Page 1
Lan Switch and Router Blade
1
PRIMERGY BX Blade Server Systems
LAN Router and
Switch Blade
User Interface De
scri
ption
Editon March 2006
Page 2
Lan Switch and Router Blade
2
Comments… Suggestions… Corrections…
The User Documentation Department would like to know your opinion
on this manual. Your feedback helps us to optimize our documentation
to suit your individual needs.
Fax forms for sending us your comments are included at the back of the
manual.
There you will also find the addresses of the relevant User Documentation
Department
Copyright and Trademarks
Copyright © 2006 Fujitsu Siemens Computers
GmbH. All rights reserved.
Delivery subject to availability; right of technical modifications reserved.
All hardware and software names used are trademarks of their respective
manufacturers.
Page 3
Lan Switch and Router Blade
3
Important Notes
Introduction
Networking Planning
Making Network Connection
Configuration the Switch Blade
Web Base Command Interface
Command Reference
Using SNMP
System Defaulting
Troubleshooting and Tips
Page 4
Lan Switch and Router Blade
4
CONTENTS
1 Important Notes...............................................................................................................10
1.1 Information About Boards.......................................................................................... 10
1.2 Compliance Statements ............................................................................................ 11
2 Introduction .....................................................................................................................14
2.1 Features of the Switch...............................................................................................14
2.1.1 MAC Address Supported Features................................................................15
2.1.2 Layer 2 Features...................................................................................................16
2.1.3 Spanning Tree Protocol Features.......................................................................... 18
2.1.4 Ethernet Switch Module Management Features ...................................................19
2.1.5 Security Features..................................................................................................... 21
2.1.6 Quality of Service Features...................................................................................21
2.1.7 Layer III Routing Features..................................................................................... 23
IP Routing..................................................................................................................23
Routing Information Protocol (RIP)............................................................................ 23
BOOTP/DHCP Relay Agent....................................................................................... 24
Virtual Router Redundancy Protocol (VRRP)............................................................ 24
Router Discovery .......................................................................................................24
Virtual LAN (VLAN) Routing ...................................................................................... 25
Route Redistribution .................................................................................................. 25
Route Preferences..................................................................................................... 25
Open Shortest Path First (OSPF).............................................................................. 26
DNS and DNS Relay ................................................................................................. 27
IP Multinetting............................................................................................................27
2.1.8 IP Multicast Features ............................................................................................27
IGMPv3...................................................................................................................... 27
Protocol Independent Multicast – Dense Mode (PIM-DM) ........................................28
Protocol Independent Multicast – Sparse Mode (PIM-SM)........................................29
Distance Vector Multicast Routing Protocol (DVMRP) ..............................................30
2.2 Description of Hardware............................................................................................31
2.2.1 Ethernet Ports .......................................................................................................31
2.3 Features and Benefits ...............................................................................................33
2.4
Notational Conventions
..............................................................................................34
2.5
Ta r g e t Group
..............................................................................................................35
2.6
Technical Data
...........................................................................................................36
3 Network Planning ............................................................................................................ 38
Page 5
Lan Switch and Router Blade
5
3.1
Introduction to Switching
...........................................................................................38
3.2
Sample Applications
..................................................................................................39
4 Making Network Connections .........................................................................................41
4.1
Connecting to 1000BASE-T Devices
.........................................................................41
4.2
1000BASE-T Cable Requirements
............................................................................42
4.3
1000BASE-T Pin Assignments
...................................................................................43
5 Configuration the Switch Blade Module .......................................................................... 44
5.1 Overview ...................................................................................................................44
5.2 Connecting the Ethernet Switch Module ...................................................................45
5.3 Start up and Configuration the Ethernet Switch Module............................................ 47
5.4 Configuring the Terminal ...........................................................................................48
5.5 Booting Device ..........................................................................................................49
5.6 Software Download ...................................................................................................50
5.6.1 In BootROM Back Door CLI ..........................................................................50
5.6.2 In Operation Code CLI...................................................................................51
6 Web-Based Management Interface ................................................................................54
6.1 Overview ...................................................................................................................54
6.2 Main Menu ................................................................................................................55
6.2.1 System Menu.................................................................................................55
6.2.2 Switching Menu ........................................................................................... 113
6.2.3 Routing Menu ..............................................................................................153
6.2.4 Security Menu..............................................................................................212
6.2.5 QOS Menu...................................................................................................231
6.2.6 IP Multicast Menu ........................................................................................ 255
7 Command Reference .................................................................................................... 285
7.1 CLI Command Format.............................................................................................285
7.2 CLI Mode-based Topology ......................................................................................286
7.3 System Information and Statistics commands......................................................... 288
7.3.1 show arp...................................................................................................... 288
7.3.2 show calendar .............................................................................................288
7.3.3 show eventlog..............................................................................................289
7.3.4 show running-config ....................................................................................289
7.3.5 show sysinfo................................................................................................ 290
7.3.6 show system................................................................................................ 291
7.3.7 show hardware ............................................................................................291
7.3.8 show version................................................................................................292
7.3.9 show loginsession .......................................................................................293
Page 6
Lan Switch and Router Blade
6
7.4 Device Configuration Commands............................................................................294
7.4.1 Interface.......................................................................................................294
7.4.2 L2 MAC Address and Multicast Forwarding Database Tables..................... 307
7.4.3 VLAN Management .....................................................................................312
7.4.4 GVRP and Bridge Extension .......................................................................326
7.4.5 IGMP Snooping ...........................................................................................336
7.4.6 Port Channel................................................................................................348
7.4.7 Storm Control...............................................................................................355
7.4.8 L2 Priority ....................................................................................................362
7.4.9 Port Mirror....................................................................................................364
7.5 Management Commands ........................................................................................ 366
7.5.1 Network Commands .................................................................................... 366
7.5.2 Serial Interface Commands ......................................................................... 373
7.5.3 Telnet Session Commands..........................................................................376
7.5.4 SNMP Server Commands ...........................................................................382
7.5.5 SNMP Trap Commands...............................................................................391
7.5.6 HTTP commands.........................................................................................395
7.5.7 Secure Shell (SSH) Commands .................................................................. 399
7.5.8 DHCP Client Commands.............................................................................401
7.5.9 DHCP Relay Commands.............................................................................402
7.6 Spanning Tree Commands......................................................................................405
7.6.1 Show Commands ........................................................................................405
7.6.2 Configuration Commands............................................................................412
7.7 System Log Management Commands .................................................................... 422
7.7.1 Show Commands ........................................................................................422
7.7.2 show logging buffered .................................................................................423
7.7.3 show logging traplog....................................................................................423
7.7.4 Configuration Commands............................................................................424
7.8 Script Management Commands..............................................................................429
7.8.1 script apply ..................................................................................................429
7.8.2 script delete .................................................................................................429
7.8.3 script list.......................................................................................................430
7.8.4 script show...................................................................................................430
7.9 User Account Management Commands..................................................................431
7.9.1 Show Commands ........................................................................................431
7.9.2 Configuration Commands............................................................................432
7.10 Security Commands................................................................................................434
Page 7
Lan Switch and Router Blade
7
7.10.1 Show Commands ........................................................................................ 434
7.10.2 Configuration Commands............................................................................446
7.10.3 Dot1x Configuration Commands .................................................................448
7.10.4 Radius Configuration Commands................................................................ 455
7.10.5 TACACS Configuration Commands ............................................................459
7.10.6 Port Security Configuration Commands ......................................................462
7.11 CDP (Cisco Discovery Protocol) Commands.......................................................... 465
7.11.1 Show Commands ........................................................................................465
7.11.2 Configuration Commands............................................................................ 467
7.12 Link up & Port Backup State Commands ................................................................ 470
7.12.1 Show Commands ........................................................................................ 470
7.12.2 Configuration Commands............................................................................471
7.13 SNTP (Simple Network Time Protocol) Commands................................................ 474
7.13.1 Show Commands ........................................................................................ 474
7.13.2 Configuration Commands............................................................................476
7.14 System Utilities........................................................................................................ 481
7.14.1 clear.............................................................................................................481
7.14.2 copy ............................................................................................................. 489
7.14.3 delete...........................................................................................................491
7.14.4 dir................................................................................................................. 492
7.14.5 whichboot ....................................................................................................492
7.14.6 boot-system ................................................................................................. 493
7.14.7 ping..............................................................................................................493
7.14.8 traceroute ....................................................................................................494
7.14.9 logging cli-command.................................................................................... 495
7.14.10 calendar set ................................................................................................. 495
7.14.11 reload........................................................................................................... 496
7.14.12 configure......................................................................................................496
7.14.13 disconnect ...................................................................................................497
7.14.14 hostname.....................................................................................................497
7.14.15 quit ........................................................................................................ 497
7.15 Differentiated Service Command ............................................................................ 498
7.15.1 General Commands ....................................................................................499
7.15.2 Class Commands ........................................................................................ 500
7.15.3 Policy Commands........................................................................................ 508
7.15.4 Service Commands .....................................................................................514
7.15.5 Show Commands ........................................................................................ 515
Page 8
Lan Switch and Router Blade
8
7.16 ACL Command ........................................................................................................ 523
7.16.1 Show Commands ........................................................................................ 523
7.16.2 Configuration Commands............................................................................526
7.17 CoS (Class of Service) Command .......................................................................... 530
7.17.1 Show Commands ........................................................................................ 530
7.17.2 Configuration Commands............................................................................533
7.18 Address Resolution Protocol (ARP) Commands..................................................... 540
7.18.1 Show Commands ........................................................................................ 540
7.18.2 Configuration Commands............................................................................542
7.19 IP Routing Commands ............................................................................................ 546
7.19.1 Show Commands ........................................................................................ 546
7.19.2 Configuration Commands............................................................................550
7.20 Open Shortest Path First (OSPF) Commands ........................................................555
7.20.1 Show Commands ........................................................................................ 555
7.20.2 Configuration Commands............................................................................564
7.21 Bootp/DHCP Relay Commands ..............................................................................584
7.21.1 show bootpdhcprelay................................................................................... 584
7.21.2 bootpdhcprelay cidoptmode ........................................................................585
7.21.3 bootpdhcprelay enable ................................................................................ 585
7.21.4 bootpdhcprelay maxhopcount .....................................................................585
7.21.5 bootpdhcprelay minwaittime ........................................................................586
7.21.6 bootpdhcprelay serverip .............................................................................. 586
7.21.7 ip dhcp restart..............................................................................................587
7.21.8 ip dhcp client-identifier.................................................................................587
7.22 Domain Name Server Relay Commands ................................................................588
7.22.1 Show Commands ........................................................................................ 588
7.22.2 Configuration Commands............................................................................589
7.23 Routing Information Protocol (RIP) Commands...................................................... 594
7.23.1 Show Commands ........................................................................................ 594
7.23.2 Configuration Commands............................................................................597
7.24 Router Discovery Protocol Commands ...................................................................604
7.24.1 show ip irdp .................................................................................................604
7.24.2 ip irdp...........................................................................................................605
7.24.3 ip irdp broadcast .......................................................................................... 605
7.24.4 ip irdp holdtime ............................................................................................ 605
7.24.5 ip irdp maxadvertinterval .............................................................................606
7.24.6 ip irdp minadvertinterval ..............................................................................606
Page 9
Lan Switch and Router Blade
9
7.24.7 ip irdp preference......................................................................................... 607
7.25 VLAN Routing Commands ......................................................................................607
7.25.1 show ip vlan.................................................................................................607
7.25.2 vlan routing .................................................................................................. 608
7.26 Virtual Router Redundancy Protocol (VRRP) Commands ......................................609
7.26.1 Show Commands ........................................................................................ 609
7.26.2 Configuration Commands............................................................................ 611
7.27 Distance Vector Multicast Routing Protocol (DVMRP) Commands......................... 615
7.27.1 Show Commands ........................................................................................ 615
7.27.2 Configuration Commands............................................................................619
7.28 Internet Group Management Protocol (IGMP) Commands..................................... 620
7.28.1 Show Commands ........................................................................................ 620
7.28.2 Configuration Commands............................................................................624
7.29 Multicast Commands............................................................................................... 629
7.29.1 Show Commands ........................................................................................ 629
7.29.2 Configuration Commands............................................................................635
7.30 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands...................641
7.30.1 Show Commands ........................................................................................ 641
7.30.2 Configuration Commands............................................................................643
7.31 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands ..................645
7.31.1 Show Commands ........................................................................................ 645
7.31.2 Configuration Commands............................................................................650
8 Using SNMP..................................................................................................................656
8.1
Supported MIBs
.......................................................................................................657
8.2
Accessing MIB Objects
............................................................................................659
8.3
Supported Tr a p s
......................................................................................................662
9 Default Settings.............................................................................................................663
9.1 The overview default settings for the system module are shown in the following table.
................................................................................................................................663
9.2 The default settings for all the configuration commands are shown in the following table.
................................................................................................................................665
10 Troubleshooting and Tips ..............................................................................................673
10.1
Diagnosing Switch Indicators
...................................................................................673
10.2
Accessing the Management Interface
......................................................................673
Page 10
Information About Boards Important Notes
Lan Switch and Router Blade
10
1 Important Notes
Store this manual close to the device. If you pass the device on to third parties,
you should pass this manual on with it.
Be sure to read this page carefully and note the information before you
open the device.
You cannot access the switch blade without first opening the device. How
to dismantle and reassemble the device is described in the Operating
Manual accompanying the device.
Please observe the safety information provided in the “Important Notes”
chapter in the device’s operating manual.
Components can become very hot during operation. Ensure you do not
touch components when handling the device. There is a danger of burns!
The warranty is invalidated if the device is damaged during the installation.
1.1 Information About Boards
To prevent damage to the device or the components and conductors on it,
please take great care when you insert or remove it. Take great care to ensure
that the board is slotted in straight, without damaging components or
conductors on it, or any other components.
Be especially careful with the locking mechanisms (catches, centering pins etc.)
when you replace the board.
Never use sharp objects (screwdrivers) for leverage.
Boards with electrostatic sensitive devices (ESD) are
identifiable by the label shown.
When you handle boards fitted with ESDs, you must, under
all circumstances, observe the following points:
You must always discharge static build up (e.g., by
touching a grounded object) before working.
The equipment and tools you use must be free of static
charges.
Remove the power plug from the mains supply before
inserting or removing boards containing ESDs.
Always hold boards with ESDs by their edges.
Never touch pins or conductors on boards fitted with
ESDs.
Page 11
Compliance Statements Important Notes
Lan Switch and Router Blade
11
!
1.2 Compliance Statements
FCC Class A Compliance
This equipment has been tested and found to comply with the limits for a
“Class A” digital device, pursuant to Part 15 of the FCC rules and meets all
requirements of the Canadian Interference-Causing Equipment Regulations.
These limits are designed to provide reasonable protection against harmful
interference in a residential installation. This equipment generates, uses and
can radiate radio frequency energy and, if not installed and used in strict accordance
with the instructions, may cause harmful interference to radio communications.
However, there is no guarantee that interference will not occur in a
particular installation. If this equipment does cause harmful interference to radio
or television reception, which can be determined by turning the equipment off
and on, the user is encouraged to try to correct the interference by one or more
of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between equipment and the receiver.
Connect the equipment into an outlet on a circuit different from that to which
the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.
Fujitsu Siemens Computers is not responsible for any radio or television interference
caused by unauthorized modifications of this equipment or the substitution
or attachment of connecting cables and equipment other than those
specified by Fujitsu Siemens Computers. The correction of interferences
caused by such unauthorized modification, substitution or attachment will be the
responsibility of the user.
You may use unshielded twisted-pair (UTP) cables for RJ-45 connections –
Category 3 or greater for 10 Mbps connections, Category 5 for 100 Mbps
connections, and Category 5 or 5e for 1000 Mbps connections.
Wear an anti-static wrist strap or take other suitable measures to prevent
electrostatic discharge when handling this equipment.
Industry Canada - Class A
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital
apparatus as set out in the interference-causing equipment standard entitled “Digital
Apparatus,” ICES-003 of the Department of Communications.
Cet appareil numérique respecte les limites de bruits radioélectriques appli- cables aux
appareils numériques de Classe A prescrites dans la norme sur le matériel brouilleur:
“Appareils Numériques,” NMB-003 édictée par le ministère des Communications.
Page 12
Compliance Statements Important Notes
Lan Switch and Router Blade
12
!
Japan VCCI Class A
CE Mark Declaration of Conformance for EMI and Safety (EEC)
This information technology equipment complies with the requirements of the Council Directive
89/336/EEC on the Approximation of the laws of the Member States relating to Electromagnetic
Compatibility and 73/23/EEC for electrical equipment used within certain voltage limits and the
Amendment Directive
93/68/EEC. For the evaluation of the compliance with these Directives, the following
standards were applied:
RFI Emission: • Limit class A according to EN 55022:1998
• Limit class A for harmonic current emission according to EN 61000-3-2/1995
• Limitation of voltage fluctuation and flicker in low-voltage supply system according to
EN 61000-3-3/1995
Immunity: • Product family standard according to EN 55024:1998
• Electrostatic Discharge according to EN 61000-4-2:1995
(Contact Discharge: ±4 kV, Air Discharge: ±8 kV)
• Radio-frequency electromagnetic field according to EN 61000-4-3:1996
(80 - 1000 MHz with 1 kHz AM 80% Modulation: 3 V/m)
• Electrical fast transient/burst according to EN 61000-4-4:1995 (AC/DC power supply: ±1
kV, Data/Signal lines: ±0.5
kV)
• Surge immunity test according to EN 61000-4-5:1995
(AC/DC Line to Line: ±1 kV, AC/DC Line to Earth: ±2 kV)
• Immunity to conducted disturbances, Induced by radio-frequency fields:
EN 61000-4-6:1996 (0.15 - 80 MHz with 1 kHz AM 80% Modulation: 3 V/m)
• Power frequency magnetic field immunity test according to EN 61000-4-
8:1993 (1 A/m at frequency 50 Hz)
• Vol tage dips, short interruptions and voltage variations immunity test according to
EN 61000-4-11:1994 (>95% Reduction @10 ms, 30% Reduction @500 ms, >95%
Reduction @5000 ms)
LVD:
• EN 60950 (A1/1992; A2/1993; A3/1993; A4/1995; A11/1997)
Do not plug a phone jack connector in the RJ-45 port. This may damage
this device. Les raccordeurs ne sont pas utilisé pour le système télépho- nique!
