IBM Nways 8265 User Manual

8265 Nways ATM Switch IBM
User's Guide
SA33-0456-01
8265 Nways ATM Switch IBM
User's Guide
SA33-0456-01
Note!
Second Edition (January 1998)
The information contained in this manual is subject to change from time to time. Any such changes will be reported in subsequent revisions.
Order publications through your IBM representative or the IBM branch office serving your locality. Publications are not stocked at the address given below.
A form for readers' comments appears at the back of this publication. If the form has been removed, address your comments to: IBM France
Centre d'Etudes et Recherches Service 0798 - BP 79 06610 La Gaude France
FAX: (33) (0)4.93.24.77.97E-mail: FRIBMQF5 at IBMMAILIBM Internal Use: LGERCF AT LGEPROFS
Internet: rcf_lagaude@vnet.ibm.com When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believes
appropriate without incurring any obligation to you.
Copyright International Business Machines Corporation 1994, 1998. All rights reserved.
Note to U.S. Government Users — Documentation related to restricted rights — Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp.
Contents
Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Product Page/Warranties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Industry Standards Reflected in This Product ................................. xi
Trademarks and Service Marks ......................................... xi
About this Book .................................................. xiii
Who Should Use this Book ............................................ xiii
Prerequisite Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Where to Find More Information ......................................... xiii
Terms Used in This Book ............................................. xiii
Part 1. Configuring Your ATM Network .............................. 1
Chapter 1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
ATM Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Network Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
The PNNI Network ................................................. 5
Peer Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Summary Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
PNNI Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Virtual Path Connections ............................................ 7
Permanent Virtual Connections ........................................ 8
Chapter 2. Setting-Up and Using a Configuration Console ....................... 9
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Before You Start .................................................. 9
Entering Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Keyboard Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Example Screens Shown in This Book .................................... 10
Command Completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Setting Up a Configuration Console in Normal (ASCII) Mode ........................ 12
Setting Up a Configuration Console in SLIP Mode .............................. 13
Returning to Normal Mode ........................................... 14
SLIP Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Using TCP/IP for AIX version 3.2.5 .................................... 14
Using TCP/IP V2.1.2 for IBM DOS V7 (no TFTP support) ....................... 14
Using TCP/IP V2.0 for OS/2 V3 (WARP) ................................. 15
Using ChameleonNFS V4.0 or V4.1 for Windows ............................ 15
Configuring the CPSW Ethernet Port ...................................... 16
Setting the IP Address and Subnet Mask .................................. 16
Administrator Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Maintenance Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Setting the Ethernet MAC Address ...................................... 17
Administrator Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Maintenance Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Copyright IBM Corp. 1994, 1998 iii
TELNET Sessions Via a Remote Switch or Workstation ........................... 18
Minimum Local Configuration ......................................... 18
Logon Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Accessing the 8265 via the Internet ....................................... 20
Recommended Web Browser Configuration ................................. 20
Accessing the 8265 ............................................... 20
Reconfiguring 8265 Configuration Console Settings .............................. 21
Saving Reconfigured Configuration Console Settings ........................... 21
Automatic Modem Hangup ........................................... 21
Chapter 3. Configuring Basic Parameters .................................. 23
Configuring the ATM Switch Address ...................................... 23
Configuring CPSW Module Parameters ..................................... 24
Configuration Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Setting CPSW Passwords ........................................... 25
Administrator Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
User Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Setting the Node Clock ............................................. 27
Setting Local CPSW Parameters ....................................... 28
Switch Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Service Contact Information ........................................ 28
Console Prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Console Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Configuring the ATM Switch Address ..................................... 30
Using Alert Messages ............................................. 31
Types of Alerts ................................................. 31
Configuring Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Q.2931 Branches and Parties .......................................... 33
Using Maintenance Mode ............................................. 34
Leaving Maintenance Mode .......................................... 35
Chapter 4. Configuring SNMP and LANE Parameters .......................... 37
IP Address and Subnetwork Mask (IP only) .................................. 38
Using Host Names ............................................... 38
LAN Emulation Client (LE only) .......................................... 39
Default Gateway (IP & LE) ............................................ 40
ARP Server (IP only) ................................................ 41
Community Table (IP & LE) ............................................ 42
Alerts (IP & LE) ................................................... 43
Setting Up a LAN Emulation Client ....................................... 44
LECS ATM Address ................................................ 45
ILMI MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
LECS Well Known Address .......................................... 45
Fixed PVC (0.17) ................................................ 45
Checking the Configuration .......................................... 46
Chapter 5. Configuring Ports and Media Modules ............................. 47
Enabling ATM Ports and Interfaces ....................................... 47
Enabling PNNI Ports on 8260 Modules ................................... 47
Setting Up Virtual Path Channels (VPCs) .................................... 48
Traffic Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Configuring Reachable Addresses ...................................... 49
Setting Up Permanent Virtual Connections (PVCs) .............................. 50
iv IBM 8265: User's Guide
Connecting Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Connecting Switches Directly ......................................... 51
Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Connecting Switches via VPCs Over VOID or Public UNI Interfaces .................. 52
Connecting Switches via a WAN ....................................... 52
Allowing Duplicate ATM Addresses ....................................... 53
Enabling Port Mirroring .............................................. 54
Chapter 6. Configuring PNNI Parameters .................................. 55
Configuration Control Mechanism ........................................ 55
Critical Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Non-Critical Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Working with PNNI Configuration Settings ................................... 58
Default Parameter Settings .......................................... 58
Changing Parameter Values .......................................... 58
Applying Configuration Changes ....................................... 58
Saving the Active Configuration ........................................ 59
Restoring the Active Configuration ...................................... 59
Restoring the Future Configuration ...................................... 59
Viewing Configuration Settings ........................................ 60
Configuring the ATM Switch Address ...................................... 61
Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Configuring Peer Group Identifiers ........................................ 62
Using the Switch's ATM Address ....................................... 62
Explicitly Entering a Peer Group ID ...................................... 63
Configuring Summary Addresses ........................................ 64
Configuring PNNI Path Selection ......................................... 66
Constant Bit Rate and Variable Bit Rate (CBR, rt VBR, and nrt VBR) .................. 66
Available Bit Rate ................................................ 66
Unspecified Bit Rate .............................................. 67
Using the Crankback Function .......................................... 68
Displaying PNNI Information ........................................... 69
Displaying Node_0 Information ........................................ 69
Path Selection Settings ............................................. 70
Summary Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Configuration State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Peer Group Members .............................................. 71
Neighbor Node Ids ............................................... 71
PTSEs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Chapter 7. Configuring Network Access Security ............................. 75
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Autolearn Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Default Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Violation Trapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Violation Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Enabling or Disabling Security .......................................... 77
Enabling Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Disabling Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Setting the Autolearn Values ........................................... 79
Enabling and Disabling Violation Traps ..................................... 80
Enabling and Disabling Violation Logging .................................... 80
Setting Default Values ............................................... 81
Contents v
Security Mode Default ............................................. 81
Violation Trapping Default ........................................... 81
Autolearn Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Violation Logging Default ............................................ 82
Specifying ATM Addresses to be Accepted ................................... 83
Removing ATM Addresses ........................................... 83
Displaying Security Information .......................................... 84
Current Global Settings ............................................. 84
Current Default Settings ............................................ 84
ATM Addresses Defined ............................................ 85
Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Security Violations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Displaying the Violation Log ........................................ 86
Displaying the Last Violation ........................................ 86
Clearing the Violation Log .......................................... 86
Saving Security Settings .............................................. 87
Reverting Security Changes ........................................... 87
