an alternative to a host table on every system, some networks use a centralized Domain Naming System (DNS) server to maintain name-to-IP-address mappings. You may configure the SSR to reach up to three DNS servers. When doing so, you can also specify the domain name the SSR uses for each DNS query and the order in which the SSR searches for the specified DNS servers.
To configure the SSR for DNS servers:
1. Make sure there is a network connection to the DNS servers you want the SSR to use.
You can do so by sending a ping packet to those servers.
2. Start Configuration Expert if you have not already done so.
3. Open the configuration file you want to modify and then double-click that file’s
System Configuration object.
4. Select the DNS Configuration object.
A System Configuration DNS dialog Box similar to the following appears:
Chapter 5: Changing System Settings
5. Specify which DNS servers you want the SSR to use by taking the following steps to
add those servers. When the SSR searches for DNS servers, it will do so using the order in which those servers were added.
a. In the Domain text box, enter the name of the domain on which the DNS server
you want to add is an authority.
CoreWatch User’s Manual 59
Figure 21. System Configuration DNS dialog box
Page 60
Chapter 5: Changing System Settings
b. In the Name Server Search Order text box, enter the IP address of the DNS server
you want to add. Then click the Add button.
You can specify the address in dotted-decimal notation.
After you click the Add button, Configuration Expert adds the specified server to the list.
c. If you want to configure the SSR for additional DNS servers, repeat step a and
step b until you add up to three DNS servers.
If you add a server and then later want to remove it, you may do so by selecting its name in the list and then clicking the Delete button.
6. Click OK.
Configuring the SSR for SNMP
The Simple Network Management Protocol (SNMP) provides support for monitoring and controlling network devices, collecting statistics, and managing configurations, performance, and security. SNMP is mainly used by TCP/IP networks.
You configure the SSR for SNMP by performing the following tasks:
Setting up targets for SNMP traps. A target is a management station to which the SSR sends SNMP traps, which are messages that describe an event (such as restarting the SSR or a link going down).
Establishing community strings that SNMP management stations must supply to access the SSR.
Separate discussions on these SNMP tasks follow.
Setting Up a Target for SNMP Traps
Set up a target for SNMP traps to specify to which server you want the SSR to send SNMP traps. To set up an SNMP trap target on the SSR:
1. Make sure there is a network connection to the server to which you want the SSR to send SNMP traps. You can do so by sending a ping packet to the desired server.
2. Start Configuration Expert if you have not already done so.
3. Open the configuration file you want to modify and then double-click that file’s System Configuration object.
4. Double-click the SNMP Configuration object.
5. Configuration Expert displays the SNMP Trap Target and SNMP Community String objects.
60 CoreWatch User’s Manual
Page 61
Chapter 5: Changing System Settings
6. Double-click the SNMP Trap Target object.
7. Do one of the following:
If you are configuring a new trap target, select the Configure New Trap Target
object from the list of trap targets.
If you are modifying an existing trap target, select it from the list that appeared
after you expanded the SNMP Trap Target object.
An SNMP Trap Target dialog box similar to the following appears:
Figure 22. SNMP Trap Target dialog box
8. Enter the IP address of the management station from which you want to be able to
access the traps.
Note: The target IP address should be for a management station locally attached to
the SSR. Cold start traps might not reach their destination if the target requires dynamic route table entries to be forwarded correctly. The system will retry for four minutes.
9. In the Community String text box, enter the SNMP community for which you are
setting the trap target.
10. Click OK.
CoreWatch User’s Manual 61
Page 62
Chapter 5: Changing System Settings
Establishing Community Strings
SNMP management stations that want to access the SSR must supply a community string that you establish on the SSR. You can establish an SSR community string by specifying the string’s name and selecting the access privileges for that string. To establish community strings on the SSR:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s System Configuration object.
3. Double-click the SNMP Configuration object.
Configuration Expert displays the SNMP Trap Target and SNMP Community String objects.
4. Double-click the SNMP Community String object.
5. Do one of the following:
If you are configuring a new community string, select the Configure New
Community String object.
If you are modifying an existing community string, select it from the list of
community strings that appeared after you expanded the SNMP Community String object.
An SNMP Community Strings dialog box similar to the following appears:
62 CoreWatch User’s Manual
Figure 23. SNMP Community Strings dialog box
Page 63
Chapter 5: Changing System Settings
6. In the Community String text box, enter a character string for the community string.
7. Set the level of access to the SSR by selecting one of the options described in the
following table:
Table 6. Level-of-access options
Option Description
Read-only Allows SNMP GETs but not SNMP SETs on the SNMP management
stations that access the SSR through the specified community string.