Page 13
Compliance Statements Important Notes
Lan Switch and Router Blade
13
Taiwan BSMI Class A
Australia AS/NZS 3548 (1995) - Class A
Page 14
Features of the Switch Introduction
Lan Switch and Router Blade
14
2 Introduction
The
PRIMERGY BX
Blade Server system is a modular server system that can integrates
up to 10 server modules, four Ethernet Switch Modules (one switch will be included in the base
enclosure, the other three are optional) and two Management Modules (MMB). The Ethernet
Module provides networking or Switch functions to PRIMERGY BX Blade Server. The
Management Modules provides a single point of control for the PRIMERGY BX Blade Server.
The PRIMERGY BX600 Ethernet Switch Modules are 18-port devices that are
connected to servers through the mid-plane connectors located on PRIMERGY BX Blade
Server middle plane. The device has 18 ports. The ports numeration starts from the internal
ports g1-g10 connected to server blades, and ports g11-g16 are the external ports connecting
the Ethernet Switch Module to the network through the internal ports. The g17 is the XFP
module interface and the g18 port is 10 G the module for CX4 interface.
• six external RJ-45 connectors for 10/100/1000 Base-T copper ports (uplinks).
• two external module CX4 or XFP connectors for 10 Gigabit ports (uplinks).
• 10 internal ports connected to servers through PRIMERGY BX Blade Server mid-plane
connector of a VHDM type.
The terminal connection to the device is provided through the MMB board only. No access
point is provided on the Ethernet Switch Module front panel. For debugging and management
purposes, a UART bus of each Ethernet Switch Module is connected to the MMB board. The
MMB board can select for management only one switch at a time.
The Ethernet Switch Module receives a power supply (12 V dc) through the mid-plane
connector. A four system LED indicates the Ethernet Switch Module status (Power
module,MMB-selected or not, CX4 and XFP interface or not).
The following figure illustrates the PRIMERGY BX600:
Figure 1-1. PRIMERGY BX600 GESwitch Blade Front Panel
2.1 Features of the Switch
The switch provides a wide range of advanced performance-enhancing features.
Multicast filtering provides support for real-time network applications. Port-based
and tagged VLANs, plus support for automatic GVRP VLAN registration provide
traffic security and efficient use of network bandwidth. QoS priority queueing
ensures the minimum delay for moving real-time multi-media data across the
Page 15
Features of the Switch Introduction
Lan Switch and Router Blade
15
network. Flow control eliminates the loss of packets due to bottlenecks caused by
port saturation. And broadcast storm suppression prevents broadcast traffic storms
from engulfing the network. Some of the management features are briefly described
below.
Head of Line Blocking
Head of Line (HOL) blocking results in traffic delays and frame loss caused by traffic competing
for the same egress port resources. HOL blocking queues packets, and the packets at the
head of the queue are forwarded before packets at the end of the queue.
Flow Control Support (IEEE 802.3X)
Flow control enables lower speed devices to communicate with higher speed devices, by
requesting that the higher speed device refrains from sending packets. Transmissions are
temporarily halted to prevent buffer overflows.
Back Pressure Support
On half-duplex links, the receiving port prevents buffer overflows by occupying the link so that it
is unavailable for additional traffic.
Jumbo Frames Support
Jumbo frames are frames with an MTU size of up to 9K bytes, and better utilize the network by
transporting the same data using less frames. The main benefits of this facility are reduced
transmission overhead, and reduced host processing overhead. Less frames leads to less I/O
interrupts. This facility is typically used for server-to-server transfers.
MDI/MDIX Support
The Ethernet Switch Module automatically detects whether the cable connected to an RJ-45
port is crossed or straight through. Standard wiring for end stations is Media-Dependent
Interface (MDI) and the standard wiring for hubs and switches is known as Media-Dependent
Interface with Crossover (MDIX).
Auto Negotiation
Auto negotiation allows an Ethernet Switch Module to advertise modes of operation. The auto
negotiation function provides the means to exchange information between two devices that
share a point-to-point link segment, and to automatically configure both devices to take
maximum advantage of their transmission capabilities.
2.1.1 MAC Address Supported Features
MAC Address Capacity Support
The Ethernet Switch Module supports up to 8K MAC addresses. The Ethernet Switch Module
reserves specific MAC addresses for system use.
Static MAC Entries
MAC entries can be manually entered in the Bridging Table, as an alternative to learning them
from incoming frames. These user-defined entries are not subject to aging, and are preserved
across resets and reboots.
Self-Learning MAC Addresses
The Ethernet Switch Module enables automatic MAC address learning from incoming packets.
The MAC addresses are stored in the Bridging Table.
Page 16
Features of the Switch Introduction
Lan Switch and Router Blade
16
Automatic Aging for MAC Addresses
MAC addresses from which no traffic is received for a given period are aged out. This prevents
the Bridging Table from overflowing.
Port Security
Port security prevents unauthorized users from accessing your network. It allows each port to
learn, or be assigned, a list of MAC addresses for devices authorized to access the network
through that port. Any packet received on the port must have a source address that appears in
the authorized list, otherwise it will be dropped. Port security is disabled on all ports by default,
but can be enabled on a per-port basis.
Address Filtering –
This switch provides a packet filter for all traffic entering the CPU port and hence potentially
forwarded or routed to the management network. The packet filter is rule/pattern based and
constitutes a set of patterns which when matched will DROP the packet, and a further set of
patterns which when matched will ACCEPT the packet.
MAC Multicast Support
Multicast service is a limited broadcast service, which allows one-to-many and many-to-many
connections for information distribution. Layer 2 Multicast service is where a single frame is
addressed to a specific Multicast address, from where copies of the frame are transmitted to
the relevant ports.
2.1.2 Layer 2 Features
IGMP Snooping
IGMP Snooping examines IGMP frame contents, when they are forwarded by the Ethernet
Switch Module from work stations to an upstream Multicast router. From the frame, the
Ethernet Switch Module identifies work stations configured for Multicast sessions, and which
Multicast routers are sending Multicast frames.
Port Mirroring
Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and
outgoing packets from a monitored port to a monitoring port. Users specify which target port
receives copies of all traffic passing through a specified source port.
Broadcast Storm Control
Storm Control enables limiting the amount of Multicast and Broadcast frames accepted and
forwarded by the Ethernet Switch Module. When Layer 2 frames are forwarded, Broadcast and
Multicast frames are flooded to all ports on the relevant VLAN. This occupies bandwidth, and
loads all nodes connected on all ports.
VLAN Supported Features
The switch supports up to 228 VLANs. A Virtual LAN is a collection of network nodes that share
the same collision domain regardless of their physical location or connection point in the
network. The switch supports tagged VLANs based on the IEEE 802.1Q standard. Members of
VLAN groups can be dynamically learned via GVRP, or ports can be manually assigned to a
specific set of VLANs. This allows the switch to restrict traffic to the VLAN groups to which a
user has been assigned. By segmenting your network into VLANs, you can:
Page 17
Features of the Switch Introduction
Lan Switch and Router Blade
17
1) Eliminate broadcast storms which severely degrade performance in a flat network.
2) Simplify network management for node changes/moves by remotely configuring
VLAN membership for any port, rather than having to manually change the network
connection.
3) Provide data security by restricting all traffic to the originating VLAN, except
where a connection has been configured between separate VLANs using a router
or Layer 3 switch.
VLAN Support
VLANs are collections of switching ports that comprise a single broadcast domain. Packets are
classified as belonging to a VLAN based on either the VLAN tag or based on a combination of
the ingress port and packet contents. Packets sharing common attributes can be grouped in
the same VLAN.
Port Based Virtual LANs (VLANs)
Port-based VLANs classify incoming packets to VLANs based on their ingress port.
For more information, see "Defining VLAN Ports Settings".
IEEE802.1V Protocol Based Virtual LANs (VLANs)
VLAN classification rules are defined on data-link layer (Layer 2) protocol identification.
Protocol based VLANs isolate Layer 2 traffic for differing Layer 3 protocols.
Full 802.1Q VLAN Tagging Compliance
IEEE 802.1Q defines an architecture for virtual bridged LANs, the services provided in VLANs
and the protocols and algorithms involved in the provision of these services. An important
requirement included in this standard is the ability to mark frames with a desired Class of
Service (CoS) tag value (0-7).
GVRP Support
GARP VLAN Registration Protocol (GVRP) provides IEEE 802.1Q-compliant VLAN pruning
and dynamic VLAN creation on 802.1Q trunk ports. When GVRP is enabled, the Ethernet
Switch Module registers and propagates VLAN membership on all ports that are part of the
active underlying "Spanning Tree Protocol Features" topology.
GMRP Protocol
GARP Multicast Registration Protocol (GMRP) is a Generic Attribute Registration Protocol
(GARP) application that provides a constrained multicast flooding facility similar to IGMP
snooping. GMRP and GARP are industry-standard protocols defined by the IEEE
802.1p.GMRP provides a mechanism that allows bridges and end stations to dynamically
register group membership information with the MAC bridges attached to the same LAN
segment and for that information to be disseminated across all bridges in the Bridged LAN that
supports extended filtering services. The operation of GMRP relies upon the services provided
by the GARP. GMRP software components run on both the switch and on the host. On the host,
GMRP is typically used with IGMP: the host GMRP software spawns Layer 2 GMRP versions
of the host's Layer 3 IGMP control packets. The switch receives both the Layer 2 GMRP and
the Layer 3 IGMP traffic from the host. The switch uses the received GMRP traffic to constrain
Page 18
Features of the Switch Introduction
Lan Switch and Router Blade
18
2.1.3 Spanning Tree Protocol Features
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol adds a level of fault
tolerance by allowing two or more redundant connections to be created between a
pair of LAN segments. When there are multiple physical paths between segments,
this protocol will choose a single path and disable all others to ensure that only one
route exists between any two stations on the network. This prevents the creation of
network loops. However, if the chosen path should fail for any reason, an alternate
path will be activated to maintain the connection.
IEEE 802.1w Rapid Spanning Tree
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) – This protocol reduces the
convergence time for network topology changes to about 10% of that required by the
older IEEE 802.1D STP standard. It is intended as a complete replacement for STP,
but can still interoperate with switches running the older standard by automatically
reconfiguring ports to STP-compliant mode if they detect STP protocol messages
from attached devices.
IEEE 802.1s Multiple Spanning Tree
IEEE 802.1s Multiple Spanning Tree - The IEEE 802.1s is the supplement to IEEE Std 802.1Q
adds the facility for VLAN bridges to use multiple spanning trees, providing for traffic belonging
to different VLANs to flow over potentially different paths within the virtual bridged LAN.802.1s
supports spanning tree by per VLAN.
Fast Link
STP can take up to 30-60 seconds to converge. During this time, STP detects possible loops,
allowing time for status changes to propagate and for relevant Ethernet Switch Modules to
respond. 30-60 seconds is considered too long of a response time for many applications. The
Fast Link option bypasses this delay, and can be used in network topologies where forwarding
loops do not occur.
Link Aggregation
One Aggregated Links may be defined, with up to 2 member ports, to form a single Link
Aggregated Group (LAG). This enables:
• Fault tolerance protection from physical link disruption
• Higher bandwidth connections
• Improved bandwidth granularity
• High bandwidth server connectivity
LAG is composed of ports with the same speed, set to full-duplex operation.
Link Aggregation and LACP
LACP uses peer exchanges across links to determine, on an ongoing basis, the aggregation
capability of various links, and continuously provides the maximum level of aggregation
capability achievable between a given pair of systems. LACP automatically determines,
configures, binds and monitors the port binding to aggregators within the system.
BootP and DHCP Clients
DHCP enables additional setup parameters to be received from a network server upon system
startup. DHCP service is an on-going process. DHCP is an extension to BootP. For more
information on DHCP, see "Defining DHCP IP Interface Parameters".
Page 19
Features of the Switch Introduction
Lan Switch and Router Blade
19
2.1.4 Ethernet Switch Module Management Features
The PRIMERGY BX600 can either be managed through the console port (out-of-band
management) or through the network (in-band management) with SNMP, TELNET or HTTP
protocols.
Various Files of Management Operation:
z There are three types of files for the PRIMERGY BX600:
Configuration Files: The file stores system configuration information
Operation Code: Executed after system boot-up, also known as Run Time Image
BootRom Image: The images brought up by loader when power up. Also known as
POST (Power On Self-Test)
z Due to the size of flash memory, the PRIMERGY BX600 supports only two copies for
Configuration files and Operation Code respectively, but only one copy for BootRom
Image.
Duplication of Management file
The PRIMERGY BX600 can copy those three types of files in three different ways.
1. Local file to local file copy: The PRIMERGY BX600 can copy an existed local
Configuration File to another local file. Copy exited local Operation Code to another
local file is not permitted.
2. Remote TFTP Server to Local file copy: The PRIMERGY BX600 can support to
download Configuration File or Operation Code from remote server to local file.
3. Local file to remote server: The PRIMERGY BX600 can support to upload an existed
local Configuration File to the remote server.
4. Running Config to local file copy
5. Running Config to remote TFTP server
6. Local file to Running Config copy
7. Remote TFTP server to Running Config copy
Select Start-up Files
Users can select one of two copies for Configuration Files and Operation Codes as start-up file
which is used as default bootup configuration and execution image, And the other copy of
Configuration File and Operation Code will be used for backup.
Save Configuration as file
Users can save the running configuration as a file for future use. This newly saved
configuration file can be selected as start-up file later on. Or users can upload this saved
configuration to the remote server for backup.
Provision
The PRIMERGY BX600 allows users to select the Configuration files to configure the system.
There are two timings to configure system: Start-up and Run time.
Start-up: Select the Configuration File for start-up purpose.
Run time: Users can choose a new configuration file to reconfigure the system while system
Page 20
Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
20
running, without rebooting the system. This function is available for CLI only.
SNMP Alarms and Trap Logs
The system logs events with severity codes and timestamps. Events are sent as SNMP traps
to a Trap Recipient List.
SNMP Version 1,Version 2, and Version 3
Simple Network Management Protocol (SNMP) over the UDP/IP protocol. To control access to
the system, a list of community entries is defined, each of which consists of a community string
and its access privileges. There are 2 levels of SNMP security read-only and read-write.
Web Based Management
With web based management, the system can be managed from any web browser. The
system contains an Embedded Web Server (EWS), which serves HTML pages, through which
the system can be monitored and configured. The system internally converts web-based input
into configuration commands, MIB variable settings and other management-related settings.
Configuration File Download and Upload
The Ethernet Switch Module configuration is stored in a configuration file. The Configuration
file includes both system wide and port specific Ethernet Switch Module configuration. The
system can display configuration files in the form of a collection of CLI commands, which are
stored and manipulated as text files.
TFTP Trivial File Transfer Protocol
The Ethernet Switch Module supports boot image, software and configuration
upload/download via TFTP.
Remote Monitoring
Remote Monitoring (RMON) is an extension to SNMP, which provides comprehensive network
traffic monitoring capabilities (as opposed to SNMP which allows network Ethernet Switch
Module management and monitoring). RMON is a standard MIB that defines current and
historical MAC-layer statistics and control objects, allowing real-time information to be captured
across the entire network.
Command Line Interface
Command Line Interface (CLI) syntax and semantics conform as much as possible to common
industry practice. CLI is composed of mandatory and optional elements. The CLI interpreter
provides command and keyword completion to assist user and shorten typing.
Syslog
Syslog is a protocol that allows event notifications to be sent to a set of remote servers, where
they can be stored, examined and acted upon. Multiple mechanisms are implemented to send
notification of significant events in real time, and keep a record of these events for after-the-fact
usage.
SNTP
The Simple Network Time Protocol (SNTP) assures accurate network Ethernet Switch Module
clock time synchronization up to the millisecond. Time synchronization is performed by a
network SNTP server. Time sources are established by Stratums. Stratums define the distance
from the reference clock. The higher the stratum (where zero is the highest), the more accurate
the clock.
Page 21
Features of the Switch Introduction
Lan Switch and Router Blade
21
2.1.5 Security Features
SSL
Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of
data through privacy, authentication, and data integrity. It relies upon certificates and public
and private keys. SSL version 3 and TLS version 1 are currently supported.
Port Based Authentication (802.1x)
Port based authentication enables authenticating system users on a per-port basis via an
external server. Only authenticated and approved system users can transmit and receive data.
Ports are authenticated via the Remote Authentication Dial In User Service (RADIUS) server
using the Extensible Authentication Protocol (EAP).
Locked Port Support
Locked Port increases network security by limiting access on a specific port only to users with
specific MAC addresses. These addresses are either manually defined or learned on that port.
When a frame is seen on a locked port, and the frame source MAC address is not tied to that
port, the protection mechanism is invoked.
RADIUS Client
RADIUS is a client/server-based protocol. A RADIUS server maintains a user database, which
contains per-user authentication information, such as user name, password and accounting
information. For more information, see "Configuring RADIUS Global Parameters".