Uploading and Downloading the Access Control Address Table ....................... 88
Uploading the Access Control Address Table ................................ 88
Downloading the Access Control Address Table .............................. 88
Updating the Access Control Address Table ................................ 88
Uploading the Violation Log ............................................ 90
Part 2. Managing the 8265 ........................................ 91
Chapter 8. Management Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Displaying 8265 Information ............................................ 93
Displaying the Power System ........................................... 95
Displaying 8265 Module Information ....................................... 96
Show the Inventory of Modules ........................................ 96
Show Inventory No_Verbose ........................................ 96
Show Inventory Verbose .......................................... 97
Displaying Module Details ........................................... 98
Show Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Show Module All ............................................... 99
Show Module Verbose .......................................... 100
Resetting Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Resetting Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Resetting the 8265 .............................................. 101
Resetting the ATM Subsystem ....................................... 102
Chapter 9. Managing the Power Subsystem ............................... 103
Budgeting Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Determining Switch Power Budget ..................................... 104
Displaying the Power Budget ....................................... 105
Increasing the Unallocated Power Budget ................................. 105
Establishing Power Fault-Tolerance ...................................... 106
Displaying Current Power Mode ....................................... 106
Changing the Power Mode .......................................... 107
8265 Module Power Up Strategy ........................................ 108
Default Power Up Strategy .......................................... 108
Specifying Power Up Order ......................................... 108
Power Class Settings ............................................. 109
vi IBM 8265: User's Guide
Displaying the Current Slot Status ..................................... 109
Using the Default Power Class Setting ................................... 109
Setting Power Class Manually ........................................ 110
Set Power Slot {slot} Class ........................................ 110
Power Class 10 Warnings ........................................ 110
8265 Module Power-Down Response ..................................... 111
Correcting a Power Deficit .......................................... 111
Powering Up With Insufficient Power .................................. 111
Power Supply Failure ........................................... 111
Chapter 10. Managing the Intelligent Cooling Subsystem ....................... 113
Operating Temperature and FAN Status Indicators ............................. 113
Operating Temperature Indicators ..................................... 113
Fan Status Indicators ............................................. 114
Automatic 8265 Module Power-Down ................................... 114
Overheating . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Overheat Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Overheat Management Areas ........................................ 115
Power-Down Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Recovery Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Saved Power Management Configurations .................................. 117
Chapter 11. Updating Microcode and Picocode ............................. 119
Receiving Code Updates ............................................ 119
Automatic Notification of Updates ...................................... 119
Upload and Download Operations ....................................... 119
Inband Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Upgrading CPSW Microcode ....................................... 120
Upgrading FPGA Picocode in ATM Modules .............................. 120
Uploading Dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Uploading Traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Uploading the Error Log .......................................... 121
Manual Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Out-of-band Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Downloading Software to Controller Modules ................................. 123
Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Downloading When Two Controller Modules Installed ........................ 123
Downloading When One Controller Module Installed ......................... 124
Upgrading Controller Module Boot Microcode ............................... 124
Upgrading Controller Module Operational Microcode ........................... 124
Download Status Display ........................................... 124
Part 3. Appendixes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Appendix A. Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Troubleshooting Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Diagnosing Problems Concerning the Power Supply ............................ 128
Diagnosing Problems Concerning the CPSW Console ........................... 129
Control Point and Switch Module Problems .................................. 131
Diagnosing Problems from the CPSW System Status LCD ....................... 132
Diagnosing Problems in the Hardware Configuration ............................ 133
8265 Cannot PING an ARP Client ..................................... 134
Two Devices Using IP Over a PVC Cannot Ping Each Other ...................... 135
Contents vii
PVC failure, Cause Code 3, on NNI or ISSP ports ............................ 136
Problems with the ATM Network ........................................ 137
Checking ATM Address Registration .................................... 137
8265 Cannot PING the ARP Servers and Vice-versa .......................... 138
ATM Connection Problems ........................................... 139
Diagnosing LAN Emulation Problems ..................................... 141
8265 LEC Cannot Register to the LES/BUS ................................ 141
8265 LEC Cannot PING another Client and Vice-versa ......................... 143
ATM Forum LAN Emulation Ethernet and TCP/IP (DOS, OS/2) Not Working ............ 144
LAN Emulation JOIN failed. ATM Forum LE status xx .......................... 145
Problems in an IBM Proprietary LAN Emulation Environment ...................... 146
Network Access Security Problems ...................................... 149
All ATM Registration Attempts Rejected .................................. 149
Some ATM Registration Attempts Rejected ................................ 149
No ATM Addresses Displayed ........................................ 149
Address Cannot be Set: Limit Reached .................................. 149
Administrative Problems (Netview/SNMP/Telnet) .............................. 150
Getting Further Assistance ........................................... 153
TRACE Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
Appendix B. Error and Information Codes ................................ 155
Q.2931 Error Codes for Clear Causes ..................................... 155
Maintenance Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Appendix C. ATM Address Formats .................................... 159
Network Prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
End System Part ................................................. 161
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
viii IBM 8265: User's Guide
Figures
1. Components of an ATM Campus Network ................................ 3
2. UNI, IISP, and PNNI VPC Links ...................................... 7
3. Working in Remote CPSW Sessions ................................... 19
4. Connecting Switches in Different Peer Groups ............................. 51
5. VP Tunneling Over a WAN ......................................... 52
6. PNNI Configuration Update Mechanism ................................. 55
7. PNNI Configuration Update (Critical) ................................... 56
8. PNNI Configuration Update (Non-critical) ................................. 57
9. Level ID Perspective of a Switch ATM Address ............................. 62
10. Example Address Table ........................................... 89
11. Upgrade Operations for ATM Microcode ................................ 119
12. NSAP Address Formats Supported in the 8265 ATM Subsystem .................. 159
Copyright IBM Corp. 1994, 1998 ix
x IBM 8265: User's Guide
Notices
References in this publication to IBM products, programs, or services do not imply that IBM intends to
make these available in all countries in which IBM operates.
Any reference to an IBM product, program, or service is not intended to state or imply that only IBM's
product, program, or service may be used. Any functionally equivalent product, program, or service that
does not infringe any of IBM's intellectual property rights may be used instead of the IBM product,
program, or service. Evaluation and verification of operation in conjunction with other products, except
those expressly designated by IBM, is the user's responsibility.
IBM may have patents or pending patent applications covering subject matter in this document. The
furnishing of this document does not give you any license to these patents. You can send license
inquiries, in writing, to the IBM Corporation, IBM Director of Licensing, 500 Columbus Avenue, Thornwood,
New York 10594, U.S.A.
Product Page/Warranties
The following paragraph does not apply to the United Kingdom or to any country where such
provisions are inconsistent with local law.
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore this
statement may not apply to you.
Industry Standards Reflected in This Product
The IBM 8265 Nways ATM Switch complies with the following ATM standards:
ATM User-Network Interface (UNI) Specifications V3.0, V3.1, and V4.0 ATM ForumATM Interim Inter-Switch Signalling (IISP), ATM ForumATM Public Network-to-Network Interface (PNNI) Phase 1, ATM ForumLAN Emulation over ATM Specifications V1.0, ATM ForumQ.2110 Service Specific Connection-Oriented Protocol (SSCOP), ITU, March 17, 1994Q.2130 Service Specific Coordination Function (SSCF) for support of signaling at the user-network
interface, March 17, 1994.
Trademarks and Service Marks
The following terms, denoted by an asterisk (*) in this publication, are trademarks or service marks of the
IBM Corporation in the United States or other countries:
AIX IBM
NetView for AIX Nways
RISC System/6000 Turboways
Copyright IBM Corp. 1994, 1998 xi
xii IBM 8265: User's Guide
About this Book
This book descibes how to use the IBM 8265 Nways ATM Switch.
The ATM commands that you enter at the console to manage the ATM subsystem are described in detail
in the
IBM 8265 Nways ATM Switch Command Reference Guide
, SA33-0458.
Who Should Use this Book
This book is intended for the following people at your site:
ATM network administratorATM network operator.
Prerequisite Knowledge
To understand the information presented in this
Features and characteristics of the IBM 8265 Nways ATM Switch as described in
IBM 8265 Nways
ATM Switch Product Description
, GA33-0449.
Principles of Asynchronous Transfer Mode (ATM) technologyATM Forum UNI Specification Versions 3.0, 3.1, and 4.0.ATM Forum LAN Emulation Specification Version 1.0.ATM Forum P-NNI Specification Version 1.0.
Where to Find More Information
The publications for the CPSW module and associated product documentation are listed in the
“Bibliography” on page 171.
World Wide Web ;You can access the latest news and information about IBM network products, customer
service and support, and microcode upgrades via the Internet, at the URL:
http://www.networking.ibm.com
Terms Used in This Book
The term
Control Point
refers to the ATM Control Point located in the IBM 8265 Nways ATM Switch
Control Point and Switch Module.
The term
Command Reference Guide
refers to the
IBM 8265 Nways ATM Switch Command Reference
Guide
, SA33-0458.