Read-write Allows both SNMP GETs and SNMP SETs on the SNMP management
stations that access the SSR through the specified community string.
8. Click OK.
CoreWatch User’s Manual 63
Page 64
Chapter 5: Changing System Settings
64 CoreWatch User’s Manual
Page 65
Chapter 6
Configuring SSR
Bridging
The SSR provides bridging functions. This chapter
provides an overview of bridging on an SSR.
discusses configuring the bridging mode of ports. A port’s bridging mode determines
the contents of that port’s Layer-2 lookup table.
discusses controlling the aging state of SSR bridging. The SSR’s aging state determines
how long the SSR stores the MAC address information.
explains setting up the SSR for the Spanning Tree Protocol (STP), which the SSR uses
to work around loops.
explains using Configuration Expert to configure of SmartTRUNKing on the SSR.
A Look at Bridging on the SSR
The SSR uses transparent bridging to link together different segments of an Ethernet network.
In transparent bridging, the SSR operates as a learning bridge. As such, it monitors traffic on subnetworks to learn about destination locations, down bridges, traffic congestion, and other network information. This frees packets from having to carry routing information and permits the SSR to forward packets based on current network conditions.
As a learning bridge, the SSR stores the source MAC address of each packet it receives. This permits the SSR to forward future packets destined for a MAC address to be forwarded to the port on which the source address was found. It does not forward those packets to other ports, and thus reduces traffic on the network. If the SSR does not recognize a packet’s MAC address, however, it forwards that packet to every port.
CoreWatch User’s Manual 65
Page 66
Chapter 6: Configuring SSR Bridging
Configuring the Bridging Mode of Ports
You can configure ports to use either of the following bridging modes. Each port has a Layer-2 lookup table where MAC address or flows are stored. A port’s bridging mode determines the contents of each Layer-2 table entry. A port can use only one type of bridging at a time.
Flow-based bridging
If a port is configured for flow-based bridging, each Layer-2 table entry contains entries consisting of a source MAC address, destination MAC address, and VLAN ID.
Address-based bridging
If a port is configured for address-based bridging (the default), each Layer-2 table entry contains a unique destination MAC address and VLAN ID.
Suppose that a port on the SSR is connected to a hub that is connected to three workstations, A, B, and C. If each workstation is talking to one another and sending broadcast traffic, the Layer-2 table on the SSR’s port would contain the following entries for the workstations (assume that the VLAN ID is 1 for all entries):
Table 7. Bridging modes
Port Configuration Entries
Flow-based bridging MAC addresses A->B
MAC addresses A->C
MAC addresses B->A
MAC addresses B->C
MAC addresses C->A
MAC addresses C->B
MAC addresses A->broadcast
MAC addresses B->broadcast
MAC addresses C->broadcast
Address-based bridging MAC address A
MAC address B
MAC address C
MAC broadcast address
66 CoreWatch User’s Manual
Page 67
Configuring a Port for Flow-Based Bridging
To configure a port for flow-based bridging:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the Bridging Mode object.
A Bridging Mode dialog box similar to the following appears:
Chapter 6: Configuring SSR Bridging
Figure 24. Bridging Mode dialog box (flow-based bridging)
4. In the Address Mode list, double-click the module on which the port you want to
configure is located. Configuration Expert displays the module’s ports that are currently using address-based bridging. From the list of ports that appears, select the port that you want to configure.
CoreWatch User’s Manual 67
Page 68
Chapter 6: Configuring SSR Bridging
Note: Clicking a module in the Address Mode list rather than double-clicking it
selects all of the module’s ports that are currently using address-based bridging. Use this method if you are configuring all the ports on a module to use flow-based bridging.
5. Click the Add button.
Configuration Expert moves the selected port from the Address Mode list to the corresponding module in the Flow Mode list.
6. Click OK.
Configuration Expert adds the port to those found in the Flow Mode Bridging object, which is located in the Bridging Mode object.
Configuring a Port for Address-Based Bridging
Ports are configured to use address-based bridging by default. If you previously configured a port for flow-based bridging and later decide you want that port to use address-based bridging, you can change its bridging mode. To do so, take the following steps:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the Bridging Mode object.
A Bridging Mode dialog box similar to the following appears:
68 CoreWatch User’s Manual
Page 69
Chapter 6: Configuring SSR Bridging
Figure 25. Bridging Mode dialog box (address-based bridging)
4. In the Flow Mode list, double-click the module on which the port you want to
configure is located. Configuration Expert displays the module’s ports that are currently using flow-based bridging. From the list of ports that appears, select the port that you want to configure.
Note: Clicking a module in the Flow Mode list rather than double-clicking it selects
all of the module’s ports that are currently using flow-based bridging. Use
CoreWatch User’s Manual 69
Page 70
Chapter 6: Configuring SSR Bridging
this method if you are configuring all the ports on a module to use address­based bridging.