SSH
Secure Shell (SSH) is a protocol that provides a secure, remote connection to an Ethernet
Switch Module. SSH version 1 and version 2 are currently supported. The SSH server feature
enables an SSH client to establish a secure, encrypted connection with a Ethernet Switch
Module. This connection provides functionality that is similar to an inbound telnet connection.
SSH uses RSA Public Key cryptography for Ethernet Switch Module connections and
authentication.
TACACS+
TACACS+ provides centralized security for validation of users accessing the Ethernet Switch
Module. TACACS+ provides a centralized user management system, while still retaining
consistency with RADIUS and other authentication processes.
2.1.6 Quality of Service Features
The PRIMERGY BX600 support the mapping of DSCP (Differentiated Service Code Point) to
CoS queues. Therefore, packet with different DSCP value can be scheduled to separated CoS
queues for different services. DSCP definition is backward compatible with TOS definition.
Hence PRIMERGY BX600 also support the mapping of TOS to CoS queues. And packet with
difference precedence can be scheduled to different prioritized CoS queues.
Access Control List (ACLs)
Packet filtering can help limit network traffic and restrict network use by certain users or
devices. ACLs filter traffic as it passes through a switch and permit or deny packets crossing
specified interfaces or VLANs. An ACL is a sequential collection of permit and deny conditions
Page 22
Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
22
that apply to packets. When a packet is received on an interface, the switch compares the
fields in the packet against any applied ACLs to verify that the packet has the required
permissions to be forwarded, based on the criteria specified in the access lists. The first match
decides whether the switch accepts or rejects the packets. Because the switch stops testing
after the first match, the order of conditions in the list is critical. If no conditions match, the
switch rejects the packet. If there are no restrictions, the switch forwards the packet; otherwise,
the switch drops the packet. The switch can use ACLs on all packets it forwards, including
packets bridged within a VLAN.
These access lists are supported on Layer 2 interfaces: Standard IP access lists using source
addresses and Extended IP access lists using source and destination addresses and optional
protocol type Information. The switch examines ACLs associated with all inbound features
configured on a given interface and permits or denies packet forwarding based on how the
packet matches the entries in the ACL. In this way, ACLs are used to control access to a
network or to part of a network.
An ACL is a sequential collection of permit and deny conditions. The switch tests packets
against the conditions in an access list . The first match determines whether the switch accepts
or rejects the packet. Because the switch stops testing after the first match, the order of the
conditions is critical. If no conditions match, the switch denies the packet.
The PRIMERGY BX600 supports these types of ACLs or access lists for IP:
• Standard IP access lists use source addresses for matching operations.
• Extended IP access lists use source and destination addresses for matching operations and
optional protocol-type information for finer granularity of control.
Standard ACLs are the oldest type of ACL. Standard ACLs control traffic by comparing the
source address of the IP packets to the addresses configured in the ACLs.
Extended ACLs control traffic by comparing the source and destination addresses of the IP
packets to the addresses configured in the ACLs. Rules can be configured to inspect up to six
fields of a packet: Source IP, Destination IP, Source L4 Port, Destination L4 Port, TOS Byte,
Protocol Number.
Strict scheduling for priority queue
In addition to WRR, PRIMERGY BX600 also supports Strict scheduling ensures that the
highest priority packets will always get serviced first, ahead of all other traffic, and that the other
three queues will be serviced using WRR scheduling
WRR (Weighted Round Robin)
The PRIMERGY BX600 supports Weighted Round Robin (WRR) scheduling. The WRR
queuing algorithm ensures that the lower priority packets are not entirely starved for bandwidth
and are serviced without compromising the priority settings administered by the network
manager.
Differentiated Services
Network resources are apportioned based on traffic classification and priority, giving
preferential treatment to data with strict timing requirements according to network management
policy. The PRIMERGY BX600 supports the Differentiated Services(Diffserv). The Diffserv is a
method of offering quality-of-service treatment for network traffic without the need for a
resource reservation protocol. An administration specifically provisions the network equipment
to identify the following: The classes of traffic in the network & The QoS treatment the classes
of traffic receive.
Diffserv controls the traffic acceptance throughout the DiffServ domain, the traffic transmission
Page 23
Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
23
throughout the Diffserv domain and the bandwidth guarantee within the network nodes. By
controlling the acceptance, the transmission and bandwidth, a policy-based range of services
is established.
There are 3 keys QoS building blocks to configure Diffserv. Class, Policy and Services
2.1.7 Layer III Routing Features
IP Routing
The PRIMERGY BX600 IP Routing layer (IPv4 support) contains the IP Forwarding layer,
Address Resolution Protocol (ARP) Mapping Layer, and Routing Table Object (RTO).
PRIMERGY BX600 also provides that each port which is be configured to participate in the
routed network.
The IP Routing layer provides the following functions:
ARP Mapping (Table)/Static ARP
For maintaining the ARP Table used to correlate IP and MAC addresses. The table
contains both static entries configured by user and entries dynamically updated based on
information in received ARP frames.
Static ARP can be defined in the ARP table. When static entries are defined, a permanent
entry is entered and is used to translate IP address to MAC address.
Routing Table Object (RTO)
The Routing Table Object manages a common routing table for all registered routing
protocols.
IP Forwarding Layer
The IP Forwarding layer forwards received IP packets that cannot be forwarded through
the hardware.
Routing Information Protocol (RIP)
The Routing Information Protocol, or RIP, has been a long-standing protocol used by
routers for exchanging route information. RIP is a distance vector protocol whereby each route
is characterized by the number of gateways, or hops, a packet must traverse to reach its
intended destination. RIP categorized as an interior gateway protocol and operates within the
scope of an autonomous system.
RIP is designed such that its routers send the contents of their routing table every 30
seconds to each adjacent router. These periodic updates allow routes to remain active in the
route table; absence of a route from the updates causes the route to be declared unusable
after 180 seconds have elapsed, and to be removed from the table after an additional 120
seconds passes without the route appearing in an update message.
Two versions of RIP are in current use:
RIPv1 defined in RFC 1058
- The RIP routing messages are specified by IP destination network and hop count and not
include the concept of subnets.
- The RIP routing messages are broadcast to all stations on the attached network.
Page 24
Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
24
RIPv2 defined in RFC 1723
- The RIP routing messages are extended to include subnet mask and gateway
information.
- For network traffic, the RIP routing message is sent to a multicast address.
- Add an authentication scheme to improve security for updating route tables.
RIPv2 enhancements defined in RFC 2453
- An implementation of RIP must use simple split horizon and use spilt horizon with
poisoned reverse.
- An implementation of RIP must implement triggered update for deleted routes and may
implement triggered updates for new routes or change of routes. RIP implementations
must also limit the rate at which triggered updates may be transmitted.
- An implementation of RIP should support host routes.
The PRIMERGY BX600 Managed Switch supports both versions of RIP.
BOOTP/DHCP Relay Agent
In the majority of network configurations, BOOTP/DHCP clients and their associated
servers do not reside on the same IP network or subnet. Therefore, some kind of third-party
agent is required to transfer BOOTP/DHCP messages between clients and servers. Such an
agent is known as a "BOOTP/DHCP relay agent”.
PRIMERGY BX600 Relay Agent also will support to relays BOOTP and DHCP requests.
The agent relays requests from a subnet without a BOOTP/DHCP server to a server or
next-hop agent on another subnet. BOOTP/DHCP relay agent only processes BOOTP/DHCP
messages and generates new BOOTP/DHCP messages as a result.
Virtual Router Redundancy Protocol (VRRP)
PRIMERGY BX600 supports Virtual Router Redundancy Protocol (VRRP) is designed to
provide backup for the failing router without requiring any action on the part of the end station.
It is based on the concept of having more than one router recognize the same IP address. One
of the routers is elected the “master” router and handles all traffic sent to the specified virtual
router IP address. If the master router fails, one of the backup routers will be elected in its place,
and will start handling traffic sent to the address. This change will be transparent to end
stations.
VRRP increases the availability of the default path without requiring configuration of
dynamic routing or router discovery protocols on every end station. The greater default path
availability is accomplished by using any of the virtual router IP addresses on the LAN as the
default first hop router for the end stations. Multiple virtual routers can be defined on a single
router interface on, but only one IP address can be assigned to a given virtual router.
Router Discovery
The router discovery messages do not constitute a routing protocol. Instead, the router
discovery messages enable hosts to discover the existence of neighboring routers through the
use of router advertisement. Router advertisement is unsuitable for determining the best route
to a particular destination. If a host chooses a poor first-hop router for a particular destination, it
should receive an Internet Control Message Protocol (ICMP) Redirect from that router,
identifying a better one.
Page 25
Features of the Switch Introduction
Lan Switch and Router Blade
25
PRIMERGY BX600 router discovery, a router periodically multicasts a Router
Advertisement from each of its multicast interfaces, announcing the IP address(es) of that
interface. Hosts discover the addresses of their neighboring routers simply by listening for
advertisements. Since a host knows the address of its neighbors, the host can send IP data
grams beyond its directly attached subnet.
Virtual LAN (VLAN) Routing
PRIMERGY BX600 incorporates both 802.1Q VLAN bridging and routing functions. The
internal bridging function can be an interface to the routing function and the routing function
can be an interface to the bridging function will support. Even though PRIMERGY BX600
supports both 802.1Q VLAN bridging and routing functions, each port cannot operate as both a
router port and an 802.1Q bridge port.
When a port is enabled for bridging (the default) rather than routing, all normal bridge
processing is performed for an inbound packet associated with a VLAN. Its MAC Destination
Address (DA) and VLAN ID are used to search the MAC address table and the packet was
forwarded depend on MAC table. If routing is enabled for the VLAN and the MAC DA of an
inbound unicast packet is that of the internal bridge-router interface, the packet will be routed.
An inbound multicast packet will be forwarded to all ports in the VLAN, plus the internal
bridge-router interface if it was received on a routed VLAN.
Route Redistribution
Route Redistribution allows routers running different routing protocols to exchange routing
information on the network. A route redistribution implementation must consider that different
routing protocols use different ways of expressing the distance to a destination. Also routing
metrics in different protocols may have different formats and allow a different range of values.
For example,
the RIP route metric is a single integer from 1 to 16.
the OSPF route metric is a 24 bit integer.
PRIMERGY BX600 implementation of route redistribution has the following configuration
characteristics:
- For each routing protocol (OSPF, RIP), the administrator may specify which routes are
redistributed (OSPF, RIP, static, connected).
- When OSPF redistributes, the administrator may optionally specify a metric, metric type
(external type 1 or external type 2), and a tag value. The administrator may specify whether
OSPF redistributes subnetted routes.
- When RIP redistributes, the administrator may optionally specify a metric. When RIP
redistributes from OSPF, the administrator may specify one or more types of OSPF routes to
be accepted. Valid values are internal, external 1, external 2, NSSA external 1, and NSSA
external 2.
- For each pair of source and destination routing protocols, the administrator may optionally
specify an access list to filter routes by destination address and mask.
Route Preferences
Use route preference to configure the default preference for each protocol (e.g. 60 for
Page 26
Features of the Switch Introduction
Lan Switch and Router Blade
26
static routes, 150 for OSPF Type-2). These values are arbitrary values in the range of 1 to
255 and are independent of route metrics. Most routing protocols use a route metric to
determine the shortest path known to the protocol, independent of any other protocol.
The best route to a destination is selected by using the route with the lowest preference
value. When there are multiple routes to a destination, the preference values are used to
determine the preferred route. If there is still a tie, the route with the best route metric will be
chosen. To avoid problems with mismatched metrics (i.e. RIP and OSPF metrics are not
directly comparable) you must configure different preference values for each of the protocols.
The reference configure value is below
• Static - The static route preference value in the router. The default value is 1. The range is 1 to
255.
• OSPF Intra - The OSPF intra route preference value in the router. The default value is 8. The
range is 1 to 255. The OSPF specification (RFC 2328) requires that preferences must be given
to the routes learned via OSPF in the following order: intra < inter < type-1 < type-2.
• OSPF Inter - The OSPF inter route preference value in the router. The default value is 10. The
range is 1 to 255. The OSPF specification (RFC 2328) requires that preferences must be given
to the routes learned via OSPF in the following order: intra < inter < type-1 < type-2.
• OSPF Type-1 - The OSPF type-1 route preference value in the router. The default value is 13.
The range is 1 to 255. The OSPF specification (RFC 2328) requires that preferences must be
given to the routes learned via OSPF in the following order: intra < inter < type-1 < type-2.
• OSPF Type-2 - The OSPF type-2 route preference value in the router. The default value is 150.
The range is 1 to 255. The OSPF specification (RFC 2328) requires that preferences must be
given to the routes learned via OSPF in the following order: intra < inter < type-1 < type-2.
• RIP - The RIP route preference value in the router. The default value is 15. The range is 1 to
255.
Open Shortest Path First (OSPF)
The Open Shortest Path First (OSPF) protocol uses within larger autonomous networks in
preference to RIP. OSPF is a link-state protocol that multicasts table updates only when a
change has taken place and transmits only the changed portion of the table. To give
preferences to certain routes, OSPF uses both administratively assigned costs for a given
router and link-states as metrics. In addition, OSPF supports variable-length subnet masks.
OSPF can operate within a hierarchy. The largest entity within the hierarchy is the
autonomous system (AS), a collection of networks under a common administration sharing a
common routing strategy. This is sometimes called a
routing domain. An AS can be divided into
a number of areas or groups of contiguous networks and attached hosts. Routers within the
same area share the same information, so they have identical topological databases.
Information is sent in the form of link-state advertisements (LSAs) to all other routers within the
same hierarchical area. An area's topology is not visible to routers outside the area.
Two different types of OSPF routing occur as a result of area partitioning: Intra-area and
Interarea. Intra-area routing occurs if a source and destination are in the same area. Inter-area
routing occurs when a source and destination are in different areas. An OSPF backbone
distributes information between areas.
PRIMERGY BX600 supports OSPF version 2 in accordance with RFC 2328. PRIMERGY
BX600 also provides a compatibility mode for the RFC 1583 OSPF specification, which allows
interoperability with OSPF version 2 routers using the older implementation.
Page 27
Features of the Switch Introduction
Lan Switch and Router Blade
27
DNS and DNS Relay
The DNS protocol controls the Domain Name System (DNS), a distributed database with
which you can map host names to IP addresses. When you configure DNS on your switch, you
can substitute the host name for the IP address with all IP commands, such as ping, telnet,
traceroute, and related Telnet support operations.
To keep track of domain names, IP has defined the concept of a domain name server,
which holds a cache (or database) of names mapped to IP addresses. To map domain names
to IP addresses, you must first identify the host names, specify the name server that is present
on your network, and enable the DNS.
DNS relay acts as a forwarder between the DNS Clients and the DNS Servers.
PRIMERGY BX600 DNS Relay designed for home/office users that don’t need to know name
server also can access to Internet. Only setting DNS server on client station points toward that
switch.
IP Multinetting
PRIMERGY BX600 support an IP Multinetting function. It is the process of configuring
more than one IP address on a network interface. IP Multinetting is also synonymously called
IP Aliasing or Secondary Addressing. Typical uses of IP Multinetting are:
Reorganizing servers with no other machine updates.
Virtual hosting of Web and FTP servers
2.1.8 IP Multicast Features
IGMPv3
Internet Group Management Protocol (IGMP) is the multicast group membership
discovery protocol. Three versions of IGMP exist. Versions 1 and 2 are widely deployed. Since
IGMP is used between end systems (often desktops) and the multicast router, the version of
IGMP required depends on the end-user operating system being supported. Any
implementation of IGMP must support all earlier versions.
The following list describes the basic operation of IGMP, common to all versions. A
multicast router can act as both an IGMP host and an IGMP router and as a result can respond
to its own IGMP messages. The PRIMERGY BX600 implementation of IGMPv3 supports the
multicast router portion of the protocol (i.e. not the host portion). It is backward compatible with
IGMPv1 and IGMPv2.
PRIMERGY BX600 IGMPv3 the multicast router function is below:
1. One router periodically broadcasts IGMP Query messages onto the network.
2. Hosts respond to the Query messages by sending IGMP Report messages indicating
their group memberships.
3. All routers receive the Report messages and note the memberships of hosts on the
network.
4. If a router does not receive a Report message for a particular group for a period of
time, the router assumes there are no more members of the group on the network.
Page 28
Features of the Switch Introduction
Lan Switch and Router Blade
28
All IGMP messages are raw IP data grams, and are sent to multicast group addresses,
with a time to leave (TTL) of 1. Since raw IP does not provide reliable transport, some
messages are sent multiple times to aid reliability.
IGMPv3 is a major revision of the protocol and provides improved group membership
latency. When a host joins a new multicast group on an interface, it immediately sends an
unsolicited IGMP Report message for that group. IGMPv2 introduced a Leave Group message,
which is sent by a host when it leaves a multicast group for which it was the last host to send an
IGMP Report message. Receipt of this message causes the Querier possibly to reduce the
remaining lifetime of its state for the group, and to send a group-specific IGMP Query message
to the multicast group. The Leave Group message is not used with IGMPv3, since the source
address filtering mechanism provides the same functionality.
IGMPv3 also allows hosts to specify the list of hosts from which they want to receive traffic.
Traffic from other hosts is blocked inside the network. It also allows hosts to block packets for
all sources sent unwanted traffic.
IGMPv3 adds the capability for a multicast router to learn which sources are of interest to
neighboring systems for packets sent to any particular multicast address. This information
gathered by IGMP is provided to the multicast routing protocol (i.e. DVMRP, PIM-DM, and
PIM-SM) that is currently active on the router in order to ensure multicast packets are delivered
to all networks where there are interested receivers.
Protocol Independent Multicast – Dense Mode (PIM-DM)
Protocol Independent Multicast (PIM) protocols are not dependent on any particular
unicast routing protocols to construct forwarding information for multicast packets, although
unicast information is needed for forwarding packets. The Dense Mode version of PIM is most
appropriate for networks with relatively plentiful bandwidth and with at least one multicast
member in each subnet.