Copyright IBM Corp. 1994, 1998 xiii
xiv IBM 8265: User's Guide
Part 1. Configuring Your ATM Network
Copyright IBM Corp. 1994, 1998 1
2 IBM 8265: User's Guide
Chapter 1. Overview
ATM Networks
The purpose of an ATM network is to set up connections between ATM user devices, the two end points
of a connection.
IBM ATM subsystems can be interconnected in order to build a local, privately owned and administered
ATM network called an ATM Campus Network.
ATM
Campus Network
ATM User Devices
ATM
User
Devices
ATM Peer groups
IISP
IISP
IISP
PNNI
PNNI
PNNI
PNNI
PNNI
UNI
UNI
UNI
UNI
IISP
IISP
IISP
Figure 1. Components of an ATM Campus Network
Copyright IBM Corp. 1994, 1998 3
Network Components
The terms used to describe the components of an ATM Campus Network are defined here:
ATM Campus Network
One or more interconnected ATM peer groups. This set of peer groups is controlled by one administrative domain and a single
private owner using one network access protocol (UNI).
ATM Peer Group One or more ATM switches interconnected by PNNI interfaces, and sharing the
same peer group identifier.
ATM User Device An end system that encapsulates data into ATM cells and forwards them to the
ATM subsystem across a UNI interface. Examples of ATM user devices are:
Servers and workstations equipped with ATM adaptersATM concentrators or workstations equipped with ATM adaptersRouters with ATM adaptersLAN ATM bridges.
The control point passes the network prefix of an ATM address to attached end systems using the Interim Local Management Interface (ILMI) protocol.
Network Interfaces
The following protocols are defined in ATM standards for use across the interfaces connecting the components of an ATM campus network:
UNI Defines the interface between an ATM user device (such as a terminal, router, bridge, server,
workstation, or concentrator equipped with an ATM adapter) and the ATM network. The ATM subsystem supports the private UNI defined by the ATM Forum UNI Specifications V3.0, V3.1 and V4.0.
IISP Defines the interface between two ATM switches belonging to different ATM routing domains.
In the current release, IISP switches are used to interconnect PNNI peer groups. Operator intervention is required in order to define the addresses reachable over IISP links. You can define multiple IISP connections between two different peer groups.
PNNI Defines the interface between ATM switches in the same peer group.
The PNNI interface supports networking functions without the need of operator intervention, such as routing, node failure and node recovery, backup, and topology management.
You can define multiple PNNI connections between two ATM switches.
Public UNI ILMI is not supported.
VP tunnels can be defined on such a port, and signalling can be supported through the VP.
VOID ILMI is not supported.
VP tunnels can be defined on such a port, and signalling can be supported through the VP.
AUTO The interface is automatically set according to that of the incoming signal, as detected by ILMI.
4 IBM 8265: User's Guide
The PNNI Network
PNNI is a network system for supporting ATM routing and path selection. It selects the best path that
interconnects two end systems or a group of end systems. It is structured as a hierarchy of successive
higher entities called
levels
. The Control Point maps these levels into nodes. For example, when a switch Control point is running three levels, the first level is executed in the PNNI's node_0 subsystem, the next level is running in the node_1 subsystem, and so on.
The 8265 PNNI control point operates a single level only, the sole active subsystem being that of node_0.
Peer Groups
A peer group is a group of switches having a common identifier, called the
peer group id
. This peer group id is based on a specified length of a private ATM address, based either on the switch's own ATM address or explicitly entered. All switches must share the same peer group id (both length and content, to be included in the peer group.
Summary Addresses
In PNNI, reachability is the advertising of end system addresses throughout a peer group for the purpose of setting up connections between end systems. Reachability in PNNI routing is simplified by the capability of having groups of addresses with a common prefix to be represented by that prefix. Such a prefix is called a
summary address
. PNNI generates a default summary address to provide reachability to all end systems attached to the switch whose addresses share the switch's 13 byte ATM address prefix, that is, whose addresses are generated by the ILMI address notification protocol. Additional non-default summary addresses can be configured to provide reachability for address groups that do not share their switch's 13 byte ATM address prefix.
PNNI also supports path selection to end systems that lie outside a peer group, that is, end systems that are connected to a peer group via non-PNNI links (typically IISP links).
Every switch Control Point feeds end system addresses (that do not share the switch's 13 byte address prefix) to its PNNI subsystem which represents them by corresponding summary addresses if these are already configured. The absence of a configured summary address does not impair the reachability of end system addresses that would otherwise be represented by that summary address: it simply increases the reachability overhead for these addresses. Consequently, the removal of a configured summary address does not impair the reachability of end systems that were previously represented by the summary address: it simply increases PNNI's reachability overhead.
Configuring a new summary address can affect the functioning of previously configured summary addresses.
Chapter 1. Overview 5
PNNI Routing
IBM's PNNI supports three types of path selection:
Constant Bit Rate (CBR), real time Variable Bit Rate (rt VBR), and non-real time Variable Bit Rate (nrt
VBR). Routing is done on demand:
– Calls not satisfying the Generic Call Admission Control (GCAC) are pruned. – A shortest path is computed based on the Administrative Weight.
Available Bit Rate (ABR)
There are two types of ABR path selection, precomputed and on-demand:
– With precomputed path selection, the specific route is obtained via table look-ups, resulting in fast
connection setup.
– With on-demand path selection, more optimization for the individual routes is possible, but
connection setup is slower.
Note: When MCR=0, the ABR is treated the same as UBR.
Unspecified Bit Rate (UBR).
There are two types of UBR path selection, widest path and shortest path:
– The widest path approach finds the least loaded path in terms of bandwidth regardless of the
number of hops required to reach the destination. This approach balances the load on the paths through a network in the absence of critical constraints within that network.
– The shortest path approach follows a three step algorithm.
1. In the first step, path selection is based on the administrative weight.
2. In the second step, paths with minimal hop count to the destination are selected.
3. In the third step, the widest path approach is applied to the previously selected group of shortest paths to select the final route.
The shortest path approach is favored when the network contains critical restraints such as links (vcis, vpis) and/or switches that tend to become traffic bottlenecks. The drawback of the shortest path approach, is its reduced load balancing capability.
6 IBM 8265: User's Guide
Virtual Path Connections
When an 8265 is physically attached to a Wide Area Network (WAN), and VP tunnelling is provided, the device attached at the other side of the WAN appears as an adjacent device for the local switch.
Creating VPCs allows to extend the connectivity of the 8265, and to have several VP tunnels on a unique physical interface.
Each VPC can be of UNI, PNNI or IISP type and ensures the same functionality as a physical interface. This means that ILMI, signalling and routing may be provided per logical interface, i.e. VPC.
VPCs may be created on VOID or Public-UNI physical links, and a maximum of 512 is allowed per switch. Figure 2 shows an example of these VPC links.
Peer Group B
PNNI
PNNI
WAN
Peer Group A
PNNI
PubUNI
Link
PubUNI
Link
PubUNI
Link
Lan Switch
Emulated
Ethernet Stations
UNI VPC
Figure 2. UNI, IISP, and PNNI VPC Links
Chapter 1. Overview 7
Permanent Virtual Connections
A PVC is a permanent connection established by a network administrator between two end-points pertaining to the network, as opposed to an SVC, which is a connection established dynamically on an end-user station request, and between two end-user devices.
A PVC is established between 2 (more if multicast) end-points pertaining to the network, with specific traffic characteristics (best effort, reserved bandwidth...).
There are two types of PVC:
Point-to-point, which has one source end-point and one target end pointPoint-to-multipoint, which has one source end-point, and several target end-points. Each additional
end-point is called a party or a branch of the multicast tree. The traffic characteristics are common for all the parties of a PVC.
The two end-points of a PVC may be on the same 8265, or on different 8265s. In the latter case, the path may be selected either by the routing protocol (PNNI, for example) or by creating several PVCs in each 8265 until the final end point is reached.
PVCs are created, and deleted, via the terminal dialog. Between these 2 events, the PVC is active, unless a network failure occurs. If this happens, up to 20 attempts (with 15 second intervals) are made to re-establish the connection.
PVC's are automatically established when an 8265 is reset or powered on. A PVC is automatically saved after it has been activated successfully. The 8265 supports a maximum of 512 PVCs.