5. Click the Remove button.
Configuration Expert moves the selected port from the Flow Mode list to the corresponding module in the Address Mode list box.
6. Click OK.
Configuration Expert adds the port to those found in the Address Mode Bridging object, which is located in the Bridging Mode object.
Controlling the Aging State of SSR Bridging
The SSR ages learned MAC addresses in the Layer-2 lookup tables. Each port has its own Layer-2 lookup table. When a learned MAC address entry ages out, the SSR removes that entry from a port’s Layer-2 lookup tables unless you disable aging on that port.
You can control the aging of learned MAC address entries in the SSR’s Layer-2 lookup tables. To do so, use Configuration Expert to perform the following tasks:
Setting up an aging timeout that ports use by default. The SSR uses the aging timeout to determine how long to keep learned MAC addresses. Aging is a regulation mechanism the SSR uses to clean up MAC address entries that have not been used for awhile.
Overriding the default timeout interval. You do so by setting timeout intervals on any ports that are to use an interval different from the default aging timeout.
Disabling aging on a port if you do not want the SSR to remove MAC address entries from that port’s Layer-2 lookup table.
Separate discussions on each task follow.
Setting Up a Default Aging Timeout
You can set an aging time for learned MAC address entries that all ports use by default. When the aging time expires for a MAC address, the SSR removes the MAC address from the port that uses the default timeout. To set up a default aging timeout for MAC address entries:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the Aging Configuration object.
4. In the list of aging objects that appears, select the Default Aging Timeout object.
70 CoreWatch User’s Manual
Page 71
Chapter 6: Configuring SSR Bridging
A Default Aging Timeout dialog box similar to the following appears:
Figure 26. Default Aging Timeout dialog box
5. Enter the number of seconds that the SSR is to allow a learned MAC address to
remain in the Layer-2 lookup table.
You can specify from 15 to 1,000,000 seconds. The default is 300 seconds.
6. Click OK.
Overriding the Default Timeout Interval on a Port
As discussed in “Setting Up a Default Aging Timeout” on page 70, you can set an aging timeout for learned MAC address entries that ports use by default. You may override this default timeout if you want a port to use a different timeout interval. To override the timeout interval on a port:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the Aging Configuration object.
4. In the list of aging objects that appears, double-click the Aging Timeout Interval
object. Then select the Configure Aging Timeout on a New Port object that appears.
A Set Aging Timeout dialog box similar to the following appears:
CoreWatch User’s Manual 71
Page 72
Chapter 6: Configuring SSR Bridging
Figure 27. Set Aging Timeout dialog box
5. From the Module drop-down list, select the module containing the port you want to configure.
6. From the Port drop-down list, select the port you want to configure.
7. In the Tim eout box, enter the number of seconds that the SSR is to allow a learned MAC address to remain in the Layer-2 lookup table for the specified port.
You can specify from 15 to 1,000,000 seconds. The default is 300 seconds.
8. Click OK.
Disabling Aging on a Port
Disable aging on a port if you do not want the SSR to age MAC address entries in the port’s Layer-2 lookup tables.
Caution:
to become full because the SSR will not remove MAC addresses from those tables.
To disable aging on a port:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Disabling aging on a port may eventually cause the port’s Layer-2 lookup tables
Bridging Configuration object.
3. Double-click the Aging Configuration object.
72 CoreWatch User’s Manual
Page 73
Chapter 6: Configuring SSR Bridging
4. In the list of aging objects that appears, select the Aging State object.
A Bridge Aging State dialog box similar to the following appears:
Figure 28. Bridge Aging State dialog box
5. In the Aging State Enabled list, double-click the module on which the port you want
to disable is located. Configuration Expert displays the module’s ports on which aging is enabled. From the list of ports that appears, select the port on which you want to disable aging.
CoreWatch User’s Manual 73
Page 74
Chapter 6: Configuring SSR Bridging
Note: Clicking a module in the Aging State Enabled list rather than double-clicking
it selects all of the module’s ports on which aging is currently enabled. Use this method if you want to disable aging on all of those ports.
6. Click the Add button.
Configuration Expert moves the selected port from the Aging State Enabled list to the corresponding module in the Aging State Disabled list.
7. Click OK.
Configuration Expert adds the port to those found in the Aging Disabled Ports object, which is located in the Aging State object.
Enabling Aging on a Port
The SSR removes aged MAC address entries from a port’s Layer-2 lookup table if aging is enabled on that port. Aging is enabled on all ports by default. Therefore, you do not need to enable aging on a port unless you previously disabled it and then later decide you want to enable it on that port again.