PIM-DM assumes that all hosts are part of a multicast group and forwards packets to hosts
until informed that group membership has changed. A group membership change results in the
multicast delivery tree being pruned.
The PIM-DM protocol operates as follows:
1. The first message for any (source, group) pair is forwarded to the entire multicast
network, with respect to the time-to-live (TTL) value in the packet.
2. TTL restricts the area flooded by the packet.
3. All leaf routers with no members in a directly attached subnet send prune messages
to the upstream router.
4. Any branch for which a prune message is received is deleted from the delivery tree.
PRIMERGY BX600 will use PIM-DM’s RPF to correctly forward message. PIM-DM
Reverse Path Forwarding (RPF), which is the fundamental concept in multicast routing that
enables routers to correctly forward multicast messages down the distribution tree. RPF makes
use of the existing unicast routing table to determine the upstream and downstream neighbors
and build a source-based shortest-path distribution tree. A router forwards a multicast
message only if the multicast message is received on the upstream interface. This RPF check
helps to guarantee that the distribution tree will be loop-free.
The multicast messages contain the source and group information so that downstream
routers can build up their multicast forwarding tables. If the source goes inactive, the tree is
torn down. Multicast messages arriving at a router over the proper receiving interface (i.e., the
interface that provides the shortest path back to the source) are forwarded on all downstream
interfaces until unnecessary branches of the tree are explicitly pruned. In addition to the prune
messages, PIM-DM uses graft messages and assert messages. Graft messages are used
Page 29
Features of the Switch Introduction
Lan Switch and Router Blade
29
when a new host wants to join a group, and assert messages are used to shut off duplicate
flows.
PRIMERGY BX600 PIM-DM can be enabled but will only become operational when both
routing and IGMP are enabled and operational.
Protocol Independent Multicast – Sparse Mode (PIM-SM)
Protocol Independent Multicast sparse mode (PIM-SM), like PIM dense mode (PIM-DM),
uses the unicast routing table to perform the Reverse Path Forwarding (RPF) check function
instead of maintaining a separate multicast route table. Therefore, regardless of which unicast
routing protocol(s) is (are) used to populate the unicast routing table (including static routes),
PIM-SM uses this information to perform multicast forwarding; hence, it too is protocol
independent.
The unicast routing table is used to determine the path that PIM control messages such as
Join messages take to get to the source subnet, and data flows along the reverse path of the
Join messages. Based on received Join/Prune messages, routers maintain a set of mappings
between the incoming interfaces and outgoing interfaces for each known multicast group.
PIM-SM uses two scenarios in the network for building information trees, which are used
for inter-domain routing. They are
- Source sending data for a multicast group
- Receiver of a multicast group requesting data
In both the above scenarios PIM-SM makes use of the following concepts
Rendezvous Point (RP): RP is the root of a shared distribution tree down which all multicast
traffic flows.
Designated Router (DR): DR is responsible for sending 'Join' messages to the RP for
members on the network and for sending 'Register' messages to the RP for sources on the
network.
PIM-SM is used to efficiently route multicast traffic to multicast groups that may span wide
area networks and where bandwidth is a constraint. PIM-SM uses shared trees by default and
implements source-based trees for efficiency this data threshold rate is used to toggle between
trees. PIM-SM assumes that no hosts want the multicast traffic unless they specifically ask for
it. It creates a shared distribution tree centered on a defined “rendezvous point” (RP) from
which source traffic is relayed to the receivers. Senders first send the multicast data to the RP,
which in turn sends the data down the shared tree to the receivers. Shared trees centered on a
RP do not necessarily provide the shortest/optimal path. In such cases PIM-SM provides a
means to switch to more efficient source specific trees.
The PRIMERGY BX600 IP Multicast implementation of PIM-SM supports both automatic
RP router election and user specified RP designation.
Automatic RP determination
The RP for a given IP group address (G) may be determined by the protocols specified in
section 2.6 of RFC 2362. PRIMERGY BX600 supports these protocols.
Static RP designation
The user may specify which router shall be the RP for a given IP group address via the
user interface. This information will be used to designate the RP for the group if no
information for the group address has been obtained via the automatic RP determination
protocols. Note that if the router learns of an RP for a group via the automatic mechanism
Page 30
Features of the Switch Introduction
Lan Switch and Router Blade
30
it will take priority over a static designation.
Source Sending Data
As soon as an active source sends a packet to the DR that is attached to this source, the DR is
responsible for “Registering” this source with the RP and requesting the RP to build a tree back
to that DR. The DR encapsulates the multicast data from the source in a special PIM-SM
message called the 'Register message' with the multicast data encapsulated in the message.
After the sources register with the RP the data is forwarded down the shared tree to the
receivers.
Receiver Requesting Data
PIM Sparse mode uses the explicit join model whereby; the receivers send PIM Join messages
to a designated “Rendezvous Point” (RP). In order to join a multicast group G, a host (receiver)
conveys the membership information through the IGMP to DR. When a DR gets a membership
indication from IGMP for a new group, DR looks up the RP associated to the group and sends
a join message to the RP.
The router can switch to a source's shortest path tree (SP- tree) if the data rate of packets
received from a specific source over the shared tree exceeds the threshold value during a
specified time interval. The routers (RP and the last hop DR of the receiver) dynamically create
a source specific shortest path tree using Join/Prune messages and stop traffic from flowing
down the shared RP tree (using Register Stop Messages when the RP has no downstream
receivers for the group or that particular source) when the data rate reaches a threshold value.
Distance Vector Multicast Routing Protocol (DVMRP)
The Distance Vector Multicast Routing Protocol (DVMRP) is a hop-based method of
building multicast delivery trees from multicast sources to all nodes of a network. The delivery
trees are built by pruned and grafted messages, therefore the tree is shortest path to multicast
source and is relatively efficient. The multicast group information forward by a distance-vector
algorithm, therefore, the propagation is slow. DVMRP is used for optimized high delay (high
latency) relatively low bandwidth networks.
DVMRP resembles the Routing Information Protocol (RIP). The DVMRP module
exchanges probe packets and report packet with the multicast group member hosts sitting in
the directly connected network. Based on the information exchange, the DVMRP module
creates a database (multicast routing table) for each of the interfaces in the multicast router.
The database consists of information types as:
Multicast group entries
Timers
Counters
Flags
Dependencies
States
The multicast router uses the database of information to route multicast packets from the
source (that is not sitting in the same LAN as the hosts) to the member hosts.
Page 31
Features and Benefits Introduction
Lan Switch and Router Blade
31
2.2 Description of Hardware
Ethernet Switch Module Port Configurations
PRIMERGY BX600 Front Panel Port Description
The PRIMERGY BX600 Ethernet Switch Module contains 6 Gigabit Ethernet ports and two
10G Ethernet port for connecting to the network and 10 Gigabit Ethernet ports for connecting
PRIMERGY BX Blade Server management MMB modules.
The six Gigabit Ethernet ports can operate at 10, 100 or 1000 Mbps. These ports support auto
negotiation, duplex mode (Half or Full duplex), and flow control. The 10 Gigabit Ethernet ports
that connect to server modules can only operate at 1000 Mbps, full-duplex. These 10 ports also
support flow control. The two 10G port for XFP & CX4 interface is up-link.
The following figure illustrates the PRIMERGY BX600 front panel.
Figure 1. PRIMERGY BX600 Front Panel
2.2.1 Ethernet Ports
Up-link Ports
Six external RJ-45 ports support IEEE 802.3x auto-negotiation of speed, duplex mode, and
flow control. Each port can operate at 10 Mbps, 100 Mbps and 1000 Mbps, full and half duplex,
and control the data stream to prevent buffers from overflowing. The up-link ports can be
connected to other IEEE 802.3ab 1000BASE-T compliant devices up to 100 m (328 ft.) away
using Category 5 twisted-pair cable. These ports also feature automatic MDI/MDI-X operation,
so you can use straight-through cables for all connections. The 10 G CX4 module is the
standard infiniband. The other XFP will support the single and dual mode. These up-link ports
are named g11 – g18 in the configuration interface.
Note – Note that when using auto-negotiation, the speed, transmission mode and flow control
can be automatically set if this feature is also supported by the attached device. Otherwise,
these items can be manually configured for any connection.
Note – Auto-negotiation must be enabled for automatic MDI/MDI-X pin-out configuration.
Internal Ports
The switch also includes 10 internal 1000BASE-X Gigabit Ethernet ports that connect to the
server blades in the chassis. These ports are fixed at 1000 Mbps, full duplex. The internal ports
are named g1 – g10 in the configuration interface.
Page 32
Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
32
2.2.2 Status of LEDs
The front panel contains light emitting diodes (LED) that indicate the status of links, and switch
diagnostics.
Port LEDs
Each of uplink port has two LED indicators.
One Gbe Port LED definition:
LED Color Function
Orange Port Link at 1000 Mbps
Green Port Link at 100 Mbps
LED-A
(Speed)
Off Port Link at 10 Mbps
Yellow Network Link
Yellow Blink Network Activity
LED-B
(Link/Activity)
Off No Network Link or port disable
Power, Manage, 10GbE Port of LED indicator :
LED Color Function
TOP Green Power LED
Middle 2 Green Identify LED
Middle 1 Green 10GbE-XFP Port Link/Activity
BUTTOM Green 10GbE-CX4 Port Link/Activity
System LED
There is one Ethernet Switch Module system LED with dual functions, controlled by MMB for
error status reporting and blade identification. Different flashing frequencies are used to
indicate the different functions. There are two functions, identification and error reporting, with
identification having a higher priority than error reporting.
NOTE: If there is an error and the identification function is activated, the LED still functions as
an identification LED. The LED can only be disabled by the MMB with a 255 seconds timeout. If
an error is happening, the LED for error reporting will always be flashing and cannot be turn off.
The following table describes the system LED indications.
Page 33
Features and Benefits Introduction
Lan Switch and Router Blade
33
2.3 Features and Benefits
2.3.1 Connectivity
l
10 internal Gigabit ports for easy network integration of your server cards
l
6 external 1000BASE-T Gigabit ports for uplinking to the corporate network
l
Support for auto MDI/MDI-X on external ports allows any connections to be made with straight-through
cable (with auto-negotiation enabled)
l
Auto-negotiation enables each port to automatically select the optimum speed (10, 100 or 1000 Mbps)
and communication mode (half or full duplex) if this feature is supported by the attached device; otherwise
the port can be configured manually
l
IEEE 802.3ab Gigabit Ethernet compliance ensures compatibility with standards-based
networkcards and switches from any vendor
2.3.2 Performance
l
Transparent bridging
l
Aggregate bandwidth up to 32 Gbps
l
Switching Ta bl e with 16K MAC address entries
l
Filtering and forwarding at line speed
l
Non-blocking switching architecture
2.3.3 Management
l
Telnet, SNMP/RMON and Web-based interface
l
Spanning Tr ee Protocol for redundant network connections, with rapid port reconfiguration (i.e., fast
forwarding setup)
l
VLAN support for 32 groups, port-based or with 802.1Q VLAN tagging
l
Quality of Service (QoS) supported with four separate queues
l
Multicast Switching based on IGMP (Internet Group Management Protocol) Snooping and Multicast
Filtering
l
Broadcast storm suppression
l
Por t mirroring
l
Link aggregaton
l
Management access security provided with username/password, and SNMP community names
Page 34
Notational Conventions
Introduction
Lan Switch and Router Blade
34
2.4
Notational Conventions
The meanings of the symbols and fonts used in this manual are as follows:
!
CAUTION!
Pay particular attention to texts marked with this symbol.
Failu re
to
observe this warning endangers your life, destroys the system,
or may lead to loss of data.
“Quotation marks”
indicate names of chapters and terms that are being emphasized
i
This symbol is followed by supplementary information, remarks and tips.
Page 35
Ta r g e t Group
Introduction
Lan Switch and Router Blade
35
2.5
Target Group
This manual is intended for those responsible for installing and configuring network connections. This
manual contains all the information required to configure the switch blade.
Page 36
Technical Data
Introduction
Lan Switch and Router Blade
36
2.6
Technical Data
Electrical data
Operating
voltage
+12 VDC@3Amax
Maximum current
11Amax@3.3 VDC
National
and international standards
Product safety
IEC 60950 / EN 60950 / UL 1950, CSA
22.2 No. 950
Electromagnetic compatibility
Interference emission
Harmonic current
flicker
Interference immunity
FCC class A
Industry Canada class A
EN60005-2
class
A
EN60005-3
VCCI class A
AS / NZS 3548 class A
EN 55022
EN 6100-3-2 JEIDA
EN 61000-3-3
EN 55024,
EN 61000-4-2/3/4/5/6/8/11
CE certification to EU
directives:
73/23/EEC (low voltage directive)
89/336/EEC
(Electromagnetic
Compatibility )
Dimensions
Length
242 mm
Height
110 mm
Page 37
Technical Data
Introduction
Lan Switch and Router Blade
37
Environmental conditions
Environment class 3K2
Environment class 2K2
DIN IEC 721 part 3-3
DIN IEC 721 part 3-2
Temperature:
– Operating (3K2)
– Transport (2K2)
0 °C .... 50 °C
-40 °C .... 70 °C
Humidity 10 ... 90%
Condensation while operating must be avoided.
Page 38
Introduction to Switching
Network Planning
Lan Switch and Router Blade
38
3 Network Planning
3.1
Introduction to Switching
A network switch allows simultaneous transmission of multiple packets via non- crossbar
switching. This means that it can partition a network more efficiently than bridges or routers.
The switch has, therefore, been recognized as one of the most important building blocks for
today’s networking technology.
When performance bottlenecks are caused by congestion at the network access point
(e.g., the network card for a high-volume file server), the device experiencing the congestion
(e.g., a server or user) can be attached directly to a switched port. This allocates the full
bandwidth of the Ethernet segment to the devices attached to a single port on the switch. And,
when operating at full- duplex, the bandwidth of the dedicated segment can be doubled to
further maximize throughput.
When networks are based on repeater (hub) technology, the maximum distance between
end stations is limited. For traditional Ethernet, there may be up to four hubs between any pair
of stations; for Fast Ethernet, the maximum is two. This is known as the hop count. However, a
switch turns the hop count back to zero, subdividing the network into smaller and more
manageable segments, and linking them to the larger network by means of a switch, thereby
removing this limitation.
The Switch Blade can be easily configured into any Ethernet network to signifi- cantly boost
bandwidth, while using conventional cabling and network cards.
Page 39
Sample Applications
Network Planning
Lan Switch and Router Blade
39
3.2
Sample Applications
The switch is designed to consolidate your network core providing high- bandwidth
connections between the server chassis and workgroup switches. Some typical
applications are described in this section.
3.2.1 Backbone Connection
The switch can connect to the network backbone or other key sites over highspeed Gigabit Ethernet links, increasing overall bandwidth and throughput.
In the figure below, the uplink ports are providing 2 Gbps full-duplex connectivity to the
corporate backbone, to the Internet, and to other servers.
...
Figure 2: Backbone Connection
3.2.2 Making VLAN Connections
This switch supports Virtual LANs (VLANs) which can be used to organize any
group
of
network nodes into separate broadcast domains. VLANs confine broadcast
traffic to the originating group, and can eliminate broadcast storms in large networks.
This provides a more secure and cleaner network environment.
VLANs can be based on untagged port groups, or traffic can be explicitly taggedto
Page 40
Sample Applications
Network Planning
Lan Switch and Router Blade
40
i
identify the VLAN group to which it belongs. Untagged VLANs can be used for
small networks attached to a single switch. However, tagged VLANs should be used for
larger networks, and all the VLANs assigned to the inter-switch links.
Figure 3:
Making Vlan Connection
When connecting to a switch or other network device that does not
support IEEE 802.1Q VLAN tags, use untagged ports.
Page 41
Connecting to 1000BASE-T Devices
Making Network Connections
Lan Switch and Router Blade
41
i
i
4 Making Network Connections
The Switch Blade connects server boards installed inside the system to a common switch fabric,
and also provides three external ports for uplinking to external IEEE 802.3ab compliant devices.
For most applications, the external ports on the switch will be connected to other switches in the
network backbone.It may also be connected directly to Gigabit Ethernet network cards in PCs
or servers.
Before
connecting cables, you may want to first configure the Spanning Tree Protocol to
avoid network loops. Refer to “Spanning Tree Protocol Configuration” on page 60 for
more information.
4.1
Connecting to 1000BASE-T Devices
The data ports on the switch operate at 10 Mbps, 100 Mbps, and 1000 Mbps, full and half
duplex, with support for auto-negotiation of speed, duplex mode and flow control. Yo u can
connect any data port on the switch to any server or workstation, or uplink to a network device
such as another switch or a router. The 1000BASE-T standard uses four pairs of Category 5
twisted-pair cable for connections up to a maximum length of 100 m (328 feet).
For 1000 Mbps operation, you should first test the cable installation for IEEE 802.3ab
1000BASE-T compliance. See “1000BASE-T Cable Requirements” on page 34 for more
information.
1. Prepare the devices you wish to network. For 1000 Mbps operation, make sure that
servers and workstations have installed 1000BASE-T network interface cards. Other
network devices should have RJ-45 ports that comply with the IEEE 802.3ab 1000BASE-T
standard.
2. Prepare shielded or unshielded twisted-pair cables (straight-through or crossover) with
RJ-45 plugs at both ends. Use 100-ohm Category 5
(Category 5e or better is recommended) cable for 1000 Mbps Gigabit
Ethernet connections.