8 IBM 8265: User's Guide
Chapter 2. Setting-Up and Using a Configuration Console
This chapter describes:
How to enter commands and get help on the CPSW configuration consoleHow to set up the CPSW configuration console in Normal (ASCII) modeHow to set up the CPSW configuration console via a SLIP protocol connectionHow to access the CPSW from a remote console via TELNETHow to reconfigure configuration console settings.
Overview
The commands for configuring the CPSW are entered using a configuration console (ASCII terminal or workstation) connected to the console port. The console can communicate in one of two ways:
Normal (ASCII) mode
In normal mode, commands are entered directly from the configuration console. See “Setting Up a Configuration Console in Normal (ASCII) Mode” on page 12 for instructions
on connecting a configuration console to the CPSW in Normal mode.
SLIP mode
In SLIP mode, commands are entered via a TELNET session between an IP workstation and the CPSW.
If your workstation supports TFTP, it can also be used as a TFTP server to perform DOWNLOAD and UPLOAD operations between your workstation and the 8265. (See “Upload and Download Operations” on page 119.)
Note: If no activity takes place for a period of 20 minutes, the console is automatically
returned to normal mode.
This method requires an initial connection in Normal mode to set up the IP addresses and change the port protocol.
See “Setting Up a Configuration Console in SLIP Mode” on page 13 for instructions on connecting a configuration console to the CPSW in SLIP mode.
After the switch has been initially configured, it is also possible to configure and manage the switch:
From a remote TELNET sessions, as described in “TELNET Sessions Via a Remote Switch or
Workstation” on page 18.
Using an SNMP management application.
Before You Start
The following section describes keystrokes and the command syntax to use to enter commands from a configuration console. For a complete description of all configuration commands, see the
IBM 8265
Command Reference Guide
.
Copyright IBM Corp. 1994, 1998 9
Entering Commands
By entering commands at the prompt on the configuration console attached to the CPSW console, you can configure various functions of the 8265. The management prompt appears as follows:
à ð
8265ATM>
á
ñ
Commands are not case-sensitive. The system interprets ABC (uppercase) the same as abc (lowercase). The values you enter for certain command parameters are, however, case-sensitive and must be typed
exactly as shown in the
IBM 8265 Command Reference Guide
. For example, if you enter RWTRAP and rwtrap for the com_name parameter in two separate SET COMMUNITY commands, you will create two different community names.
Keyboard Functions
When entering commands the following keyboard functions are available:
Keystroke Function
BS or Backspace Moves the cursor one space backward and deletes the character. Enter Runs the command or prompts you to enter missing parameters. Space bar Types the complete command. Ctrl + C Cancels the command that is currently running and returns you to a blank command
line. Ctrl + R Retypes the last command you entered on the command line. Ctrl + L Types the currently edited command on the next line. ? Displays a list of available commands.
Getting Help
To list the available commands, which vary according to whether you logged on with the user or administrator password, type?on the command line and press Enter.
à ð
8265ATM> ?
á
ñ
To list the possible keywords that follow a command, you can enter the first word of the command, followed by ?. For example, to see what commands start with the word SAVE, you would enter:
à ð
8265ATM> save ?
á
ñ
Example Screens Shown in This Book
The example screen displays shown in this book are correct at the time of publication of this guide. Actual displays may vary due to improvements in code or configuration options.
10 IBM 8265: User's Guide
Command Completion
The command line accepts abbreviated command input with a facility called command completion. Command completion lets you enter a command and its parameters by typing the minimum number of characters to uniquely identify the command or a parameter.
For example, to enter the SAVE command, you only need to type SA and press the space bar:
à ð
8265ATM> sa
á
ñ
The system automatically fills in the rest of the command:
à ð
8265ATM> save
á
ñ
To enter a parameter, such as COMMUNITY, with the SAVE command, you can type the first few letters (for example, COMM) and press the space bar:
à ð
8265ATM> save comm
á
ñ
The rest of the parameter is automatically entered:
à ð
8265ATM> save community
á
ñ
If you enter an insufficient number of letters (for example, only S or C) for the system to determine the command or parameter (for example, Set, Show, Save and so on), the word is not completed and you are prompted to enter the rest of the command. The system also prompts you if you forget to enter a mandatory parameter.
Chapter 2. Setting-Up and Using a Configuration Console 11
Setting Up a Configuration Console in Normal (ASCII) Mode
The following procedure sets up the configuration console in Normal mode and logs you on as the system administrator with full access to all 8265 commands:
1. Connect an ASCII-type terminal to the RS-232 console port on the front panel of the CPSW module.
2. In the terminal’s user guide, locate the procedure for setting parameters for baud rate, data bits, parity, and stop bits.
3. Configure these configuration console settings to the values used by the CPSW so that the configuration console and the CPSW can communicate. The factory-set default settings for the CPSW are as follows:
Baud rate 9600 Data bits 8 Parity None Stop bits 1
4. Press Enter. The following message is displayed:
à ð
ATM Switch/Control Module (c) Copyright IBM Corp. 1994, 1997. All rights reserved.
Password:
á
ñ
5. Enter the Administrator password (factory default is 8265).
You can now proceed to configure the 8265, as described in Chapter 3, “Configuring Basic Parameters” on page 23.
12 IBM 8265: User's Guide
Setting Up a Configuration Console in SLIP Mode
The procedure that follows sets up the configuration console in SLIP mode and logs you on as the system administrator with full access to all commands.
Note: A typical workstation includes two serial ports (COM1, COM2):
One dedicated to an ASCII-terminal emulator,The other dedicated to an IP stack and supported via the SLIP protocol.
Both ports are needed for this procedure.
1. Connect your workstation to the RS-232 console port on the front panel of the CPSW module from the
‘ASCII-terminal’ serial port.
2. Configure the terminal in Normal mode and logon as administrator as described in “Setting Up a
Configuration Console in Normal (ASCII) Mode” on page 12.
3. If a data transmission rate other than 9600 is required, use the SET TERMINAL BAUD command to
configure a data transmission rate.
à ð
8265ATM> set terminal baud 192ðð
á
ñ
4. Set the local IP address (8265) and remote IP address (workstation) for the SLIP protocol using the
SET TERMINAL SLIP_ADDRESSES command.
à ð
8265ATM> set terminal slip_addresses Enter local ip address : 9.1ðð.86.139 Enter remote ip address : 9.1ðð.86.138 8265ATM>
á
ñ
5. Switch the configuration console port operating mode to SLIP using the SET TERMINAL
CONSOLE_PORT_PROTOCOL command.
à ð
8265ATM> set terminal console_port_protocol slip
á
ñ
6. Unplug the cable from the ‘ASCII-terminal’ serial port and plug it into the ‘IP-stack’ serial port of your
workstation.
7. Configure the IP stack SLIP with the IP address of the 8265 and verify the CPSW-to-workstation
connectivity by issuing a PING request.
à ð
C:\ ping 9.1ðð.86.139
á
ñ
8. Start a TELNET session to the CPSW.
à ð
C:\ telnet 9.1ðð.86.139
á
ñ
Chapter 2. Setting-Up and Using a Configuration Console 13
9. Logon as administrator (factory default password is 8265). The Welcome screen is displayed:
à ð
Password:
Welcome to system administrator service on 8265. 8265ATM>
á
ñ
You can now proceed to configure the 8265, as described in Chapter 3, “Configuring Basic Parameters” on page 23.
Returning to Normal Mode
To switch the configuration console port back to Normal mode, use the SET TERMINAL CONSOLE_PORT_PROTOCOL command.
à ð
8265ATM> set terminal console_port_protocol normal
á
ñ
Note: A CPSW module RESET restores the configuration console port to NORMAL operating mode.
SLIP Support
The SLIP function is supported on:
TCP/IP for AIX version 3.2.5TCP/IP V2.1.2 for IBM DOS V7 (no TFTP support)TCP/IP V2.0 for OS/2 V3 (WARP)ChameleonNFS V4.0 for Windows
Using TCP/IP for AIX version 3.2.5
1. Enter smitty mkinet
2. Enter serial line INTERNET Network Interface
3. Configure the local and remote IP addresses
4. The mask is not required
5. Do not fill in the baud rate and the dial string
6. PING the IP address of the remote 8265.
Using TCP/IP V2.1.2 for IBM DOS V7 (no TFTP support)
1. Use Custom command, then SLIP interface
2. Select SLð and enable the interface
3. Select COM1 and 9600 modem speed
4. Configure the local and remote IP addresses
5. The mask is not required
6. PING the IP address of the remote 8265.
14 IBM 8265: User's Guide
Using TCP/IP V2.0 for OS/2 V3 (WARP)
1. Configure the SLIP connection using the TCPIPCFG icon then SLIP.
2. Enable the SLIP interface on the correct COMM port.
3. Keep VJ compression off and use 1000 as MTU size.
4. Configure the local and remote IP addresses.
5. The mask is not required.
6. Configure FTFP server using TCPIPCFG icon thru
AUTOSTART
. This is required in the FTFP server
for CPSW download and upload operations.