To enable aging on a port:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the Aging Configuration object.
4. In the list of aging objects that appears, select the Aging State object.
A Bridge Aging State dialog box similar to the following appears:
74 CoreWatch User’s Manual
Page 75
Chapter 6: Configuring SSR Bridging
Figure 29. Bridge Aging State dialog box
5. In the Aging State Disabled list, double-click the module on which the port you want
to enable is located. Configuration Expert displays the module’s ports on which aging is disabled. From the list of ports that appears, select the port on which you want to enable aging.
Note: Clicking a module in the Aging State Disabled list rather than double-
clicking it selects all of the module’s ports on which aging is currently disabled. Use this method if you want to enable aging on all of those ports.
CoreWatch User’s Manual 75
Page 76
Chapter 6: Configuring SSR Bridging
6. Click the Remove button.
Configuration Expert moves the selected port from the Aging State Disabled list to the corresponding module in the Aging State Enabled list.
7. Click OK.
Configuration Expert adds the port to those found in the Aging Enabled Ports object, which is located in the Aging State object.
Setting Up STP on the SSR
The SSR uses the Spanning Tree Protocol (STP) to dynamically discover a loop-free topology.
STP includes an algorithm that permits bridges to send Bridge Protocol Data Units (BPDUs). Unless a bridge is a root bridge, it uses the information in a BPDU to perform the following operations. (A root bridge is a bridge that uses STP to prevent loops by periodically exchanging topology information with other bridges.)
1. Select a root bridge.
2. Calculate the shortest path from itself to the root bridge.
3. Select a designated bridge.
A designated bridge is the bridge responsible for forwarding frames to a LAN segment.
4. Select a root port.
A root port is a port that provides the best path from the bridge to the root bridge.
5. Select which ports are included in a spanning tree.
On the SSR, you can enable STP per port. This approach offers flexibility. STP BPDUs that arrive on ports on which STP is disabled are forwarded only to ports which are part of the receiving port's VLAN.
You can set up STP on the SSR by performing the following tasks:
Note:
Defining STP settings for an SSR bridge.
Defining STP settings for individual ports.
STP is disabled on the SSR by default. If you want the SSR to use STP, you will need to define the different settings and enable STP.
Enabling and disabling STP on individual ports.
Separate discussions on these STP tasks follow.
76 CoreWatch User’s Manual
Page 77
Defining STP Settings for SSR Bridging
You can define global STP settings that the SSR uses for bridging. To define global STP settings:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the Spanning Tree Protocol object.
4. In the list of STP objects that appears, select the Global STP Settings object.
An STP Global Settings dialog box similar to the following appears:
Chapter 6: Configuring SSR Bridging
5. In the Bridging Priority box, enter the STP bridging priority for the SSR.
The bridging priority determines which bridge functions as the root bridge. You can specify a number from 0 to 65535. The bridge assigned the lowest value is the root bridge. The default is 32768.
6. In the Hello-time box, enter the number of seconds that you want to elapse between
the BPDUs STP sends.
Specify a number from 1to 10. The default is 2.
7. In the Msg Max Age box, enter the number of seconds you want to specify for the
SSR’s maximum age.
CoreWatch User’s Manual 77
Figure 30. STP Global Settings dialog box
Page 78
Chapter 6: Configuring SSR Bridging
The maximum age is the length of time the SSR keeps the STP-protocol information it receives. You can specify a number from 6 to 40. The default is 20.
8. In the Forward Delay box, enter the number of seconds you want to elapse between the transitions of the different STP states.
Specify a number from 4 to 30. The default is 15.
9. Click OK.
The SSR bridge will use the specified STP settings. However, individual ports also have STP settings that you can configure as discussed in “Defining STP Attributes on an
Individual Port” on page 78.
Defining STP Attributes on an Individual Port
In addition to the global STP settings discussed in “Defining STP Settings for SSR
Bridging” on page 77, the SSR uses the following STP attributes that are set on individual
ports.
•Port priority
The STP algorithm uses the port priority to determine which port to use if a bridge has two ports connected in a loop.
•Port cost
This attribute specifies how much a port contributes to the total cost of the path to the root bridge when the port is the root.
A port uses the default settings for these attributes. You may, however, change these default settings on individual ports. To change a port’s priority or cost:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the Spanning Tree Protocol object.
4. In the list of STP objects that appears, double-click the Port Specific STP Settings object.
Configuration Expert displays the Configure New Port object and objects for any previously configured ports.
5. Do one of the following:
If you are configuring a port’s STP attributes for the first time, select the Configure
STP Settings on a New Port object.
If you are modifying existing STP settings of a port, select that port’s object from
the list that appeared after you expanded the Port Specific STP Settings object.