3. Connect one end of the cable to the RJ-45 port on the other device, and the other end to
any available RJ-45 port on the switch. When inserting an RJ-45 plug, be sure the tab on the
plug clicks into position to ensure that it is properly seated.
Page 42
1000BASE-T Cable Requirements
Making Network Connections
Lan Switch and Router Blade
42
!
i
Do not plug a phone jack connector into any RJ-45 port. This may
damage the switch. Instead, use only twisted-pair cables with RJ-45
connectors that conform with FCC standards.
For 1000 Mbps operation, all four wire pairs in the cable must be connected. When
auto-negotiation is enabled, the 1000BASE-T ports support the auto MDI/MDI-X feature,
which means that at any operating speed (10, 100, or 1000 Mbps), either straight-through
or crossover cables can be used to connect to any server, workstation, or other network
device. Make sure each twisted-pair cable does not exceed
100 meters (328 feet). (Note that auto-negotiation must be enabled to support auto
MDI/MDI-X.)
4.2
1000BASE-T Cable Requirements
All Category 5 UTP cables that are used for 100BASE-TX connections should also work for
1000BASE-T, providing that all four wire pairs are connected. However, it is recommended that
for all critical connections, or any new cable installations, Category 5e (enhanced Category 5)
cable should be used. The Category 5e specification includes test parameters that are only
recommenda- tions for Category 5. Therefore, the first step in preparing existing Category 5
cabling
for running 1000BASE-T is a simple test of the cable installation to be sure that it
complies with the IEEE 802.3ab standards.
4.2.1 Cable Testing for Existing Category 5 Cable
Installed Category 5 cabling must pass tests for Attenuation, Near-End Crosstalk (NEXT), and
Far-End Crosstalk (FEXT). This cable testing infor- mation is specified in the
ANSI/TIA/EIA-TSB-67 standard. Additionally, cables must also pass test parameters for Return
Loss and Equal-Level Far-End Crosstalk (ELFEXT). These tests are specified in the
ANSI/TIA/EIA-TSB-95Bulletin, “The Additional Transmission Performance Guidelines for 100
Ohm 4- Pair Category 5 Cabling”.
Note that when testing your cable installation, be sure to include all patch cables between
switches and end devices.
Page 43
1000BASE-T Pin Assignments
Making Network Connections
Lan Switch and Router Blade
43
4.2.2 Adjusting Existing Category 5 Cabling for 1000BASE-T
If your existing Category 5 installation does not meet one of the test parameters for
1000BASE-T, there are basically three measures that can be applied to try and correct the
problem:
1. Replace any Category 5 patch cables with high-performance Category 5e cables.
2. Reduce the number of connectors used in the link.
3. Reconnect some of the connectors in the link.
4.3
1000BASE-T Pin Assignments
1000BASE-T ports support automatic MDI/MDI-X operation, so you can use straight-through
cables for all network connections to PCs or servers, or to other switches. (Auto-negotiation
must be enabled to support auto MDI/MDI-X.)
The table below shows the 1000BASE-T MDI and MDI-X port pinouts. These ports require
that all four pairs of wires be connected. Note that for 1000BASE-T operation, all four pairs of
wires are used for both transmit and receive.
Use 100-ohm Category 5 or 5e unshielded twisted-pair (UTP) or shielded twisted-pair (STP)
cable for 1000BASE-T connections. Also be sure that the length of any twisted-pair
connection does not exceed 100 meters (328 feet).
Page 44
Overview Configuration the Switch Blade Module
Lan Switch and Router Blade
44
5 Configuration the Switch Blade Module
This section contains information about Ethernet Switch Module unpacking, installation, and
cable connections.
5.1 Overview
The Ethernet Switch Module is inserted in the PRIMERGY BX Blade Server which is a modular
server system that can integrates up to 10 processor blades and four Ethernet Switch Modules.
Package Contents
While unpacking the Ethernet Switch Module, ensure that the following items are included:
• The Ethernet Switch Module
• Documentation CD
Unpacking the Ethernet Switch Module
To unpack the Ethernet Switch Module:
NOTE: Before unpacking the Ethernet Switch Module, inspect the package and report any
evidence of damage immediately.
NOTE: An ESD strap is not provided, however it is recommended to wear one for the following
procedure.
1 Open the container.
2 Carefully remove the Ethernet Switch Module from the container and place it on a secure and
clean surface.
3 Remove all packing material.
4 Inspect the Ethernet Switch Module for damage. Report any damage immediately.
NOTE: The illustrations in this document might differ slightly from actual switch blade and
chassis.
Page 45
Connecting the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
45
5.2 Connecting the Ethernet Switch Module
Before configuring the Ethernet Switch Module, PRIMERGY BX Blade Server console port
must be connected to the Ethernet Switch Module. To connect PRIMERGY BX Blade Server
console port to the Ethernet Switch Module, perform the following:
1. Mount the Ethernet Switch Module.
On the console monitor the MMB application displays a login screen.
The Ethernet Switch Module bootup screen is displayed.
Welcome to Management Blade 1.62F
<Username>:
+-----------------------------------------------------------------------------+
| Console Menu |
+-----------------------------------------------------------------------------+
(1) Management Agent
(2) Emergency Management Port
(3) Console Redirection
(4) TFTP update
(5) Logout
(6) Reboot Management Blade
(7) System Information Dump
Enter selection: 5
+-----------------------------------------------------------------------------+
| Logout!!! |
+-----------------------------------------------------------------------------+
ATE0
ATE0
2. Enter the provide and password. The console menu is displayed.
Welcome to Management Blade 1.62F
<Username>:root
<Password>:****
+-----------------------------------------------------------------------------+
| Console Menu |
+-----------------------------------------------------------------------------+
(1) Management Agent
(2) Emergency Management Port
(3) Console Redirection
(4) TFTP update
Page 46
Connecting the Ethernet Switch Module Configuration the Switch Blade Module
Lan Switch and Router Blade
46
(5) Logout
(6) Reboot Management Blade
(7) System Information Dump
Enter selection: 3
3. Select (3) Console Redirection. The Console Redirection Table is displayed.
+-----------------------------------------------------------------------------+
| Console Redirection Table |
+-----------------------------------------------------------------------------+
(1) Console Redirect Server Blade
(2) Console Redirect Switch Blade
(3) Set Return Hotkey , Ctrl+(a character) : Q
Enter selection or type (0) to quit: 2
+-----------------------------------------------------------------------------+
| Console Redirect Switch Blade |
+-----------------------------------------------------------------------------+
Enter selection or type (0) to quit: 0
4. Select (2) Console Redirection Switch Blade
+-----------------------------------------------------------------------------+
| Console Redirection Table |
+-----------------------------------------------------------------------------+
(1) Console Redirect Server Blade
(2) Console Redirect Switch Blade
(3) Set Return Hotkey , Ctrl+(a character) : Q
Enter selection or type (0) to quit: 2
+-----------------------------------------------------------------------------+
| Console Redirect Switch Blade |
+-----------------------------------------------------------------------------+
(1) Console Redirect Switch Blade_1
Enter selection or type (0) to quit: 1
Press <Ctrl+Q> Return Console Menu
Page 47
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
47
5.3 Start up and Configuration the Ethernet Switch Module
It’s important to understand the Ethernet Switch Module architecture when configuring the
Ethernet Switch Module. The Ethernet Switch Module has two types of ports. One type is for
interfacing the Ethernet Switch Module with PRIMERGY BX Blade Server, and the other type
are regular Ethernet ports used for connecting PRIMERGY BX Blade Server to the network.
The Ethernet Switch Module module is connected to PRIMERGY BX Blade Server
(Management Board) MMB through 10 internal ports called the Internal Ports. The maximum
link speed through the Internal Ports is 1 Gigabit per port. The port configuration ID’s are g1 to
g10. To connect the Ethernet Switch Module module to the network there are eight PHY based
ports called the External ports. The external six ports are 10/100/1000 Base-T Ethernet ports.
The two 10G modules are CX4 or XFP interface. The port configuration ID’s are g11 to g18.
The default configuration of the internal and external ports are as follows:
Table 4-1. Port Default Settings
Page 48
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
48
Figure 4-1. Installation and Configuration Flow
5.4 Configuring the Terminal
To configure the device, the station must be running terminal emulation software. Ensure that
switch module is correctly mounted and is connected to the chassis serial port. Ensure that the
terminal emulation software is set as follows: Connect PRIMERGY BX Blade Server serial port
to the Ethernet Switch Module.
NOTE:
1. The default data rate is 115200. No other data rate is required for initial configuration.
2. Sets the data format to 115200 baudrate 115200,8 data bits, 1 stop bit, and no parity.
3. Sets Flow Control to none.
4. Under Properties, select VT100 for Emulation mode.
5. Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that the setting is for
Terminal keys (not Windows keys).
For accessing switch module from terminal perform following steps:
Page 49
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
49
1. Connect your terminal to the serial port of the Chassis.
2. Power up the Chassis and observe booting information (if Chassis is running press <Enter>
few times to ensure that terminal connection is successful).
5.5 Booting Device
• The device is delivered with a default configuration.
• The device is not configured with a default user name and password.
After connecting the PRIMERGY BX Blade Server serial port to the Ethernet Switch Module,
When the Ethernet Switch Module is connected to the local terminal, the device Ethernet
Switch Module goes through Power On Self Test (POST). POST runs every time the device is
initialized and checks hardware components to determine if the device is fully operational
before completely booting. If a critical problem is detected, the program flow stops. If POST
passes successfully, a valid executable image is loaded into RAM. POST messages are
displayed on the terminal and indicate test success or failure.
As the device boots, the bootup test first counts the device memory availability and then
continues to boot. The following screen is an example of the displayed POST:
------------ Performing Power-On Self Tests (POST) --------------
System SDRAM Test..........…………….........PASS
CPU Self Test......................………………….PASS
UART Loopback Test.................……………..PASS
Flash Memory Initialize............……………….PASS
Flash Memory Checksum Test.........………...PASS
PCI Bus Initialize and Test........………………PASS
System Timer Test..................………………..PASS
---------------Power-On Self Test Completed---------------------------
The boot process runs approximately 60 seconds.
The auto-boot message displayed at the end of POST (see the last lines) indicates that no
problems were encountered during boot. During the BootROM Back Door Command Line
Interface can be used to run special procedures. To enter the BootROM Back Door CLI
menu, press <Ctrl-B> within the first two seconds after the auto-boot message is displayed. If
the system boot process is not interrupted by pressing <Ctrl-B>, the process continues
decompressing and loading the code into RAM. The code starts running from RAM and the list
of numbered system ports and their states (up or down) are displayed. After the device boots
Page 50
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
50
successfully, a system prompt is displayed ((FSC Routing) #) which is used to configure the
device. However, before configuring the device, ensure that the latest software version is
installed on the device. If it is not the latest version, download and install the latest version. For
more information on downloading the latest version see the "Software Download"
5.6 Software Download
5.6.1 In BootROM Back Door CLI
Software Download Using Xmodem Protocol
The software download procedure is performed when a new version must be downloaded to
replace the corrupted files, update or upgrade the system software (system and boot images).
NOTE: The data rate cannot be changed.
To download software from the BootROM CLI:
1. From the BootROM CLI prompt input the following command: xmodem –rb <filename>
2. When using the HyperTerminal, click Transfer on the HyperTerminal Menu Bar.
3. In the Filename field, enter the file path for the file to be downloaded.
4. Ensure that the Xmodem protocol is selected in the Protocol field.
5. Press Send. The software is downloaded.
Erasing the Device Configuration
1. From the BootROM CLI prompt input the following command:
delete <configuration filename>
The following message is displayed:
Are you sure you want to delete <configuration filename> (y/n)?
2. Press Y. The following message is displayed.
Updating partition table, please wait ... Done
Image file <configuration filename> deleted.
3. Repeat the device initial configuration.
Boot Image Download
Loading a new boot image using xmodem protocol and programming it into the flash updates
the boot image. The boot image is loaded when the device is powered on. A user has no
control over the boot image copies. To download a boot image using xmodem protocol:
1. Ensure that the file to be downloaded is saved on the PC host (the img file).
2. Enter BootROM > dir -l command to verify which software version is currently running on
the device. The following is an example of the information that appears:
BootROM > dir -l
type zip def date version name
------------------------------------------------------------------------------loader none yes 2005/12/14 0.4 PRIMERGY BX600-l-0.4.1214.bin
bootrom gzip yes 2005/12/14 0.4 PRIMERGY BX600-b-0.4.1214.biz
runtime gzip yes 2005/01/10 0.5 PRIMERGY BX600-r-q-0.5.0110.biz
Total: 3 files.
3. From the BootROM CLI prompt input the following command: xmodem –rb <filename>
4. When using the HyperTerminal, click Transfer on the HyperTerminal Menu Bar.
5. In the Filename field, enter the file path for the file to be downloaded.
Page 51
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
51
6. Ensure that the Xmodem protocol is selected in the Protocol field.
7. Press Send. The software is downloaded.
8. Enter the reset command. The following message is displayed:
BootROM > reset
Are you sure you want to reset the system (y/n)? y
System Resetting...
9. Enter y. The device reboots.
5.6.2 In Operation Code CLI
Software Download Through TFTP Server
This section contains instructions for downloading device software through a TFTP server. The
TFTP server must be configured before beginning to download the software.
System Image Download
The device boots and runs when decompressing the system image from the flash memory
area where a copy of the system image is stored. When a new image is downloaded, it is
saved in the other area allocated for the other system image copy. On the next boot, the device
will decompress and run the currently active system image unless chosen otherwise.
To download a system image through the TFTP server:
1. Ensure that an IP address is configured on one of the device ports and pings can be sent to
a TFTP server.
2. Make sure that the file to be downloaded is saved on the TFTP server (the img file).
3. Enter (FSC Routing) # show version command to verify which software version is
currently running on the device. The following is an example of the information that
appears:
(FSC) #show version
Unit1
Serial number :123456789
Hardware Version :0.3
Number of ports :18
Label Revision Number :123456789
Part Number :123456789
Machine Model :PRIMERGY BX600
Loader version :0.4
Operation code version :0.5
Boot rom version :0.4
4. Enter (FSC) # whitchboot command to verify which system image is currently active. The
following is an example of the information that appears:
Page 52
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
52
(FSC) #whichboot
file name file type startup size (byte)
-------------------------------- -------------- ------- ---------- PRIMERGY BX600-b-0.4.1214.biz Boot-Rom image Y 118206
default.cfg Config File Y 17336
PRIMERGY BX600-r-c-0.5.0110.biz Operation Code Y 40666365
5. Enter (FSC) # copy tftp://{tftp address}/{file name} image {file name} command to copy
a new system image to the device. The following message is displayed:
Mode........................................... TFTP
Set TFTP Server IP............................. {tftp address}
TFTP Path...................................... ./
TFTP Filename.................................. {file name}
Data Type...................................... Code
Are you sure you want to start? (y/n)
6. Press Y. When the new image is downloaded, it is saved in the area allocated for the other
copy of system image. The following is an example of the information that appears:
TFTP code transfer starting
Verifying CRC of file in Flash File System
TFTP receive complete... storing in Flash File System...
File transfer operation completed successfully.
7. Select the image for the next boot by entering the boot-system command. After this
command. Enter (FSC) # whitchboot command to verify that the copy indicated as a
parameter in the boot-system command is selected for the next boot. The following is an
example of the information that appears:
(FSC) #boot-system opcode PRIMERGY BX600-r-q-0.5.0110.biz
Start Up Success!
(FSC) #
(FSC) #whichboot
file name file type startup size (byte)
-------------------------------- -------------- ------- ---------- PRIMERGY BX600-b-0.4.1214.biz Boot-Rom image Y 118206
default.cfg Config File Y 17336
PRIMERGY BX600-r-q-0.5.0110.biz Operation Code Y 4153628
If the image for the next boot is not selected by entering the boot system command, the
system boots from the currently active image.
8. Enter the reload command. The following message is displayed:
Page 53
Software Download Configuration the Switch Blade Module
Lan Switch and Router Blade
53
(FSC) #reload
Are you sure you would like to reset the system? (y/n) y
System will now restart!
9. Enter y. The device reboots.
Page 54
Overview Web-Based Management Interface
Lan Switch and Router Blade
54
6 Web-Based Management Interface
6.1 Overview
The BX600 Network Switch Blade provides a built-in browser software interface that lets you
configure and manage it remotely using a standard Web browser such as Microsoft Internet
Explorer or Netscape Navigator. This software interface also allows for system monitoring and
management of the Network Switch. When you configure this Network Switch for the first time
from the console, you have to assign an IP address and subnet mask to the Network Switch.
Thereafter, you can access the Network Switch’s Web software interface directly using your
Web browser by entering the switch’s IP address into the address bar. In this way, you can use
your Web browser to manage the Switch from any remote PC station, just as if you were
directly connected to the Network Switch’s console port.
The 6 menu options available are: System, Switching, Routing, Security, QOS and IP
Multicast.
1. System Menu: This section provides information for configuring switch interface (port),
SNMP and trap manager, Ping, DHCP client, SNTP, system time, defining system
parameters including telnet session and console baud rate, etc, downloading switch
module software, and resetting the switch module, switch statistics and Layer 2 Mac
address.
2. Switching Menu: This section provides users to configure switch Port-Based VLAN,
Protocol-Based VLAN, GARP, IGMP Snooping, Port Channel, Spanning Tree, and 802.1p
priority Mapping and port security.
3. Routing Menu: This section provides users to configure OSPF, RIP, Router Discovery,
Static Route, VLAN Routing, VRRP, BOOTP/DHCP relay, and DNS relay.
4. Security Menu: This section provides users to configure switch securities including
802.1x, Radius, TACACS, IP filter, Secure Http, and Secure Shell.
5. QOS Menu: This section provides users to configure Access Control Lists, Differentiated
Service, and Class of Service.