7. Set terminal speed with the mode com1 command.
8. PING the IP address of the remote CPSW.
Using ChameleonNFS V4.0 or V4.1 for Windows
1. Configure the SLIP connection using the Custom icon under ChameleonNFS.
2. Select COM1 and no flow control PORT option.
3. Do not select a modem under the Modem option.
4. Configure the local and remote IP addresses.
5. The mask is not required.
6. Enter the appropriate hostname in the services/host table.
7. Use the TELNET icon under ChameleonNFS to connect to terminal dialog via VT220 emulation.
Chapter 2. Setting-Up and Using a Configuration Console 15
Configuring the CPSW Ethernet Port
To use the Ethernet port on a CPSW module, you must first configure the following:
The Internet Protocol (IP) addressThe subnet mask used for your class of Internet device.The Ethernet MAC address. A burned-in address (BIA) is supplied with each CPSW module (displayed
via the SHOW INVENTORY VERBOSE command). You can redefine this address with a locally administered address (LAA). Once an LAA has been assigned, you can always return to the BIA, by entering a MAC address of 000000000000.
Setting the IP Address and Subnet Mask
The IP address and subnet mask for the Ethernet port can be configured when in either Adminstrator or Maintenance Mode.
Administrator Mode: When in Adminstrator mode, the IP address and subnet mask can be
configured in one command, SET DEVICE IP_ADDRESS. The following example defines the Ethernet port IP address as 9.100.109.25 and the subnet mask as
ff.ff.ff.00:
à ð
8265ATM> set device ip_address eth 9.1ðð.1ð9.25 ff.ff.ff.ðð
á
ñ
Maintenance Mode: When in Maintenance mode, the IP address and subnet mask are configured
by two separate commands, SET IP_ADDRESS and SET SUBNET_MASK. The following example defines the Ethernet port IP address as 9.100.109.25:
à ð
8265ATM> set ip_address 9.1ðð.1ð9.25
á
ñ
The following example defines the subnet mask ff.ff.ff.00:
à ð
8265ATM> set subnet_mask ff.ff.ff.ðð
á
ñ
16 IBM 8265: User's Guide
Setting the Ethernet MAC Address
The Ethernet port MAC address can be configured when in either Adminstrator or Maintenance Mode.
Administrator Mode: The MAC address is configured using the SET DEVICE
ETHERNET_MAC_ADDRESS command. The following example configures the Ethernet port with a MAC address of 0E0000020304:
à ð
8265ATM> set device ethernet_mac_address рEррррр2р3р4
á
ñ
Maintenance Mode: The MAC address is configured using the SET MAC_ADDRESS command.
The following example configures the Ethernet port with a MAC address of 0E0000020304:
à ð
8265ATM> set mac_address ðE-ðð-ðð-ð2-ð3-ð4
á
ñ
Chapter 2. Setting-Up and Using a Configuration Console 17
TELNET Sessions Via a Remote Switch or Workstation
The CPSW’s remote login feature allows you to log on to an 8265 from a remote configuration console or network workstation that supports the TELNET protocol.
You can remotely log on to only one 8265 at a time.
Minimum Local Configuration
Before you can log on to the 8265 from a remote switch, you must perform a minimum configuration using a configuration console (in either Normal or SLIP mode). The minimum configuration that is required depends on the type of subnetwork you will use for the TELNET session:
Classical IP
Set the ATM address of the 8265Enable the port that connects to the ARP serverGet the ATM address of the ARP serverSet the ARP server ATM address in the 8265Set the IP address of the 8265Enable the port that will be used for the TELNET session.
LAN Emulation
Set the ATM address of the 8265Start the LEC.
These steps are described in Chapter 4, “Configuring SNMP and LANE Parameters” on page 37.
Logon Procedure
You specify the 8265 by entering its IP address with the TELNET command:
à ð
C:\ telnet 123.94.2ð2.9
á
ñ
Once you are connected to the remote switch, you must log on by entering the correct password. Afterwards all the commands you enter are run on the remote module as if entered from a local 8265 session.
To log off from a TELNET session, enter the LOGOUT command. The LOGOUT command disconnects the TELNET connection and reconnects you to the local 8265 accessed through your configuration console. The following message is displayed with the local management prompt:
à ð
ATM2 logout
Bye
Remote session completed C:\
á
ñ
18 IBM 8265: User's Guide
Figure 3 shows an example of a remote login. Note that once you are connected to 8265 A, you can remotely log on and manage the CPSW modules in either 8265 B or 8265 C.
Note: The TELNET protocol is not routable.
Modem
Modem
Hub B
Hub C
Hub A
RS-232 Console Port of an A-CPSW Module
Figure 3. Working in Remote CPSW Sessions
You can set a timeout period for a remote CPSW by entering the SET TERMINAL TIMEOUT command. When this value is exceeded, the system automatically logs you off the remote 8265 session and returns you to your local session.
Although any unsaved configuration changes are still active, they will be lost the next time you reset or reboot the remote 8265. To save these changes, you must re-establish the remote session and enter the SAVE command.
Chapter 2. Setting-Up and Using a Configuration Console 19
Accessing the 8265 via the Internet
The 8265 has an integrated web server that enables you to access the 8265 via the Internet. The web server has the following features:
Graphical view of the 8265 chassis, ATM modules, and ATM interfaces, with easy navigation.TELNET link to the Control Point.Direct navigation to integrated web servers on attached devices.Basic configuration functions (isolate and connect modules, enable and disable ATM interfaces).Debugging facilities (set up traces, display the error log, display connection table).Basic SHOW functions.
The web server has been optimized for the following environments:
16 to 256 colorsa web browser that supports tables and timed-page refresh.
Recommended Web Browser Configuration
In order to ensure that all displays are current, it is recommended that your web browser be configured as follows:
Disk cache set to zeroMemory cache set to zeroDocument verification set to "every time".
Accessing the 8265
In order to access the web server, the Control Point must be configured as described in “Minimum Local Configuration” on page 18.
To access the 8265, simply provide your web browser with the IP address of the Control Point. Enter http:// followed by the IP address.
Note: Default port 80 is used by the server. You will be prompted to enter a user name and password. The user name is always "ADMIN", and the
password is the current Administrator password (defined with the "SET DEVICE" command).
20 IBM 8265: User's Guide
Reconfiguring 8265 Configuration Console Settings
Carry out the procedures in this section only if you need to connect another device (besides the CPSW configuration console) to the CPSW module, and if the other device runs at a slower baud rate, uses a different parity, or has a different data bit value than the CPSW module's pre-configured factory settings.
For example, if you want to connect a 4800 baud modem to the CPSW module to remotely manage the 8265 you must change the factory-set default baud rate from 9600 to 4800. To do so, you would enter the following command:
à ð
8265ATM> set terminal baud 48ðð
á
ñ
See the
IBM 8265 Command Reference Guide
for information on the SET TERMINAL commands that
allow you to reconfigure configuration console settings.
Saving Reconfigured Configuration Console Settings
After you use the SET TERMINAL command to reset the baud rate, the parity, or the data bit value, the change is activated immediately and you lose communication with the configuration console. The new configuration console setting is not, however, permanently saved.
In order to save the configuration console parameters that you reconfigure with the SET command, you must connect the new configuration console to the 8265, log on, and enter the SAVE TERMINAL command. Once saved in this way, the new configuration console settings remain stored in memory after you log off and in case of a power failure.
For more information on how to reconfigure and save configuration console settings, see the sections describing the SET TERMINAL commands in the
IBM 8265 Command Reference Guide
.
Automatic Modem Hangup
If you use a modem to connect to the CPSW, you can use the SET TERMINAL HANGUP command to automatically hang up the modem connection when you log off the CPSW. If you do not hang up the modem connection, an unauthorized user can pick up your open session and work in it.