78 CoreWatch User’s Manual
Page 79
Chapter 6: Configuring SSR Bridging
A Set STP Port Specific Settings dialog box similar to the following appears:
Figure 31. Set STP Port Specific Settings dialog box
6. From the Module drop-down list, select the module containing the port you want to
configure.
7. From the Port drop-down list, select the port you want to configure.
8. In the Cost box, enter the STP cost you are assigning to the ports.
Specify a number from 1 to 65535. The default depends on the port speed: 1 for Gigabit (100-Mbps) ports, 10 for 100-Mbps ports, and 100 for 10-Mbps ports.
9. In the Priority box, enter the priority you want to assign to the port.
Specify a number from 0 to 255. The default is 128.
10. Click OK.
Enabling STP on a Port
Enable STP on a port to eliminate the possibility of there being a loop on that port. To enable STP on a port:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the Spanning Tree Protocol object.
CoreWatch User’s Manual 79
Page 80
Chapter 6: Configuring SSR Bridging
4. In the list of STP objects that appears, select the STP Port State object.
A Bridging STP dialog box similar to the following appears:
Figure 32. Bridging STP dialog box (enabling STP)
5. In the STP Disabled Ports list, double-click the module containing the port you want to configure. Configuration Expert displays the module’s ports on which STP is disabled. From the list of ports that appears, select the port on which you want to enable STP.
80 CoreWatch User’s Manual
Page 81
Note: Clicking a module in the STP Disabled Ports list rather than double-clicking
it selects all of the module’s ports on which STP is currently disabled. Use this method if you want to enable STP on all of those ports.
6. Click the Add button.
Configuration Expert moves the selected port from the STP Disabled Ports list to the corresponding module in the STP Enabled Ports list.
7. Click OK.
Configuration Expert adds the port to those found in the STP Enabled Ports object, which is located in the STP Port State object.
Disabling STP on a Port
Disable STP on a port if the port does not need to participate in STP. To disable STP on a port:
1. Start Configuration Expert if you have not already done so.
Chapter 6: Configuring SSR Bridging
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the Spanning Tree Protocol object.
4. In the list of STP objects that appears, select the STP Port State object.
A Bridging STP dialog box similar to the following appears:
CoreWatch User’s Manual 81
Figure 33. Bridging STP dialog box (disabling STP)
Page 82
Chapter 6: Configuring SSR Bridging
5. In the STP Enabled Ports list, double-click the module containing the port you want to configure. Configuration Expert displays the module’s ports on which STP is enabled. From the list of ports that appears, select the port on which you want to disable STP.
Note: Clicking a module in the STP Enabled Ports list rather than double-clicking it
selects all of the module’s ports on which STP is currently enabled. Use this method if you want to disable STP on all of those ports.
6. Click the Remove button.
Configuration Expert moves the selected port from the STP Enabled Ports list to the corresponding module in the STP Disabled Ports list.
7. Click OK.
Configuration Expert adds the port to those found in the STP Disabled Ports object, which is located in the STP Port State object.
Configuring SmartTRUNK Behavior on the SSR
The SSR uses SmartTRUNKing to help maximize throughput with the help of load balancing and load sharing. A SmartTRUNK is a group of two or more ports that have been logically combined into a single port. Network traffic is divided across the ports in parallel to provide additional throughput, which provides increased throughput and link redundancy.
82 CoreWatch User’s Manual
Page 83
Chapter 6: Configuring SSR Bridging
Defining SmartTRUNK Settings for SSR Bridging
To set up the SSR to perform SmartTRUNKing:
1. Start Configuration Expert if you have not already done so.
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Double-click the SmartTRUNKing Configuration object.
4. Click the Configure New SmartTRUNKing Port object.
Configuration Expert opens the ARP wizard:
5. Click Next.
The SmartTRUNKing Name Entry panel appears:
6. Define the port(s) to be included in the SmartTRUNK by taking the following steps:
a. In the SmartTRUNKing Port box, enter a name for the port you wish to assign to
the SmartTRUNK.
The SmartTRUNKing port name is a string up to 32 characters long. You cannot begin a SmartTRUNKing port name with an underscore ( _ ) or the prefix “SYS_.'
b. Specify the Load Policy by selecting either the Least Loaded or Round Robin option.
c. Under Options, select either Protocol or Timeout. If you select the Protocol option,
CoreWatch User’s Manual 83
Figure 34. SmartTRUNKing Name Entry panel
Page 84
Chapter 6: Configuring SSR Bridging
you must also specify whether you wish to use the Hunt Group or no protocol by selecting the appropriate option from the drop-down list.