6. IP Multicast Menu: This section provides users to configure DVMRP, IGMP, Multicast,
PIM-DM, PIM-SM. It also provides information for a multicast distribution tree
Page 55
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
55
6.2 Main Menu
6.2.1 System Menu
6.2.1.1 View ARP Cache
The Address Resolution Protocol (ARP) dynamically maps physical (MAC) addresses to
Internet (IP) addresses. This panel displays the current contents of the ARP cache.
For each connection, the following information is displayed:
z The physical (MAC) Address
z The associated IP address
z The identification of the port being used for the connection
Page 56
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
56
6.2.1.2 Viewing Inventory Information
Use this panel to display the switch's Vital Product Data, stored in non-volatile memory at the
factory.
Non-Configurable Data
System Description - The product name of this switch.
Machine Type - The machine type of this switch.
Machine Model - The model within the machine type.
Serial Number - The unique box serial number for this switch.
Part Number - The manufacturing part number.
Base MAC Address - The burned-in universally administered MAC address of this switch.
Hardware Version - The hardware version of this switch. It is divided into four parts. The
first byte is the major version and the second byte represents the minor version.
Page 57
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
57
Loader Version - The release-version maintenance number of the loader code currently
running on the switch. For example, if the release was 1, the version was 2, and the
maintenance number was 4, the format would be '1.2.4'.
Boot Rom Version - The release-version maintenance number of the boot rom code
currently running on the switch. For example, if the release was 1, the version was 2, and
the maintenance number was 4, the format would be '1.2.4'.
Label Revision Number - The label revision serial number of this switch is used for
manufacturing purpose.
Runtime Version - The release-version maintenance number of the code currently
running on the switch. For example, if the release was 1, the version was 2, and the
maintenance number was 4, the format would be '1.2.4'.
Operating System - The operating system currently running on the switch.
Network Processing Device - Identifies the network processor hardware.
Gigabit Ethernet Compliance Codes - Transceiver's compliance codes.
Vendor Name - The SFP transceiver vendor name shall be the full name of the
corporation, a commonly accepted abbreviation of the name of the corporation, the SCSI
company code for the corporation, or the stock exchange code for the corporation.
Vendor Part Number - Part number provided by SFP transceiver vendor.
Vendor Serial Number - Serial number provided by vendor.
Vendor Revision Number - Revision level for part number provided by vendor.
Vendor Manufacturing Date - Identifies the network processor hardware.
Temperature – The temperature of the switch
FAN 1 Status – The status of FAN 1. It is active or inactive.
FAN 2 Status – The status of FAN 2. It is active or inactive.
Additional Packages - A list of the optional software packages installed on the switch, if
any.
Command Buttons
Refresh - Updates the information on the page.
Page 58
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
58
6.2.1.3 Configuring Management Session and Network Parameters
6.2.1.3.1. Viewing System Description Page
Configurable Data
System Name - Enter the name you want to use to identify this switch. You may use up to
31 alpha-numeric characters. The factory default is blank.
System Location - Enter the location of this switch. You may use up to 31 alpha-numeric
characters. The factory default is blank.
System Contact - Enter the contact person for this switch. You may use up to 31
alpha-numeric characters. The factory default is blank.
Page 59
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
59
Non-Configurable Data
System Description - The product name of this switch.
System Object ID - The base object ID for the switch's enterprise MIB.
System IP Address - The IP Address assigned to the network interface.
System Up time - The time in days, hours and minutes since the last switch reboot.
MIBs Supported - The list of MIBs supported by the management agent running on this
switch.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain the
new values across a power cycle you must perform a save.
6.2.1.3.2. Configuring Network Connectivity Page
The network interface is the logical interface used for in-band connectivity with the switch via
any of the switch's front panel ports. The configuration parameters associated with the switch's
network interface do not affect the configuration of the front panel ports through which traffic is
switched or routed.
To access the switch over a network you must first configure it with IP information (IP address,
subnet mask, and default gateway). You can configure the IP information using any of the
following:
BOOTP
DHCP
Terminal interface via the EIA-232 port
Once you have established in-band connectivity, you can change the IP information using any
of the following:
Terminal interface via the EIA-232 port
Terminal interface via telnet
SNMP-based management
Web-based management
Page 60
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
60
Configurable Data
IP Address - The IP address of the interface. The factory default value is 0.0.0.0
Subnet Mask - The IP subnet mask for the interface. The factory default value is 0.0.0.0
Default Gateway - The default gateway for the IP interface. The factory default value is
0.0.0.0
Network Configuration Protocol Current - Choose what the switch should do following
power-up: transmit a Bootp request, transmit a DHCP request, or do nothing (none). The
factory default is None.
You cannot make this choice for both the network configuration protocol and the service
port. You will only be given the choices for Bootp or DHCP here if the service port protocol
is configured to None.
Management VLAN ID - Specifies the management VLAN ID of the switch. It may be
configured to any value in the range of 1 - 4054. The management VLAN is used for
management of the switch. This field is configurable for administrative users and read-only
for other users.
Web Mode - Specify whether the switch may be accessed from a Web browser. If you
choose to enable web mode you will be able to manage the switch from a Web browser.
The factory default is enabled.
Java Mode - Enable or disable the java applet that displays a picture of the switch at the
top right of the screen. If you run the applet you will be able to click on the picture of the
switch to select configuration screens instead of using the navigation tree at the left side of
the screen. The factory default is enabled.
Web Port - This field is used to set the HTTP Port Number. The value must be in the range
of 1 to 65535. Port 80 is the default value. The currently configured value is shown when
the web page is displayed.
Non-Configurable Data
Burned-in MAC Address - The burned-in MAC address used for in-band connectivity if
you choose not to configure a locally administered address.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain
the new values across a power cycle you must perform a save.
Page 61
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
61
6.2.1.3.3. Configuring Telnet Session Page
Configurable Data
Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should
occur on a telnet session before the session is logged off. You may enter any number
from 1 to 160. The factory default is 5.
Maximum Number of Telnet Sessions - Use the pulldown menu to select how many
simultaneous telnet sessions will be allowed. The maximum is 5, which is also the factory
default.
Allow New Telnet Sessions - If you set this to no, new telnet sessions will not be
allowed. The factory default is yes.
Password Threshold - When the logon attempt threshold is reached on the console port,
the system interface becomes silent for a specified amount of time before allowing the
next logon attempt. (Use the silent time command to set this interval.) When this
threshold is reached for Telnet, the Telnet logon interface closes. The default value is 3.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain
the new values across a power cycle you must perform a save.
Page 62
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
62
6.2.1.3.4. Configuring Outbound Telnet Client Configuration Page
Configurable Data
Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default
value is Enabled.
Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions
allowed. Default value is 5. Valid Range is (0 to 5).
Session Timeout - Specifies the Outbound Telnet login inactivity timeout. Default value
is 5. Valid Range is (1 to 160).
Command Buttons
Submit - Sends the updated configuration to the switch. Configuration changes take
effect immediately.
6.2.1.3.5. Configuring Serial Port Page
Configurable Data
Page 63
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
63
Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should
occur on a serial port connection before the switch closes the connection. Enter a number
between 0 and 160: the factory default is 5. Entering 0 disables the timeout.
Baud Rate (bps) - Select the default baud rate for the serial port connection from the
pull-down menu. You may choose from 1200, 2400, 4800, 9600, 19200, 38400, 57600,
and 115200 baud. The factory default is 9600 baud.
Password Threshold - When the logon attempt threshold is reached on the console port,
the system interface becomes silent for a specified amount of time before allowing the
next logon attempt. (Use the silent time command to set this interval.) When this threshold
is reached for Telnet, the Telnet logon interface closes. The default value is 3.
Silent Time (Sec) - Use this command to set the amount of time the management console
is inaccessible after the number of unsuccessful logon attempts exceeds the threshold set
by the password threshold command. The default value is 0.
Non-Configurable Data
Character Size (bits) - The number of bits in a character. This is always 8.
Flow Control - Whether hardware flow control is enabled or disabled. It is always
disabled.
Parity - The parity method used on the serial port. It is always None.
Stop Bits - The number of stop bits per character. It is always 1.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain
the new values across a power cycle you must perform a save.
6.2.1.3.6. Defining User Accounts Page
By default, two user accounts exist:
admin, with 'Read/Write' privileges
guest, with 'Read Only' privileges
By default, both of these accounts have blank passwords. The names are not case sensitive.
Page 64
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
64
If you logon with a user account with 'Read/Write' privileges (that is, as admin) you can use the
User Accounts screen to assign passwords and set security parameters for the default
accounts, and to add and delete accounts (other than admin) up to the maximum of six. Only a
user with 'Read/Write' privileges may alter data on this screen, and only one account may be
created with 'Read/Write' privileges.
Selection Criteria
User Name Selector - You can use this screen to reconfigure an existing account, or to
create a new one. Use this pulldown menu to select one of the existing accounts, or select
'Create' to add a new one, provided the maximum of five 'Read Only' accounts has not
been reached.
Configurable Data
User Name - Enter the name you want to give to the new account. (You can only enter
data in this field when you are creating a new account.) User names are up to eight
characters in length and are not case sensitive. Valid characters include all the
alphanumeric characters as well as the dash ('-') and underscore ('_') characters.
Password - Enter the optional new or changed password for the account. It will not display
as it is typed, only asterisks (*) will show. Passwords are up to eight alpha numeric
characters in length, and are case sensitive.
Confirm Password - Enter the password again, to confirm that you entered it correctly.
This field will not display, but will show asterisks (*).
Authentication Protocol - Specify the SNMPv3 Authentication Protocol setting for the
selected user account. The valid Authentication Protocols are None, MD5 or SHA. If you
select None, the user will be unable to access the SNMP data from an SNMP browser. If
you select MD5 or SHA, the user login password will be used as the SNMPv3
authentication password, and you must therefore specify a password, and it must be eight
characters.
Encryption Protocol - Specify the SNMPv3 Encryption Protocol setting for the selected
user account. The valid Encryption Protocols are None or DES. If you select the DES
Protocol you must enter a key in the Encryption Key field. If None is specified for the
Protocol, the Encryption Key is ignored.
Encryption Key - If you selected DES in the Encryption Protocol field enter the SNMPv3
Encryption Key here. Otherwise this field is ignored. Valid keys are 8 to 64 characters. The
Apply checkbox must be checked in order to change the Encryption Protocol and
Encryption Key.
Non-Configurable Data
Access Mode - Indicates the user's access mode. The admin account always has
'Read/Write' access, and all other accounts have 'Read Only' access.
SNMP v3 Access Mode - Indicates the SNMPv3 access privileges for the user account.
The admin account always has 'Read/Write' access, and all other accounts have 'Read
Only' access.
Command Buttons
Submit - Update the switch with the values on this screen. If you want the switch to retain
the new values across a power cycle, you must perform a save.
Delete - Delete the currently selected user account. If you want the switch to retain the
new values across a power cycle, you must perform a save. This button is only visible
when you have selected a user account with 'Read Only' access. You cannot delete the
'Read/Write' user.
Page 65
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
65
6.2.1.3.7. Defining Authentication List Configuration Page
You use this screen to configure login lists. A login list specifies the authentication method(s)
you want used to validate switch or port access for the users associated with the list. The
pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList,
which you may not delete. All newly created users are also assigned to the defaultList until you
specifically assign them to a different list
Selection Criteria
Authentication List - Select the authentication login list you want to configure. Select
'create' to define a new login list. When you create a new login list, 'local' is set as the initial
authentication method.
Configurable Data
Authentication List Name - If you are creating a new login list, enter the name you want
to assign. It can be up to 15 alphanumeric characters and is not case sensitive.
Method 1 - Use the dropdown menu to select the method that should appear first in the
selected authentication login list. If you select a method that does not time out as the first
method, such as 'local' no other method will be tried, even if you have specified more than
one method. Note that this parameter will not appear when you first create a new login list.
The options are:
Local- the user's locally stored ID and password will be used for authentication
Radius- the user's ID and password will be authenticated using the RADIUS server
instead of locally
Reject- the user is never authenticated
Tacacs- the user's ID and password will be authenticated using the TACACS server
instead of locally
Undefined- the authentication method is unspecified (this may not be assigned as the
Page 66
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
66
first method)
Method 2 - Use the dropdown menu to select the method, if any, that should appear
second in the selected authentication login list. This is the method that will be used if the
first method times out. If you select a method that does not time out as the second method,
the third method will not be tried. Note that this parameter will not appear when you first
create a new login list.
Method 3 - Use the dropdown menu to select the method, if any, that should appear third
in the selected authentication login list. Note that this parameter will not appear when you
first create a new login list.
Command Buttons
Submit - Sends the updated screen to the switch and causes the changes to take effect
on the switch. These changes will not be retained across a power cycle unless you
perform a save.
Delete - Remove the selected authentication login list from the configuration. The delete
will fail if the selected login list is assigned to any user (including the default user) for
system login or IEEE 802.1x port access control. You can only use this button if you have
Read/Write access. The change will not be retained across a power cycle unless you
perform a save.
6.2.1.3.8. Viewing Login Session Page
Non-Configurable Data
ID - Identifies the ID of this row.
User Name - Shows the user name of user who made the session.
Connection From - Shows the IP from which machine the user is connected.
Idle Time - Shows the idle session time.
Session Time - Shows the total session time.
Session Type – Shows the type of session: telnet, serial or SSH.
Command Buttons
Refresh - Update the information on the page.
Page 67
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
67
6.2.1.3.9. Viewing Authentication List Summary Page
Non-Configurable Data
Authentication List - Identifies the authentication login list summarized in this row.
Method List - The ordered list of methods configured for this login list.
Login Users - The users you assigned to this login list on the User Login Configuration
screen. This list is used to authenticate the users for system login access.
802.1x Port Security Users The users you assigned to this login list on the Port Access
Control User Login Configuration screen - This list is used to authenticate the users for
port access, using the IEEE 802.1x protocol.
Command Buttons
Refresh - Update the information on the page.
6.2.1.3.10. Defining User Login Page
Note: This page provides a user account (from those already created) to be added into
the Authentication List.
Each configured user is assigned to a login list that specifies how the user should be
authenticated when attempting to access the switch or a port on the switch. After creating a
new user account on the User Account screen, you should assign that user to a login list for the
switch using this screen and, if necessary, to a login list for the ports using the Port Access
Control User Login Configuration screen. If you need to create a new login list for the user, you
would do so on the Login Configuration screen.
Page 68
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
68
The pre-configured users, admin and guest, are assigned to a pre-configured list named
defaultList, which you may not delete. All newly created users are also assigned to the
defaultList until you specifically assign them to a different list.
A user that does not have an account configured on the switch is termed the 'default' or
'non-configured' user. If you assign the 'non-configured user' to a login list that specifies
authentication via the RADIUS server, you will not need to create an account for all users on
each switch. However, by default the 'non-configured user' is assigned to 'defaultList', which by
default uses local authentication.
Selection Criteria
User - Select the user you want to assign to a login list. Note that you must always
associate the admin user with the default list. This forces the admin user to always be
authenticated locally to prevent full lockout from switch configuration. If you assign a user
to a login list that requires remote authentication, the user's access to the switch from all
CLI, web, and telnet sessions will be blocked until the authentication is complete. Refer to
the discussion of maximum delay in the RADIUS configuration help.
Configurable Data
Authentication List - Select the authentication login list you want to assign to the user for
system login.
Command Buttons
Submit - Sends the updated screen to the switch and causes the changes to take effect
on the switch. These changes will not be retained across a power cycle unless you
perform a save.
Refresh - Updates the information on the page.
6.2.1.4 Defining Forwarding Database
6.2.1.4.1. Configuring MAC Table aging interval time Page
Use this panel to set the Address Ageing Timeout for the forwarding database.
Configurable Data
Address Ageing Timeout (seconds) - The forwarding database contains static entries,
which are never aged out, and dynamically learned entries, which are removed if they are
not updated within a given time. You specify that time by entering a value for the Address
Ageing Timeout. You may enter any number of seconds between 10 and 1000000. IEEE
Page 69
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
69
802.1D recommends a default of 300 seconds, which is the factory default.
Command Buttons
Submit - Update the switch with the values on the screen. If you want the switch to retain
the new values across a power cycle you must perform a save.
6.2.1.4.2. Viewing Forwarding Database Page
Use this panel to display information about entries in the forwarding database. These entries
are used by the transparent bridging function to determine how to forward a received frame.
Selection Criteria
Management Unit ID - Displays management unit for which Forwarding Database Table is
to be displayed.
Configurable Data
Filter - Specify the entries you want displayed.
Learned: If you choose "learned" only MAC addresses that have been learned will be
displayed.
All: If you choose "all" the whole table will be displayed.
MAC Address Search - You may also search for an individual MAC address. Enter the
two byte hexadecimal VLAN ID followed by the six byte hexadecimal MAC address in
two-digit groups separated by colons, for example 01:23:45:67:89:AB:CD:EF where 01:23
is the VLAN ID and 45:67:89:AB:CD:EF is the MAC address. Then click on the search
button. If the address exists, that entry will be displayed as the first entry followed by the
remaining (greater) MAC addresses. An exact match is required.
Non-Configurable Data
MAC Address - A unicast MAC address for which the switch has forwarding and/or
filtering information. The format is a two byte hexadecimal VLAN ID number followed by a
six byte MAC address with each byte separated by colons. For example:
01:23:45:67:89:AB:CD:EF, where 01:23 is the VLAN ID and 45:67:89:AB:CD:EF is the
MAC address.
Source Slot/port - the port where this address was learned -- that is, the port through
which the MAC address can be reached.
ifIndex - The ifIndex of the MIB interface table entry associated with the source port.