The following command shows what to enter to automatically hang up the modem after you log off the CPSW. The command is set by default to disable so that the modem does not automatically hang up.
à ð
8265ATM> set terminal hangup enable
á
ñ
Chapter 2. Setting-Up and Using a Configuration Console 21
22 IBM 8265: User's Guide
Chapter 3. Configuring Basic Parameters
This chapter describes:
How to configure the ATM switch addressHow to configure CPSW module parameters.
Note: You must been logged in as Administrator in order to configure the 8265. The factory default
password is 8265.
Configuring the ATM Switch Address
Note: Configuring the ATM switch address will cause a reset of the ATM system. If you have made any
other configuration changes, and not saved them, save them now or they will be lost.
When an 8265 is powered on for the first time, it automatically loads a default configuration, including a default ATM address. If you have multiple switches in your network, the default ATM address must be reconfigured so that each switch has a unique address. This reconfiguration is achieved by issuing the SET PNNI NODE_0 ATM_ADDRESS command, followed by the desired ATM address.
The following example sets the ATM address to
39.99.99.99.99.99.99.00.00.99.99.01.01.99.99.99.99.99.99.01.
à ð
8265ATM> set pnni node_ð atm_address: 9.99.99.99.99.99.99.ðð.ðð.99.99.ð1.ð1.99.
99.99.99.99.99.ð1
á
ñ
Once you have entered the ATM address, you can do any of the following:
Issue the COMMIT PNNI command. This saves the ATM address entered and resets the ATM control
point.
Issue the SAVE PNNI command. This saves the ATM address entered. The ATM address will applied
at the next reset.
Issue the UNCOMMIT PNNI command. This removes the ATM address that you have entered (the
previous ATM address remains).
Issue the SHOW FUTURE_PNNI NODE_0 to display the ATM address that you have just entered. Do
this if you think you may have made an error when entering the address.
Reissue the SET PNNI NODE_0 ATM_ADDRESS command to change the ATM address again.
To display the current ATM address, enter the SHOW PNNI NODE_0 command. If you have the PNNI control point code installed, refer to Chapter 6, “Configuring PNNI Parameters” on
page 55 for more information.
Copyright IBM Corp. 1994, 1998 23
Configuring CPSW Module Parameters
This section describes the commands needed to configure the CPSW module. Before beginning the procedures listed below, make sure that:
1. You have installed the CPSW module correctly (see the
IBM 8265 Installation Guide
, SA33-0441.)
2. You have set up a configuration console and logged on as administrator (see Chapter 2, “Setting-Up and Using a Configuration Console” on page 9).
Configuration Summary
To configure the CPSW, follow the steps listed below. Each of these steps are described in a subsequent section of this chapter.
1. Set the CPSW user and administrator passwords.
2. Set the node clock.
3. Set the local CPSW parameters such as: Switch name
Service contact information Console prompt Console timeout
4. Define the ATM address of the CPSW. This resets the ATM subsystem.
5. Optionally enable the sending of alert messages to an SNMP workstation or the local console.
For a detailed description of each CPSW configuration command, see the
IBM 8265 Command Reference
Guide
.
24 IBM 8265: User's Guide
Setting CPSW Passwords
It is necessary to set two levels of CPSW passwords:
Administrator password that provides access to all CPSW commands with read-write (configuration)
access (factory default is 8265). When logged in with the administrator password, you can place the 8265 in Maintenance Mode (see
page 34).
User password that provides access to a subset of CPSW commands including most SHOW
commands, PING and TELNET (factory default is a null string).
See the
IBM 8265 Command Reference Guide
for more information on access to CPSW commands.
Administrator Password:
1. At the console prompt, type the SET DEVICE PASSWORD ADMINISTRATOR command:
à ð
8265ATM> set device password administrator
á
ñ
Then press Enter.
2. In the next three fields displayed, enter your current password and the new password (up to fifteen
characters) twice as shown below. For security purposes, the values you enter are not displayed on the screen.
à ð
Enter current administrator password: {old password} New password: {new password} Re-enter password: {new password}
á
ñ
Then press Enter. You are prompted when your password is accepted:
à ð
Password changed.
á
ñ
3. To save your new password, type the SAVE DEVICE or the SAVE ALL command:
à ð
8265ATM> save device
á
ñ
Then press Enter.
You will need to enter the new administrator password the next time you log on to the CPSW. Note that you have only ten seconds to enter a password when the Password prompt is displayed. If you do not enter a password, a Timeout message is displayed. To re-display the Password prompt and start again, press Enter.
Chapter 3. Configuring Basic Parameters 25
User Password:
1. Log on to CPSW using the administrator password.
2. At the management prompt, type the SET DEVICE PASSWORD USER command:
à ð
8265ATM> set device password user
á
ñ
Then press Enter.
3. In the next three fields displayed, enter the administrator password and the new user password (up to fifteen characters) twice as shown here:
à ð
Enter current administrator password: {admin password} New password: {new user password} Re-enter password: {new user password}
á
ñ
Then press Enter. You are prompted when the password is accepted:
à ð
Password changed.
á
ñ
4. To save your new user password, type the SAVE DEVICE or the SAVE ALL command:
à ð
8265ATM> save device
á
ñ
Then press Enter.
26 IBM 8265: User's Guide
Setting the Node Clock
You need to set the CPSW's 24-hour node clock only once, when you install the CPSW. When you set the node clock, you establish a starting time, date, and day.
To set the node clock, enter the SET CLOCK command and specify the time and date parameters.
Then press Enter.
For example, the following command sets the node clock to 4:44 p.m. on March 20, 1997:
à ð
8265ATM> set clock 16:44 1997/ð3/2ð
á
ñ
The CPSW node clock uses its own battery and functions even when the CPSW fails to operate.
Chapter 3. Configuring Basic Parameters 27
Setting Local CPSW Parameters
The CPSW is preconfigured with default settings that may need to be changed before you can use the switch. To modify these parameters, you must log on using the system administrator password. Then use the SET command to change the values for any of the following:
Switch name
Service contact information
Console prompt
Console timeout value.
A brief description of each parameter is given in the following sections. For more detailed information, see the
IBM 8265 Command Reference Guide
.
Switch Name: In order to simplify the command parameters you need to enter to perform certain
ATM tasks, you can assign a unique name to each 8265. You can then use this name instead of the IP address to identify the 8265.
To set a unique name for the 8265, enter the SET DEVICE NAME command and press Enter.
à ð
8265ATM> set device name [8265 name]
á
ñ
Service Contact Information: After installing the 8265 and logging on to the CPSW, you should
enter the location details and the name of the appropriate person to contact in case of a failure in the ATM subsystem or with the 8265.
To do so, enter the following commands:
SET DEVICE LOCATION to specify where the 8265 is installedSET DEVICE CONTACT to specify the name of the service personnel to contact.
Console Prompt: IBM also recommends that you customize the prompt used by each CPSW
console. This helps you to easily recognize the CPSW to which you are connected when you are logged on to a remote switch.
The default prompt is:
à ð
8265ATM>
á
ñ
Suggestion: To make it easier to recognize the CPSW by its command prompt, set the prompt to the
name of the CPSW used in the SET DEVICE NAME command. See the
IBM 8265 Command
Reference Guide
for more information.
To customize the CPSW management prompt, use the SET TERMINAL PROMPT command.
28 IBM 8265: User's Guide
à ð
8265ATM>set terminal prompt ATM2 ATM2>
á
ñ
Console Timeout: The TERMINAL TIMEOUT parameter is a safety precaution that lets you specify
how long you can remain logged on to the CPSW console without entering any data from the keyboard. This prevents unauthorized users from accessing the CPSW if you forget to log off the system. If no keystroke is entered for the time period specified by SET TERMINAL TIMEOUT, the system automatically logs you off.
The default value for SET TERMINAL TIMEOUT is ð. This means that no timeout period is set and that you cannot be automatically logged off from the system.
To specify a timeout value (in minutes), use the SET TERMINAL TIMEOUT command.
à ð
8265ATM>set terminal timeout 2
á
ñ
Chapter 3. Configuring Basic Parameters 29
Configuring the ATM Switch Address
Note: Configuring the ATM switch address will cause a reset of the CPSW module. If you have made
any other configuration changes, and not saved them, save them now or they will be lost.