7. Click Next.
The Bound Port list panel appears:
Figure 35. Bound Port list panel
8. Add a port to the SmartTRUNK by doing the following:
a. In the Available Port list, double-click the module on which the port you want to
add is located. From the list of available ports that appears, select the port that you want to add.
84 CoreWatch User’s Manual
Page 85
Chapter 6: Configuring SSR Bridging
Figure 36. Expanded Bound Port list panel
b. Click the Add button.
Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list.
If you accidentally add a port that you do not want to include in the SmartTRUNK, you may remove it by double-clicking that port’s module in the Selected Port list. From the list of ports that appears, select the port you do not want in the SmartTRUNK, then click the Remove button.
9. Continue selecting ports and clicking the Add button until you have added all the
ports you want the SmartTRUNK to include.
Clicking a module rather than double-clicking it in a list box selects all of the module’s ports in that list box. This is a quick way to select all of a module’s ports if you want to add or remove them all at the same time.
10. Click Finish.
Configuration Expert adds the new SamrtTRUNK to the SmartTRUNKs found in the SmartTRUNKing object.
CoreWatch User’s Manual 85
Page 86
Chapter 6: Configuring SSR Bridging
86 CoreWatch User’s Manual
Page 87
Chapter 7
Configuring VLANs
on the SSR
You can configure VLANs to limit the scope of traffic on the SSR. This chapter
provides an overview of VLANs on the SSR.
lists tips that make VLAN configuration easy.
discusses defining ports for VLANs.
discusses creating the different VLANs the SSR supports.
describes copying ports to add them to a VLAN.
discusses modifying VLANs.
A Look at VLANs on the SSR
VLANs contain Layer-2 broadcast and multicast traffic. No traffic is allowed to cross VLAN boundaries unless it passes through routers. Once connected by routers, VLANs are equivalent to subnets.
VLANs are created by grouping a set of bridged ports together as part of one bridged network. Broadcasts from one of the ports in a VLAN are received by other ports in the group but not by any ports outside of the group. Similarly, unicast traffic is bridged only between ports in a group but not to ports outside of the group. Thus, traffic is not allowed to cross the group boundary. A bridge may have multiple VLANs defined thus appearing as multiple virtual bridges on the SSR.
The SSR supports the following types of VLANs. The VLAN type determines the type of traffic the SSR will forward on the VLAN.
CoreWatch User’s Manual 87
Page 88
Chapter 7: Configuring VLANs on the SSR
Protocol-based VLAN, which divides the physical network into logical VLANs based on one or more of the following protocols:
IP VLAN, which is a VLAN used for IP traffic.
IPX VLAN, which is a VLAN used for IPX traffic.
Bridged-protocol VLAN, which is a VLAN used for bridged protocols (such as
AppleTalk).
Port-based VLAN, which is a VLAN that is independent of the traffic type. Port-based VLANs treat IP, IPX, and bridged protocols alike.
The ports in a VLAN can be configured as one of the following:
Access ports
Access ports can belong to only one VLAN per protocol (IP, IPX, or a bridged protocol). This is the default for all ports.
On access ports, traffic is sent out without 802.1Q frame format.
Trunk ports
Trunk ports can belong to any number of VLANs. Use trunk ports when you want to connect SSR routers together and send traffic for multiple VLANs on a single network segment connecting the routers.
On trunk ports, traffic is always sent out with 802.1Q frame format.
VLAN Configuration Tips
The following list includes tips that you should keep in mind while configuring VLANs on an SSR as discussed later in this chapter:
You can quickly add ports to a VLAN, by copying ports as discussed in “Dragging
Ports to Add Them to a VLAN” on page 103.
When defining trunk ports, you can define all the ports on a module as trunk ports at one time rather than defining them individually. To do so, click rather than double­click the module in the Access Port list box of the dialog box you use to define ports. Then click the Add button.
When defining access ports in a dialog box, you can define all the ports on a module as access ports at one time rather than defining them individually. To do so, click rather than double-click the module in the Trunk Port list box of the dialog box you use to define ports. Then click the Remove button.
When adding ports to a VLAN, you can add all of a module’s available ports at one time rather than adding them individually. To do so, click rather than double-click the module in the Available Port List box of the dialog box you use to add ports. Then click the Add button.
88 CoreWatch User’s Manual
Page 89
Chapter 7: Configuring VLANs on the SSR
When removing ports from a VLAN, you can remove all of a module’s ports at one
time rather than removing them individually.To do so, click rather than double-clock the module in the Selected Port List box of the dialog box you use to add ports. Then click the Remove button.
Defining Access Ports and Trunk Ports
You can define ports as either access or trunk ports.