Status - The status of this entry. The possible values are:
Page 70
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
70
Static: the entry was added when a static MAC filter was defined.
Learned: the entry was learned by observing the source MAC addresses of incoming
traffic, and is currently in use.
Management: the system MAC address, which is identified with interface 0.1.
Self: the MAC address of one of the switch's physical interfaces.
Command Buttons
Search - Search for the specified MAC address.
Refresh - Refetch the database and display it again starting with the first entry in the table.
6.2.1.5 Viewing Logs
6.2.1.5.1. Viewing Buffered Log Configuration Page
This log stores messages in memory based upon the settings for message component and
severity. On stackable systems, this log exists only on the top of stack platform. Other platforms
in the stack forward their messages to the top of stack log.
Configurable Data
Admin Status - A log that is "Disabled" shall not log messages. A log that is "Enabled"
shall log messages. Enable or Disable logging by selecting the corresponding line on the
pulldown entry field.
Behavior Indicates the behavior of the log when it is full. It can either wrap around or stop
when the log space is filled.
Command Buttons
Submit - Update the switch with the values you entered.
Page 71
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
71
6.2.1.5.2. Viewing Buffered Log Page
This help message applies to the format of all logged messages which are displayed for the
buffered log, persistent log, or console log.
Format of the messages
<15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.c(318) 237 %% Interface 12
transitioned to root state on message age timer expiry
-The above example indicates a user-level message (1) with severity 7 (debug) on a
system that is not stack and generated by component MSTP running in thread id 2110 on
Aug 24 05:34:05 by line 318 of file mstp_api.c. This is the 237th message logged.
Messages logged to a collector or relay via syslog have an identical format to the above
message.
Note for buffered log
Number of log messages displayed: For the buffered log, only the latest 128 entries
are displayed on the webpage
Command Buttons
Refresh - Refresh the page with the latest log entries.
Clear Log - Clear all entries in the log.
Page 72
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
72
6.2.1.5.3. Configuring Command Logger Page
Configurable Data
Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting
the corresponding pulldown field and clicking Submit.
Command Buttons
Submit - Update the switch with the values you entered.
6.2.1.5.4. Configuring Console Log Page
This allows logging to any serial device attached to the host.
Configurable Data
Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled"
shall log messages. Enable or Disable logging by selecting the corresponding line on the
pulldown entry field.
Severity Filter - A log records messages equal to or above a configured severity
Page 73
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
73
threshold. Select the severity option by selecting the corresponding line on the pulldown
entry field. These severity levels have been enumerated below:
-Emergency (0): system is unusable
-Alert (1): action must be taken immediately
-Critical (2): critical conditions
-Error (3): error conditions
-Warning (4): warning conditions
-Notice(5): normal but significant conditions
-Informational(6): informational messages
-Debug(7): debug-level messages
Command Buttons
Submit - Update the switch with the values you entered.
6.2.1.5.5. Viewing Event Log Page
Use this panel to display the event log, which is used to hold error messages for catastrophic
events. After the event is logged and the updated log is saved in FLASH memory, the switch
will be reset. The log can hold at least 2,000 entries (the actual number depends on the
platform and OS), and is erased when an attempt is made to add an entry after it is full. The
event log is preserved across system resets.
Non-Configurable Data
Entry - The number of the entry within the event log. The most recent entry is first.
Filename - The FASTPATH source code filename identifying the code that detected the
event.
Line - The line number within the source file of the code that detected the event.
Task ID - The OS-assigned ID of the task reporting the event.
Code - The event code passed to the event log handler by the code reporting the event.
Time - The time the event occurred, measured from the previous reset.
Command Buttons
Refresh - Update the information on the page.
Clear Log - Remove all log information.
Page 74
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
74
6.2.1.5.6. Configuring Hosts configuration Page
Configurable Data
Host - This is a list of the hosts that have been configured for syslog. Select a host for
changing the configuration or choose to add a new hosts from the drop down list.
IP Address - This is the ip address of the host configured for syslog.
Status -This specifies wether the host has been configured to be actively logging or not.
Set the host to be active/out of service from the drop down menu.
Port -This is the port on the host to which syslog messages are sent. The default port is
514. Specify the port in the text field.
Severity Filter -A log records messages equal to or above a configured severity
threshold. Select the severity option by selecting the corresponding line on the pulldown
entry field. These severity levels have been enumerated below:
-Emergency (0): system is unusable
-Alert (1): action must be taken immediately
-Critical (2): critical conditions
-Error (3): error conditions
-Warning (4): warning conditions
-Notice(5): normal but significant conditions
-Informational(6): informational messages
-Debug(7): debug-level messages
Command Buttons
Submit - Update the switch with the values you entered.
Refresh - Refetch the database and display it again starting with the first entry in the
table.
Delete - Delete a configured host.
Page 75
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
75
6.2.1.5.7. Configuring syslog configuration Page
Configurable Data
Admin Status -For Enabling and Disabling logging to configured syslog hosts. Setting
this to disable stops logging to all syslog hosts. Disable means no messages will be sent
to any collector/relay. Enable means messages will be sent to configured collector/relays
using the values configured for each collector/relay. Enable/Disable the operation of the
syslog function by selecting the corresponding line on the pulldown entry field.
Local UDP Port This is the port on the local host from which syslog messages are sent.
The default port is 514. Specify the local port in the text field.
Non-Configurable Data
Messages Relayed - The count of syslog messages relayed.
Messages Ignored - The count of syslog messages ignored.
Command Buttons
Submit - Update the switch with the values you entered.
Refresh - Refetch the database and display it again starting with the first entry in the
table.
Page 76
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
76
6.2.1.6 Managing Switch Interface
6.2.1.6.1. Configuring Switch Interface Page
Selection Criteria
Slot/Port - Selects the interface for which data is to be displayed or configured.
Configurable Data
STP Mode - The Select the Spanning Tree Protocol Administrative Mode for the port or
LAG. The possible values are:
Enable - select this to enable the Spanning Tree Protocol for this port.
Disable - select this to disable the Spanning Tree Protocol for this port.
Admin Mode - Use the pulldown menu to select the Port control administration state. You
must select enable if you want the port to participate in the network. The factory default is
enabled.
IPv6 Mode - Enable or disable the port to forward IPv6 packets.
LACP Mode - Selects the Link Aggregation Control Protocol administration state. The
mode must be enabled in order for the port to participate in Link Aggregation. May be
enabled or disabled by selecting the corresponding line on the pulldown entry field. The
factory default is enabled.
Physical Mode - Use the pulldown menu to select the port's speed and duplex mode. If
you select auto the duplex mode and speed will be set by the auto-negotiation process.
Note that the port's maximum capability (full duplex and 100 Mbps) will be advertised.
Otherwise, your selection will determine the port's duplex mode and transmission rate.
The factory default is auto. The selection when applied against the "All" option in Slot/Port
is applied to all applicable interfaces only.
Link Trap - This object determines whether or not to send a trap when link status changes.
The factory default is enabled.
Maximum Frame Size - The maximum Ethernet frame size the interface supports or is
configured, including Ethernet header, CRC, and payload. (1518 to 9216). The default
maximum frame size is 1518 .
Flow Control - Used to enable or disable flow control feature on the selected interface.
Broadcast Storm Control - Used to enable or disable the broadcast storm feature on the
selected interface. The broadcast storm control value can be set to Level 1, Level 2, Level
3, and Level 4.
The following description is for the broadcast storm, multicast storm, and unicast
storm control.
The actual packet rate for switch will convert from the input level and the speed of that
interface. (see table 1 and table 2)
Page 77
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
77
Table 1. For
10/100Mbps/1Gbps
Table 2. For 10Gbps
Level Packet Rate (pps) Level Packet Rate (pps)
1 64 1 1042
2 128 2 2048
3 256 3 3124
4 512 4 4167
Multicast Storm Control - Used to enable or disable the multicast storm feature on the
selected interface. Multicast storm control value could be set Level 1, Level 2, Level 3, and
Level 4.
Unicast Storm Control - Used to enable or disable unicast storm feature on the selected
interface. Unicast storm control value could be set Level 1, Level 2, Level 3, and Level 4.
Capability - You could advertise the port capabilities of a given interface during
auto-negotiation.
Non-Configurable Data
Port Type - For normal ports this field will be blank. Otherwise the possible values are:
Mon - the port is a monitoring port. Look at the Port Monitoring screens for more
information.
LAG - the port is a member of a Link Aggregation trunk. Look at the LAG screens for
more information.
Physical Status - Indicates the port speed and duplex mode.
Link Status - Indicates whether the Link is up or down.
ifIndex - The ifIndex of the interface table entry associated with this port.
Command Buttons
Submit - Update the switch with the values you entered. If you want the switch to retain
the new values across a power cycle you must perform a save.
Page 78
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
78
6.2.1.6.2. Viewing Switch Interface Configuration Page
This screen displays the status for all ports in the box.
Selection Criteria
MST ID - Select the Multiple Spanning Tree instance ID from the list of all currently
configured MST ID's to determine the values displayed for the Spanning Tree parameters.
Changing the selected MST ID will generate a screen refresh. If Spanning Tree is disabled
this will be a static value, CST, instead of a selector.
Non-Configurable Port Status Data
Slot/Port - Identifies the port
Port Type - For normal ports this field will be blank. Otherwise the possible values are:
Mon - this port is a monitoring port. Look at the Port Monitoring screens for more
information.
LAG - the port is a member of a Link Aggregation trunk. Look at the LAG screens for
more information.
STP Mode - The Spanning Tree Protocol Administrative Mode associated with the port or
Page 79
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
79
LAG. The possible values are:
Enable - spanning tree is enabled for this port.
Disable - spanning tree is disabled for this port.
Forwarding State - The port's current state Spanning Tree state. This state controls what
action a port takes on receipt of a frame. If the bridge detects a malfunctioning port it will
place that port into the broken state. The other five states are defined in IEEE 802.1D:
Disabled
Blocking
Listening
Learning
Forwarding
Broken
Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for each
spanning tree. The port role will be one of the following values: Root Port, Designated Port,
Alternate Port, Backup Port, Master Port, or Disabled Port.
Admin Mode - The Port control administration state. The port must be enabled in order for
it to be allowed into the network. The factory default is enabled.
LACP Mode - Indicates the Link Aggregation Control Protocol administration state. The
mode must be enabled in order for the port to participate in Link Aggregation.
Physical Mode - Indicates the port speed and duplex mode. In auto-negotiation mode the
duplex mode and speed are set from the auto-negotiation process.
Physical Status - Indicates the port speed and duplex mode.
Link Status - Indicates whether the Link is up or down.
Link Trap - Indicates whether or not the port will send a trap when link status changes.
ifIndex - Indicates the ifIndex of the interface table entry associated with this port.
Flow Control - Indicates the status of flow control on this port.
Packet Burst - Indicates the packet burst used in the rate limit function if the rate limit
admin mode is enabled.
Broadcast Storm Control - Indicates the status of the broadcast storm control, disable or
Level 1, Level 2, Level 3, Level 4.
Multicast Storm Control - Indicates the status of the multicast storm control, disable or
Level 1, Level 2, Level 3, Level 4.
Unicast Storm Control - Indicates the status of the unicast storm control, disable or Level
1, Level 2, Level 3, Level 4.
Capability - Indicates the port capabilities during auto-negotiation.
Command Buttons
Refresh – Refresh the configuration value again.
Page 80
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
80
6.2.1.6.3. Configuring Multiple Port Mirroring Function Page
Configurable Data
Session ID - A session ID or "All Sessions" option may be selected. By default the First
Session is selected.
Session Mode - Specifies the Session Mode for a selected session ID. By default
Session Mode is enabled.
Source Port(s) - Specifies the configured port(s) as mirrored port(s). Traffic of the
configured port(s) is sent to the probe port.
Destination Port - Acts as a probe port and will recieve all the traffic from configured
mirrored port(s). Default value is blank.
Command Buttons
Submit - Send the updated screen to the switch and cause the changes to take effect on
the switch.
Delete - Remove the selected session configuration.
Page 81
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
81
6.2.1.7 Defining SNMP
6.2.1.7.1. Configuring SNMP Community Configuration Page
By default, two SNMP Communities exist:
private, with 'Read/Write' privileges and status set to enable
public, with 'Read Only' privileges and status set to enable
These are well-known communities, you can use this menu to change the defaults or to add
other communities. Only the communities that you define using this menu will have access to
the switch using the SNMPv1 and SNMPv2c protocols. Only those communities with read-write
level access will have access to this menu via SNMP.
You should use this menu when you are using the SNMPv1 and SNMPv2c protocol: if you want
to use SNMP v3 you should use the User Accounts menu.
Configurable Data
SNMP Community Name - You can use this screen to reconfigure an existing community,
or to create a new one. Use this pulldown menu to select one of the existing community
names, or select 'Create' to add a new one. A valid entry is a case-sensitive string of up to
16 characters. The default community names are public and private.
Client IP Address - Taken together, the Client IP Address and Client IP Mask denote a
range of IP addresses from which SNMP clients may use that community to access this
device. If either (IP Address or IP Mask) value is 0.0.0.0, access is allowed from any IP
address. Otherwise, every client's IP address is ANDed with the mask, as is the Client IP
Address, and, if the values are equal, access is allowed. For example, if the Client IP
Address and Client IP Mask parameters are 192.168.1.0/255.255.255.0, then any client
whose IP address is 192.168.1.0 through 192.168.1.255 (inclusive) will be allowed access.
To allow access from only one station, use a Client IP Mask value of 255.255.255.255, and
use that machine's IP address for Client IP Address.
Client IP Mask - Taken together, the Client IP Address and Client IP Mask denote a range
of IP addresses from which SNMP clients may use that community to access this device. If
Page 82
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
82
either (IP Address or IP Mask) value is 0.0.0.0, access is allowed from any IP address.
Otherwise, every client's IP address is ANDed with the mask, as is the Client IP Address,
and, if the values are equal, access is allowed. For example, if the Client IP Address and
Client IP Mask parameters are 192.168.1.0/255.255.255.0, then any client whose IP
address is 192.168.1.0 through 192.168.1.255 (inclusive) will be allowed access. To allow
access from only one station, use a Client IP Mask value of 255.255.255.255, and use that
machine's IP address for Client IP Address.
Access Mode - Specify the access level for this community by selecting Read/Write or
Read Only from the pull down menu.
Status - Specify the status of this community by selecting Enable or Disable from the pull
down menu. If you select enable, the Community Name must be unique among all valid
Community Names or the set request will be rejected. If you select disable, the Community
Name will become invalid.
Command Buttons
Submit - Update the switch with the values on this screen. If you want the switch to retain
the new values across a power cycle, you must perform a save.
Delete - Delete the currently selected Community Name. If you want the switch to retain
the new values across a power cycle, you must perform a save.
6.2.1.7.2. Configuring SNMP Trap Receiver Configuration Page
This menu will display an entry for every active Trap Receiver.
Configurable Data
SNMP Community Name - Enter the community string for the SNMP trap packet to be
sent to the trap manager. This may be up to 16 characters and is case sensitive.
SNMP Version - Select the trap version to be used by the receiver from the pull down
menu:
SNMP v1 - Uses SNMP v1 to send traps to the receiver.
Page 83
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
83
SNMP v2 - Uses SNMP v2 to send traps to the receiver.
IP Address - Enter the IP address to receive SNMP traps from this device. Enter 4
numbers between 0 and 255 separated by periods.
Status - Select the receiver's status from the pulldown menu:
Enable - send traps to the receiver.
Disable - do not send traps to the receiver.
Command Buttons
Submit - Update the switch with the values on this screen. If you want the switch to retain
the new values across a power cycle, you must perform a save.
Delete - Delete the currently selected Community Name. If you want the switch to retain
the new values across a power cycle, you must perform a save.
6.2.1.7.3. Viewing SNMP supported MIBs Page
This is a list of all the MIBs supported by the switch.
Non-configurable Data
Name - The RFC number if applicable and the name of the MIB.
Description - The RFC title or MIB description.
Command Buttons
Refresh - Update the data.
Page 84
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
84
Page 85
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
85
6.2.1.8 Viewing Statistics
6.2.1.8.1. Viewing the whole Switch Detailed Statistics Page
Non-Configurable Data
ifIndex - This object indicates the ifIndex of the interface table entry associated with the
Processor of this switch.
Octets Received - The total number of octets of data received by the processor (excluding
framing bits but including FCS octets).
Packets Received Without Errors - The total number of packets (including broadcast
packets and multicast packets) received by the processor.
Unicast Packets Received - The number of subnetwork-unicast packets delivered to a
higher-layer protocol.
Multicast Packets Received - The total number of packets received that were directed to
a multicast address. Note that this number does not include packets directed to the
broadcast address.
Broadcast Packets Received - The total number of packets received that were directed
to the broadcast address. Note that this does not include multicast packets.
Receive Packets Discarded - The number of inbound packets which were chosen to be
discarded even though no errors had been detected to prevent their being deliverable to a
higher-layer protocol. A possible reason for discarding a packet could be to free up buffer
space.
Octets Transmitted - The total number of octets transmitted out of the interface, including
framing characters.
Packets Transmitted Without Errors - The total number of packets transmitted out of the
interface.
Unicast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to a subnetwork-unicast address, including those that were
discarded or not sent.
Multicast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to a Multicast address, including those that were discarded or not
sent.
Broadcast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to the Broadcast address, including those that were discarded or
not sent.
Transmit Packets Discarded - The number of outbound packets which were chosen to
be discarded even though no errors had been detected to prevent their being deliverable
Page 86
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
86
to a higher-layer protocol. A possible reason for discarding a packet could be to free up
buffer space.
Most Address Entries Ever Used - The highest number of Forwarding Database Address
Table entries that have been learned by this switch since the most recent reboot.