When a PNNI switch is powered on for the first time, it automatically loads a default configuration, including a default ATM address. If you have multiple switches in your network, the default ATM address must be reconfigured so that each switch has a unique address. This reconfiguration is achieved by issuing the following command:
à ð
8265ATM> set pnni node_ð atm_address: 39.99.99.99.99.99.99.ðð.ðð.99.99.ð1.ð1.99.
99.99.99.99.99.ð1
á
ñ
where 39.99.99.99.99.99.99.ðð.ðð.99.99.ð1.ð1.99.99.99.99.99.99.ð1 is an example of a 20 byte hex address entry.
If setting the address is the only reconfiguration action, you issue the COMMIT PNNI command to activate the new configuration. If you wish to modify the address further, you reissue the SET PNNI NODE_0 ATM_ADDRESS: command before issuing the COMMIT PNNI command. The COMMIT PNNI command causes the address to be saved in the NVS Configuration repository before the Control Point is reset.
In the default PNNI configuration, the address of all switches that are to form one peer group must have one common 96 bit (12 byte) prefix. This prefix is called the peer group id and defines the set of switches that together form one peer group.
As the default length for the peer group id is 12 bytes, the 13th byte of the ATM address can be used to uniquely identify a switch within a peer group.
A simple way to configure a collection of interconnected switches into one peer group is to issue the SET PNNI NODE_ð ATM_ADDRESS: command for each switch whereby all addresses have a common 96 bit prefix.
30 IBM 8265: User's Guide
Using Alert Messages
You can configure the CPSW to issue alert messages when certain system events are detected. These alerts can be sent to the configured trap receiver (for example, an SNMP workstation) and/or to the local configuration console.
Types of Alerts
There are three types of alerts: Hello alerts Authentication alerts Change alerts.
A Hello alert is sent when:
The ATM subsytem is reset in one of the following ways:
– Entering the BOOT command – Pressing the ATM Reset button – Entering the RESET command – Powering off and powering on the 8265.
A LAN Emulation Client becomes active.Any of the following parameters are changed:
– An agent's IP address (using the SET DEVICE IP_ADDRESS or SET DEVICE
LAN_EMULATION_CLIENT command)
– An agent's subnetwork mask (using the SET DEVICE IP_ADDRESS or SET DEVICE
LAN_EMULATION_CLIENT command) – ATM address of the ARP server (using the SET DEVICE ARP_SERVER command) – IP address of the default gateway (using the SET DEVICE DEFAULT_GATEWAY command).
A Hello alert is sent either once a minute until an SNMP request is received or once a minute for up to 4 hours and 15 minutes. It then shuts off and no Hello alert is sent for 6 hours. After 6 hours have elapsed, Hello alerts are sent again for up to 4 hours and 15 minutes.
An Authentication alert is sent when an unauthorized user tries to access the 8265 and the IP address or community name is not valid for the attempted read or write operation.
A Change alert is sent when any of the following chqnges are made:
An ATM media module is isolated or reconnectedAn ATM media module port is enabled or disabledTime and date used on the ATM subsystem are reconfiguredName, location, or service contact information for the CPSW module are reset.
Chapter 3. Configuring Basic Parameters 31
Configuring Alerts
Alerts are configured via the SET ALERT command. You can configure each type of alert (Hello, Authentication, and Change) to be trapped and sent to the trap receiver (via the TRAP parameter), and/or displayed at the local configuration console (via the DISPLAY parameter).
Examples: The following example shows how to configure a Hello alert to be sent to the trap receiver
and local configuration console only:
à ð
8265ATM> set alert hello trap display
á
ñ
The following example shows how to configure a Change alert to be sent to the trap receiver only:
à ð
8265ATM> set alert change trap nodisplay
á
ñ
The following example shows how to configure an Authentication alert to be sent to the local configuration console only:
à ð
8265ATM> set alert authentication notrap display
á
ñ
By default, all alerts are set to NOTRAP and NODISPLAY. Current alert settings can be displayed via the SHOW ALERT command.
32 IBM 8265: User's Guide
Q.2931 Branches and Parties
According to your networking needs, you can configure the amount of Q.2931 branches and parties available. Five types of configuration are available:
config_1 providing at least 32000 branches and 2 parties config_2 providing at least 30000 branches and 2000 parties config_3 providing at least 28000 branches and 4000 parties config_4 providing at least 26000 branches and 6000 parties config_5 providing at least 24000 branches and 8000 parties
The above configurations guarantee the minimum number of branches and parties possible. The 8265 will optimize the configuration based on these values, the maximum number of branches and parties possible will be determined by available system resources.
To configure the 8265 to use one of the above configurations, you enter the SET DEVICE_CONFIG_FUNCTIONS GSMP:OFF command, followed by the required configuration (config_1, for example).
To display the current configuration, enter the SHOW DEVICE command.
Chapter 3. Configuring Basic Parameters 33
Using Maintenance Mode
Some operations (such as downloading out-of-band) can only be done when the 8265 is in Maintenance mode.
This mode is entered when the MAINTAIN command is issued when logged in with Administrator mode (from a local session via the RS-232 console port).
When the command is issued, the CPSW is reset. You should stop all traffic before issuing the command. Changes made during the Administrator mode session should be saved prior to issuing the MAINTAIN
command, or they will be lost. If you have made changes, but do not wish to keep them, you need to issued the comand MAINTAIN FORCE to enter Maintenance mode.
When Maintenance mode is active, the ATM prompt appears as >> and the System Status LCD on the CPSW module displays the message: "MAINTENANCE MODE ENTERED UPON USER REQUEST".
Table 1 provides a summary of the commands available in Maintenance mode. For details of each command, refer to the
IBM 8265 Command Reference Guide
.
Table 1. Maintenance Mode Command Summary
Command Description
BOOT Activates the new software stored in the flash EEPROM, ends Maintenance mode,
and starts a new CPSW session. CLEAR ALL Deletes all stored information, such as configuration, error log, and restart counters. CLEAR
CONFIGURATION
Erases the customization of a CPSW module.
DOWNLOAD OUT_OF_BAND
Downloads new CPSW module software.
SET DEFAULT_GATEWAY
Assigns the IP address of the router that will be used to receive IP packets from,
and forward IP packets to, stations that are not connected to the 8265. SET IP_ADDRESS Assigns an IP address to the Ethernet port on the CPSW module. SET MAC_ADDRESS Assigns a MAC address to the Ethernet port on the CPSW. SET ROLE Selects (in a redundant CPSW configuration) which CPSW module is primary and
which is secondary. SET SUBNET_MASK Assigns a subnetwork mask to the Ethernet port on the CPSW module. SHOW ERRORS Displays the errors recorded during the last execution of the DOWNLOAD
OUT_OF_BAND command. SHOW FLASH Displays a summary of the microcode stored in the flash memory, including:
Which of the two flash EEPROMs is the active oneWhich versions of microcode are present (boot and operational).
SHOW RAM Displays the amount of Random Access Memory (RAM) installed. SHOW ROLE Displays the role (primary or secondary) of the local CPSW. SWAP ACTIVE Activates the backup flash EEPROM without resetting the CPSW. USE BAUD Changes the baud rate of the configuration console connection while in Maintenance
mode (9600 bps or 19200 bps).
34 IBM 8265: User's Guide
Leaving Maintenance Mode
You exit Maintenance mode by:
Entering the BOOT command. This resets the ATM subsystem. The MAINTENANCE MODE display
on the CPSW module System Status LCD switches off.
Entering the DOWNLOAD OUT_OF_BAND BOOT command. This operation loads the new boot
program and executes it immediately.
Chapter 3. Configuring Basic Parameters 35
36 IBM 8265: User's Guide
Chapter 4. Configuring SNMP and LANE Parameters
Carry out the procedures in this section only if you want to manage your ATM subsystem from an SNMP workstation.
If you want to manage the ATM subsystem from an SNMP workstation, you may access the 8265 through either a Classical IP subnetwork or a LAN Emulation subnetwork.