All ports are configured as access ports by default. Therefore, you need to define a port as an access port only if you previously defined it as a trunk port and now want to use it as an access port, instead. Access ports can be added to only one VLAN.
Define a port as a trunk port if you want to include that port in multiple VLANs. Trunk ports are useful for connecting SSRs together and for sending traffic of multiple VLANs on a single network segment connecting the routers. Suppose you have two VLANs/subnetworks of IP users on separate SSRs and those VLANs need to belong to the same layer broadcast domain. You could trunk two SSRs together as shown in the following figure:
VLAN1 VLAN1
SSR1 SSR2
VLAN2 VLAN2
To define access ports and trunk ports:
1. Start Configuration Expert if you have not already done so.
Note:
2. Open the configuration file you want to modify and then double-click that file’s
Bridging Configuration object.
3. Click the Port Bridging Mode object.
A Bridging VLAN Mode dialog box similar to the following appears:
If you start Configuration Expert from the Schematic view choosing the Configure VLAN command, Configuration Expert automatically expands the Active Configuration file’s tree to the VLAN Configuration object. If you are adding a VLAN to the Active Configuration file, go to step 3.
Trun k
Link
CoreWatch User’s Manual 89
Page 90
Chapter 7: Configuring VLANs on the SSR
Figure 37. Bridging VLAN Mode dialog box
4. Do one of the following:
Define an access port by double-clicking that port’s module in the Trunk Ports list.
From the list of trunk ports that appears, select the port that you want to define as an access port. Then click the Remove button.
After you click the Remove button, Configuration Expert moves the selected port from the Trunk Ports list to the corresponding module in the Access Ports list.
90 CoreWatch User’s Manual
Page 91
Chapter 7: Configuring VLANs on the SSR
Define a trunk port by double-clicking that port’s module in the Access Ports list.
From the list of access ports that appears, select the port that you want to define as a trunk port. Then click the Add button.
After you click the Add button, Configuration Expert moves the selected port from the Access Ports list to the corresponding module in the Trunk Ports list.
5. Repeat step 4 until you define all the access and trunk ports you will include in your
VLANs.
Clicking a module rather than double-clicking it in a list box selects all of the module’s ports in that list box. This is a quick way to select all of module’s ports when you are defining those ports as all the same type.
6. Click OK.
Configuration Expert adds the access ports and trunk ports to those listed in the Access Ports and Trunk Ports objects, which are located in the Port Bridging Mode object.
Creating a Protocol-Based VLAN
To create a VLAN that the SSR will use for IP, IPX, or bridged-protocol traffic:
1. Start Configuration Expert if you have not already done so.
Note:
If you start Configuration Expert from the Schematic view choosing the Configure VLAN command, Configuration Expert automatically expands the Active Configuration file’s tree to the VLAN Configuration object. If you are adding a VLAN to the Active Configuration file, go to step 3.
CoreWatch User’s Manual 91
Page 92
Chapter 7: Configuring VLANs on the SSR
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the VLAN Configuration object.
4. Click the Configure New VLAN object.
Configuration Expert opens the VLAN wizard.
Figure 38. VLAN wizard (protocol-based)
5. Click Next.
Configuration Expert prompts you to specify which type of VLAN you want to configure.
92 CoreWatch User’s Manual
Page 93
Chapter 7: Configuring VLANs on the SSR
Figure 39. VLAN Type panel (protocol-based)
6. Select the Protocol-Based VLAN option and then click Next.
7. In the wizard panel that appears, define the VLAN by taking the following steps:
a. In the VLAN Name box, enter a name for the VLAN.
The VLAN name is a string up to 32 characters long. You cannot begin a VLAN name with an underscore ( _ ) or the prefix “SYS_.'
b. In the VLAN ID box, enter an ID number from 2 to 4093 for the VLAN.
The ID you enter must be unique for the VLAN. If you are creating a VLAN that will be used on two SSRs and you want to connect those SSRs together on the same trunk port, be sure to use the same ID when creating the VLAN on each SSR. The SSRs will use the ID to recognize that the same VLAN is configured across two SSRs.
c. Specify which type of traffic you want to allow on the VLAN. To do so, select one
CoreWatch User’s Manual 93
Page 94
Chapter 7: Configuring VLANs on the SSR
or more of the options described in the following table:
Table 8. VLAN traffic types
Option Description
IP Specifies that the VLAN is for IP traffic.
IPX Specifies that the VLAN is for IPX traffic.
Other Specifies that the VLAN is for bridged protocols.
The following figure is an example of the information you enter to define a protocol­based VLAN:
8. Click Next.
A wizard panel similar to the following appears:
94 CoreWatch User’s Manual
Figure 40. VLAN Definition panel (protocol-based)
Page 95
Chapter 7: Configuring VLANs on the SSR
Figure 41. Update Port list panel (protocol-based)
9. Add a port to the VLAN by doing the following:
a. In the Available Port list, double-click the module on which the port you want to
add is located. From the list of available ports that appears, select the port that you want to add.