Address Entries in Use - The number of Learned and static entries in the Forwarding
Database Address Table for this switch.
Maximum VLAN Entries - The maximum number of Virtual LANs (VLANs) allowed on this
switch.
Most VLAN Entries Ever Used - The largest number of VLANs that have been active on
this switch since the last reboot.
Static VLAN Entries - The number of presently active VLAN entries on this switch that
have been created statically.
Dynamic VLAN Entries - The number of presently active VLAN entries on this switch that
have been created by GVRP registration.
VLAN Deletes - The number of VLANs on this switch that have been created and then
deleted since the last reboot.
Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and
seconds, since the statistics for this switch were last cleared.
Command Buttons
Clear Counters - Clear all the counters, resetting all switch summary and detailed
statistics to default values. The discarded packets count cannot be cleared.
Refresh - Refresh the data on the screen with the present state of the data in the switch.
Page 87
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
87
6.2.1.8.2. Viewing the whole Switch Summary Statistics Page
Non-Configurable Data
ifIndex - This object indicates the ifIndex of the interface table entry associated with the
Processor of this switch.
Packets Received Without Errors - The total number of packets (including broadcast
packets and multicast packets) received by the processor.
Broadcast Packets Received - The total number of packets received that were directed
to the broadcast address. Note that this does not include multicast packets.
Packets Received with Errors - The number of inbound packets that contained errors
preventing them from being deliverable to a higher-layer protocol.
Packets Transmitted Without Errors - The total number of packets transmitted out of the
interface.
Broadcast Packets Transmitted - The total number of packets that higher-level protocols
requested to be transmitted to the Broadcast address, including those that were discarded
or not sent.
Transmit Packet Errors - The number of outbound packets that could not be transmitted
because of errors.
Page 88
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
88
Address Entries Currently in Use - The total number of Forwarding Database Address
Table entries now active on the switch, including learned and static entries.
VLAN Entries Currently in Use - The number of VLAN entries presently occupying the
VLAN table.
Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and
seconds since the statistics for this switch were last cleared.
Command Buttons
Clear Counters - Clear all the counters, resetting all summary and switch detailed
statistics to defaults. The discarded packets count cannot be cleared.
Refresh - Refresh the data on the screen with the present state of the data in the switch.
6.2.1.8.3. Viewing Each Port Detailed Statistics Page
Selection Criteria
Slot/Port - Selects the interface for which data is to be displayed or configured.
Non-Configurable Data
ifIndex - This object indicates the ifIndex of the interface table entry associated with this
port on an adapter.
Packets RX and TX 64 Octets - The total number of packets (including bad packets)
received or transmitted that were 64 octets in length (excluding framing bits but including
FCS octets).
Page 89
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
89
Packets RX and TX 65-127 Octets - The total number of packets (including bad packets)
received or transmitted that were between 65 and 127 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets RX and TX 128-255 Octets - The total number of packets (including bad packets)
received or transmitted that were between 128 and 255 octets in length inclusive
(excluding framing bits but including FCS octets).
Packets RX and TX 256-511 Octets - The total number of packets (including bad packets)
received or transmitted that were between 256 and 511 octets in length inclusive
(excluding framing bits but including FCS octets).
Packets RX and TX 512-1023 Octets - The total number of packets (including bad
packets) received or transmitted that were between 512 and 1023 octets in length
inclusive (excluding framing bits but including FCS octets).
Packets RX and TX 1024-1518 Octets - The total number of packets (including bad
packets) received or transmitted that were between 1024 and 1518 octets in length
inclusive (excluding framing bits but including FCS octets).
Packets RX and TX 1519-1522 Octets - The total number of packets (including bad
packets) received or transmitted that were between 1519 and 1522 octets in length
inclusive (excluding framing bits but including FCS octets).
Packets RX and TX 1523-2047 Octets - The total number of packets (including bad
packets) received or transmitted that were between 1523 and 2047 octets in length
inclusive (excluding framing bits but including FCS octets).
Packets RX and TX 2048-4095 Octets - The total number of packets (including bad
packets) received or transmitted that were between 2048 and 4095 octets in length
inclusive (excluding framing bits but including FCS octets).
Packets RX and TX 4096-9216 Octets - The total number of packets (including bad
packets) received or transmitted that were between 4096 and 9216 octets in length
inclusive (excluding framing bits but including FCS octets).
Octets Received - The total number of octets of data (including those in bad packets)
received on the network (excluding framing bits but including FCS octets). This object can
be used as a reasonable estimate of ethernet utilization. If greater precision is desired, the
etherStatsPkts and etherStatsOctets objects should be sampled before and after a
common interval.
Packets Received 64 Octets - The total number of packets (including bad packets)
received that were 64 octets in length (excluding framing bits but including FCS octets).
Packets Received 65-127 Octets - The total number of packets (including bad packets)
received that were between 65 and 127 octets in length inclusive (excluding framing bits
but including FCS octets).
Packets Received 128-255 Octets - The total number of packets (including bad packets)
received that were between 128 and 255 octets in length inclusive (excluding framing bits
but including FCS octets).
Page 90
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
90
Packets Received 256-511 Octets - The total number of packets (including bad packets)
received that were between 256 and 511 octets in length inclusive (excluding framing bits
but including FCS octets).
Packets Received 512-1023 Octets - The total number of packets (including bad packets)
received that were between 512 and 1023 octets in length inclusive (excluding framing bits
but including FCS octets).
Packets Received 1024-1518 Octets - The total number of packets (including bad
packets) received that were between 1024 and 1518 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Received > 1522 Octets - The total number of packets received that were longer
than 1522 octets (excluding framing bits, but including FCS octets) and were otherwise
well formed.
Total Packets Received Without Errors - The total number of packets received that were
without errors.
Unicast Packets Received - The number of subnetwork-unicast packets delivered to a
higher-layer protocol.
Multicast Packets Received - The total number of good packets received that were
directed to a multicast address. Note that this number does not include packets directed to
the broadcast address.
Broadcast Packets Received - The total number of good packets received that were
directed to the broadcast address. Note that this does not include multicast packets.
Total Packets Received with MAC Errors - The total number of inbound packets that
contained errors preventing them from being deliverable to a higher-layer protocol.
Jabbers Received - The total number of packets received that were longer than 1518
octets (excluding framing bits, but including FCS octets), and had either a bad Frame
Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a
non-integral number of octets (Alignment Error). Note that this definition of jabber is
different than the definition in IEEE-802.3 section 8.2.1.5 (10BASE5) and section 10.3.1.4
(10BASE2). These documents define jabber as the condition where any packet exceeds
20 ms. The allowed range to detect jabber is between 20 ms and 150 ms.
Fragments Received - The total number of packets received that were less than 64 octets
in length with ERROR CRC(excluding framing bits but including FCS octets).
Undersize Received - The total number of packets received that were less than 64 octets
in length with GOOD CRC(excluding framing bits but including FCS octets).
Alignment Errors - The total number of packets received that had a length (excluding
framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a
bad Frame Check Sequence (FCS) with a non-integral number of octets.
Page 91
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
91
Rx FCS Errors - The total number of packets received that had a length (excluding
framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a
bad Frame Check Sequence (FCS) with an integral number of octets
Overruns - The total number of frames discarded as this port was overloaded with
incoming packets, and could not keep up with the inflow.
Total Packets Transmitted (Octets) - The total number of octets of data (including those
in bad packets) transmitted on the network (excluding framing bits but including FCS
octets). This object can be used as a reasonable estimate of ethernet utilization. If greater
precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled
before and after a common interval.
Packets Transmitted 64 Octets - The total number of packets (including bad packets)
received that were 64 octets in length (excluding framing bits but including FCS octets).
Packets Transmitted 65-127 Octets - The total number of packets (including bad packets)
received that were between 65 and 127 octets in length inclusive (excluding framing bits
but including FCS octets).
Packets Transmitted 128-255 Octets - The total number of packets (including bad
packets) received that were between 128 and 255 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 256-511 Octets - The total number of packets (including bad
packets) received that were between 256 and 511 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 512-1023 Octets - The total number of packets (including bad
packets) received that were between 512 and 1023 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 1024-1518 Octets - The total number of packets (including bad
packets) received that were between 1024 and 1518 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 1523-2047 Octets - The total number of packets (including bad
packets) received that were between 1523 and 2047 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 2048-4095 Octets - The total number of packets (including bad
packets) received that were between 2048 and 4095 octets in length inclusive (excluding
framing bits but including FCS octets).
Packets Transmitted 4096-9216 Octets - The total number of packets (including bad
packets) received that were between 4096 and 9216 octets in length inclusive (excluding
framing bits but including FCS octets).
Maximum Frame Size - The maximum ethernet frame size the interface supports or is
configured, including ethernet header, CRC, and payload. (1518 to 9216). The default
maximum frame size is 1518 .
Page 92
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
92
Total Packets Transmitted Successfully - The number of frames that have been
transmitted by this port to its segment.
Unicast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to a subnetwork-unicast address, including those that were
discarded or not sent.
Multicast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to a Multicast address, including those that were discarded or not
sent.
Broadcast Packets Transmitted - The total number of packets that higher-level protocols
requested be transmitted to the Broadcast address, including those that were discarded or
not sent.
Total Transmit Errors - The sum of Single, Multiple, and Excessive Collisions.
Tx FCS Errors - The total number of packets transmitted that had a length (excluding
framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a
bad Frame Check Sequence (FCS) with an integral number of octets
Tx Oversized - The total nummber of frames that exceeded the max permitted frame size.
This counter has a max increment rate of 815 counts per sec at 10 Mb/s.
Underrun Errors - The total number of frames discarded because the transmit FIFO
buffer became empty during frame transmission.
Total Transmit Packets Discarded - The sum of single collision frames discarded,
multiple collision frames discarded, and excessive frames discarded.
Single Collision Frames - A count of the number of successfully transmitted frames on a
particular interface for which transmission is inhibited by exactly one collision.
Multiple Collision Frames - A count of the number of successfully transmitted frames on
a particular interface for which transmission is inhibited by more than one collision.
Excessive Collision Frames - A count of frames for which transmission on a particular
interface fails due to excessive collisions.
STP BPDUs Received - Number of STP BPDUs received at the selected port.
STP BPDUs Transmitted - Number of STP BPDUs transmitted from the selected port.
RSTP BPDUs Received - Number of RSTP BPDUs received at the selected port.
RSTP BPDUs Transmitted - Number of RSTP BPDUs transmitted from the selected port.
MSTP BPDUs Received - Number of MSTP BPDUs received at the selected port.
MSTP BPDUs Transmitted - Number of MSTP BPDUs transmitted from the selected port.
Page 93
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
93
GVRP PDUs Received - The count of GVRP PDUs received in the GARP layer.
GVRP PDUs Transmitted - The count of GVRP PDUs transmitted from the GARP layer.
GVRP Failed Registrations - The number of times attempted GVRP registrations could
not be completed.
GMRP PDUs Received - The count of GMRP PDUs received from the GARP layer.
GMRP PDUs Transmitted - The count of GMRP PDUs transmitted from the GARP layer.
GMRP Failed Registrations - The number of times attempted GMRP registrations could
not be completed.
Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and
seconds since the statistics for this port were last cleared.
Command Buttons
Clear Counters - Clear all the counters, resetting all statistics for this port to default
values.
Clear All Counters - Clear all the counters for all ports, resetting all statistics for all ports
to default values.
Refresh - Refresh the data on the screen with the present state of the data in the switch.
Page 94
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
94
Page 95
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
95
6.2.1.8.4. Viewing Each Port Summary Statistics Page
Selection Criteria
Slot/Port - Selects the interface for which data is to be displayed or configured.
Non-Configurable Data
ifIndex - This object indicates the ifIndex of the interface table entry associated with this
port on an adapter.
Total Packets Received without Errors - The total number of packets received that were
without errors.
Packets Received with Errors - The number of inbound packets that contained errors
preventing them from being deliverable to a higher-layer protocol.
Broadcast Packets Received - The total number of good packets received that were
directed to the broadcast address. Note that this does not include multicast packets.
Packets Transmitted without Errors - The number of frames that have been transmitted
by this port to its segment.
Transmit Packet Errors - The number of outbound packets that could not be transmitted
because of errors.
Collision Frames - The best estimate of the total number of collisions on this Ethernet
segment.
Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and
seconds since the statistics for this port were last cleared.
Command Buttons
Clear Counters - Clears all the counters, resetting all statistics for this port to default
values.
Clear All Counters - Clears all the counters for all ports, resetting all statistics for all ports
to default values.
Refresh – Refreshes the data on the screen with the present state of the data in the
switch.
Page 96
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
96
6.2.1.9 Managing System Utilities
6.2.1.9.1. Saving All Configuration Changed Page
Command Buttons
Save - Click this button to have configuration changes you have made saved across a
system reboot. All changes submitted since the previous save or system reboot will be
retained by the switch.
6.2.1.9.2. Resetting the Switch Page
Command Buttons
Reset - Select this button to reboot the switch. Any configuration changes you have made
since the last time you issued a save will be lost. You will be shown a confirmation screen
after you select the button.
Page 97
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
97
6.2.1.9.3. Restoring All Configuration to Default Values Page
Command Buttons
Reset - Clicking the Reset button will reset all of the system login passwords to their
default values. If you want the switch to retain the new values across a power cycle, you
must perform a save.
6.2.1.9.4. Resetting the Passwords to Default Values Page
Command Buttons
Reset - Select this button to have all passwords reset to their factory default values.
6.2.1.9.5. Downloading Specific Files to Switch Flash Page
Use this menu to download a file to the switch.
Configurable Data
File Type - Specify what type of file you want to download:
Script - specify configuration script when you want to update the switch's script file.
CLI Banner - Specify the banner that you want to display before user login to the
switch.
Code – Specify code when you want to upgrade the operational flash.
Configuration - Specify configuration when you want to update the switch's
Page 98
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
98
configuration. If the file has errors the update will be stopped.
SSH-1 RSA Key File - SSH-1 Rivest-Shamir-Adleman (RSA) Key File
SSH-2 RSA Key PEM File - SSH-2 Rivest-Shamir-Adleman (RSA) Key File (PEM
Encoded)
SSH-2 DSA Key PEM File - SSH-2 Digital Signature Algorithm (DSA) Key File (PEM
Encoded)
SSL Trusted Root Certificate PEM File - SSL Trusted Root Certificate File (PEM
Encoded)
SSL Server Certificate PEM File - SSL Server Certificate File (PEM Encoded)
SSL DH Weak Encryption Parameter PEM File - SSL Diffie-Hellman Weak
Encryption Parameter File (PEM Encoded)
SSL DH Strong Encryption Parameter PEM File - SSL Diffie-Hellman Strong
Encryption Parameter File (PEM Encoded)
The factory default is code.
Note that to download SSH key files SSH must be administratively disabled and there can
be no active SSH sessions.
TFTP Server IP Address - Enter the IP address of the TFTP server. The factory default is
0.0.0.0.
TFTP File Path (Target) - Enter the path on the TFTP server where the selected file is
located. You may enter up to 32 characters. The factory default is blank.
TFTP File Name (Source) - Enter the name on the TFTP server of the file you want to
download. You may enter up to 32 characters. The factory default is blank.
TFTP File Name (Target) - Enter the name on the switch of the file you want to save. You
may enter up to 32 characters. The factory default is blank.
Start File Transfer - To initiate the download you need to check this box and then select
the submit button.
Non-Configurable Data
The last row of the table is used to display information about the progress of the file
transfer. The screen will refresh automatically until the file transfer completes.
Command Buttons
Submit - Send the updated screen to the switch and perform the file download.
Page 99
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
99
6.2.1.9.6. Uploading Specific Files from Switch Flash Page
Use this menu to upload a code, configuration, or log file from the switch.
Configurable Data
File Type - Specify the type of file you want to upload. The available options are Script,
Code, CLI Banner, Configuration, Error Log, Buffered Log, and Trap Log. The factory
default is Error Log.
TFTP Server IP Address - Enter the IP address of the TFTP server. The factory default is
0.0.0.0
TFTP File Path (Target) - Enter the path on the TFTP server where you want to put the file
being uploaded. You may enter up to 32 characters. The factory default is blank.
TFTP File Name (Target) - Enter the name you want to give the file being uploaded. You
may enter up to 32 characters. The factory default is blank.
TFTP File Name (Source) - Specify the file which you want to upload from the switch.
Start File Transfer - To initiate the upload you need to check this box and then select the
submit button.
Non-Configurable Data
The last row of the table is used to display information about the progress of the file
transfer. The screen will refresh automatically until the file transfer completes.
Command Buttons
Submit - Send the updated screen to the switch and perform the file upload.
6.2.1.9.7. Defining Configuration and Runtime Startup File Page
Specify the file used to start up the system.
Configurable Data
Configuration File - Configuration files.
Runtime File - Run-time operation codes.
Command Buttons
Page 100
Main Menu Web-Based Management Interface
Lan Switch and Router Blade
100
Submit - Send the updated screen to the switch and specify the file start-up.
6.2.1.9.8. Removing Specific File Page
Delete files in flash. If the file type is used for system startup, then this file cannot be deleted.
Configurable Data
Configuration File - Configuration files.
Runtime File - Run-time operation codes.
Script File - Configuration script files.
Command Buttons
Remove File - Send the updated screen to the switch and perform the file remove.
6.2.1.9.9. Copying Running Configuration to Flash Page
Use this menu to copy a start-up configuration file from the running configuration file on switch.
Configurable Data
File Name - Enter the name you want to give the file being copied. You may enter up to 32
characters. The factory default is blank.
Non-Configurable Data
The last row of the table is used to display information about the progress of the file copy.
The screen will refresh automatically until the file copy completes.
Command Buttons
Loading...