Figure 42. Expanded Update Port list panel (protocol-based)
CoreWatch User’s Manual 95
Page 96
Chapter 7: Configuring VLANs on the SSR
b. Click the Add button.
Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list.
If you accidentally add a port that you do not want to include in the VLAN, you may remove it by double-clicking that port’s module in the Selected Port list. From the list of ports that appears, select the port you do not want in the VLAN. Then click the Remove button.
10. Continue selecting ports and clicking the Add button until you have added all the ports you want the VLAN to include.
Clicking a module rather than double-clicking it in a list box selects all of the module’s ports in that list box. This is a quick way to select all of a module’s ports if you want to add or remove them all at the same time.
11. Click Finish.
Configuration Expert adds the new VLAN to the VLANs found in the Protocol Based VLANs object.
Creating a Port-Based VLAN
To create a VLAN that the SSR will use for IP, IPX, and bridged-protocol traffic:
1. Start Configuration Expert if you have not already done so.
Note:
2. Open the configuration file you want to modify and then double-click that file’s Bridging Configuration object.
3. Double-click the VLAN Configuration object.
4. Click the Configure New VLAN object.
Configuration Expert opens the VLAN wizard.
If you start Configuration Expert from the Schematic view choosing the Configure VLAN command, Configuration Expert automatically expands the Active Configuration file’s tree to the VLAN Configuration object. If you are adding a VLAN to the Active Configuration file, go to step 3.
96 CoreWatch User’s Manual
Page 97
Chapter 7: Configuring VLANs on the SSR
Figure 43. VLAN wizard (port-based)
5. Click Next.
Configuration Expert prompts you to specify which type of VLAN you want to configure.
Figure 44. VLAN Type panel (port-based)
6. Select the Port-Based VLAN option, then click Next.
CoreWatch User’s Manual 97
Page 98
Chapter 7: Configuring VLANs on the SSR
7. In the wizard panel that appears, define the VLAN by taking the following steps:
a. In the VLAN Name box, enter a name for the VLAN.
The VLAN name is a string up to 32 characters long. You cannot begin a VLAN name with an underscore ( _ ) or the prefix “SYS_.”
b. In the VLAN ID box, enter an ID number from 2 to 4093 for the VLAN.
The ID you enter must be unique for the VLAN. If you are creating a VLAN that will be used on two SSRs and you want to connect those SSRs together on the same trunk port, be sure to use the same ID when creating the VLAN on each SSR. The SSRs will use the ID to recognize that the same VLAN is configured across two SSRs.
The following figure is an example of the information you enter to define a port­based VLAN:
98 CoreWatch User’s Manual
Figure 45. VLAN Definition panel (port-based)
Page 99
Chapter 7: Configuring VLANs on the SSR
Because port-based VLANs are used for all the different types of protocol traffic, Configuration Expert automatically selects all the Protocol Binding options described in the following table. You cannot change these selections.
Table 9. Protocol binding options
Option Description
IP Specifies that the VLAN is for IP traffic.
IPX Specifies that the VLAN is for IPX traffic.
Other Specifies that the VLAN is for bridged protocols.
8. Click Next.
A wizard panel similar to the following appears:
9. Add a port to the VLAN by doing the following:
a. In the Available Port list, double-click the module on which the port you want to
add is located. From the list of available ports that appears, select the port that you want to add.
CoreWatch User’s Manual 99
Figure 46. Update Port list panel (port-based)
Page 100
Chapter 7: Configuring VLANs on the SSR
Figure 47. Expanded Update Port list panel (port-based)
b. Click the Add button.
Configuration Expert moves the selected port from the Available Port list to the corresponding module in the Selected Port list.
If you accidentally add a port that you do not want to include in the VLAN, you may remove it by double-clicking that port’s module in the Selected Port list. From the list of ports that appears, select the port you do not want in the VLAN. Then click the Remove button.
10. Continue selecting ports and clicking the Add button until you have added all the ports you want the VLAN to include.
Clicking a module rather than double-clicking it in a list box selects all of the module’s ports in that list box. This is a quick way to select all of a module’s ports if you want to add or remove them all at the same time.
11. Click Finish.
Configuration Expert adds the new VLAN to the VLANs found in the Port Based VLANs object.
Modifying VLANs
You can modify any VLAN’s name, ID, and the ports included in a VLAN. On a protocol­based VLAN you can also modify the protocols bound to that VLAN. Separate
100 CoreWatch User’s Manual
Loading...