The steps required to set the SNMP parameters depend on the type of subnetwork you will use:
Classical IP over ATM subnetwork (IP)
Set Set IP Address and Subnetwork MaskSet Default GatewaySet ARP serverSet Community Table
Set Alerts
LAN Emulation over ATM subnetwork (LE)
Set LAN Emulation Client parameters (including IP Address and Subnetwork Mask)Set Default GatewaySet Community Table
Set Alerts
These steps are described in the following sections. Note: Although it is expensive, nothing prevents you from using both subnetworks at the same time,
each subnetwork being independent from the other (no communication between them). In the latter case an ARP server and an 802.3 LES are required. A single subnetwork must be chosen for the Default Gateway.
Copyright IBM Corp. 1994, 1998 37
IP Address and Subnetwork Mask (IP only)
In order for SNMP to run properly, every device in the network must have a unique IP address and subnetwork mask. In a classical IP subnetwork, you must use the SET DEVICE IP_ADDRESS command to assign a unique IP address and subnetwork mask to the CPSW.
For example, the following command sets a unique IP address for a Classical IP over ATM subnetwork on the CPSW and a subnetwork mask for an ATM class C device:
à ð
8265ATM> set device ip_address atm 195.44.45.48 FF.FF.FF.ðð
á
ñ
The subnetwork mask is specific for each type of Internet class. In general, the subnetwork mask is the group of common characters in the left part of the IP address. (These characters are also called the network ID.) The host address is the group of unique characters to the right of the IP address.
The following command sets the subnetwork mask for an ATM class B device:
à ð
8265ATM> set device ip_address atm 195.44.45.48 FF.FF.ðð.ðð
á
ñ
Using Host Names
You can also assign host names to each device with an IP address. This allows you to assign meaningful, easy to remember names to devices.
For example, an 8265 located in Laboratory C with an IP address of 9.100.109.203 could be called LabC. This can be set using the SET HOST command as shown in the following example:
à ð
8265ATM>set host LabC 9.1ðð.1ð9.2ð3
á
ñ
Host names assigned to devices are displayed using the SHOW HOST command.
38 IBM 8265: User's Guide
LAN Emulation Client (LE only)
In order for SNMP to run properly, every device in the network must have a unique IP address and subnetwork mask. In a LAN emulation subnetwork, you must use the SET DEVICE LAN_EMULATION_CLIENT command to assign a unique IP address and subnetwork mask to the CPSW.
To configure the LEC, use the SET DEVICE LAN_EMULATION_CLIENT with the following parameters:
LAN type (Ethernet or Token-Ring) IP address Subnetwork Mask
Individual MAC address
Associated LES/LECS ATM address
Notes:
1. The LEC may be Ethernet or Token-Ring. If Ethernet, then you must specify the Ethernet type (either DIX or 802.3.) It is possible to specify one Ethernet and one Token-Ring LEC simultaneously.
2. If two LECs are configured, they must have different IP addresses, even if they are connected to different LESs.
3. The MAC address must be in a 802.3 format. Local and universal administrated MAC addresses are supported.
4. The associated LES ATM address is the address of a LES monitoring the emulated LAN. The LES must be a LE Forum compliant LES, connected to an 8265 switch or 8285 ATM Workgroup Switch.
5. The maximum frame size and emulated LAN name are provided by the associated LES.
6. The SET DEVICE LAN_EMULATION_CLIENT command automatically starts the LEC.
7. No command to stop the LEC is available.
For example, to configure an Ethernet LEC with IP address 9.100.20.55:
à ð
8265ATM>set device lan_emulation_client eth eth_type DIX ip_address 9.1ðð.2ð.55
Client starting. 8265ATM>
á
ñ
After the eth parameter, the other parameters may be entered in any order. The first time the SET DEVICE LAN_EMULATION_CLIENT command is used, you must configure all
parameters before saving the configuration settings (no default values are provided). Once the configuration settings have been saved, it is possible to change only one parameter at a time using the SET DEVICE LAN_EMULATION_CLIENT command.
Chapter 4. Configuring SNMP and LANE Parameters 39
Default Gateway (IP & LE)
The default gateway is the IP address of the gateway that will receive and forward packets whose addresses are unknown to the ATM subnetwork. The default gateway is useful when sending CPSW alert packets to a management workstation that is on a different network and is accessible via a router.
For example, the following command defines the gateway with the address 195.44.45.26 as the default gateway:
à ð
8265ATM> set device default_gateway 195.44.45.26
á
ñ
40 IBM 8265: User's Guide
ARP Server (IP only)
The ARP (Address Resolution Protocol) server is used in a classical IP over ATM network to map IP addresses to ATM addresses. This is necessary to permit communication between an ATM network and SNMP stations in a Classical IP subnetwork.
The following command defines the ATM address for an ARP server:
à ð
8265ATM> set device arp_server 39.11.FF.22.99.99.99.ðð.ðð.ðð.ðð.ð1.49.11.11.11.
11.11.11.49
á
ñ
Chapter 4. Configuring SNMP and LANE Parameters 41
Community Table (IP & LE)
The Community table defines which SNMP stations in the network can access information from the CPSW, and which station(s) will receive a trap from the CPSW when an error is detected.
To create an entry in the Community table, you use the SET COMMUNITY command. For example, the following command specifies that a community name called ATMMGMT with an IP address of 195.44.45.244 has read-write access to the CPSW:
à ð
8265ATM> set community ATMMGMT 195.44.45.244 read_write
á
ñ
The community name parameter is case-sensitive. Be sure, therefore, to enter the community name in uppercase or lowercase letters exactly as you want it to appear. To display a list of existing community names, use the SHOW COMMUNITY command.
42 IBM 8265: User's Guide
Alerts (IP & LE)
To enable or disable the function for sending alerts via SNMP traps to the CPSW local console and network management stations, you use the SET ALERT command. See the
IBM 8265 Command
Reference Guide
for information on the different types of alerts you can enable and disable with this
command. For example, the following command enables an alert to be sent when a configuration change is made:
à ð
8265ATM> set alert change trap
á
ñ
Chapter 4. Configuring SNMP and LANE Parameters 43
Setting Up a LAN Emulation Client
To configure the LEC, use the SET DEVICE LAN_EMULATION_CLIENT command with the following parameters:
LAN type IP address Subnetwork mask
LES ATM address, LECS ATM address or nothing (if using the default well-known address or using a
locally administered LECS set via the SET LAN_EMUL CONFIGURATION_SERVER command.)
Individual MAC address.
The following choices are offered:
1. LES ATM address definition.
To define the LES ATM address for a LEC, you issue the following command:
à ð
8265ATM> SET DEVICE LAN_EMULATION_CLIENT (tr/eth) NO_LECS_WITH_LES les_atm_address
á
ñ
2. LECS ATM address definition.
To define the LECS ATM address for a LEC, you issue the following command:
à ð
8265ATM> SET DEVICE LAN_EMULATION_CLIENT (tr/eth) NO_LES_WITH_LECS les_atm_address
á
ñ
3. No specific LES or LECS definition.
The default value for the NO_LECS_WITH_LES or NO_LES_WITH_LECS keywords are NONE. For example:
à ð
8265ATM> SET DEVICE LAN_EMULATION_CLIENT (tr/eth) NO_LES_WITH_LECS NONE
á
ñ
Notes:
1. You should start the LES (whether internal or external) before you configure the LEC, in order to get its ATM address (via the SHOW LAN_EMUL SERVERS command).
2. The maximum frame size and emulated LAN name are provided by the associated LES.
3. The SET DEVICE LAN_EMULATION_CLIENT command automatically starts the LEC.
44 IBM 8265: User's Guide
LECS ATM Address
Some Lan Emulation Clients (LECs) determine the ATM address of their associated LES from the LAN Emulation Configuration Server (LECS). The CPSW supports these LECs with three separate methods for establishing a connection to the LECS:
ILMI MIB
LECS Well Known AddressFixed PVC (0.17).
ILMI MIB
The LEC can get the unicast ATM address by doing a GETNEXT on the variable atmSrvcRegATMAddress in the ILMI MIB.
For LECs that use this method of addressing, you must define the LECS ATM address in each ATM switch that deals with these LECs. You define the LECS ATM address with the SET LAN_EMUL CONFIGURATION_SERVER command.
à ð
8265ATM> set lan_emul configuration_server 39.99.99.99.99.99.99.ðð.ðð.99.99.ð1.
84.ðC.11.8ð.95.4F.13.ðð
á
ñ
You may define several ATM addresses. at any given time.
LECS Well Known Address
The LEC can directly call on one of two LEC Well Known Addresses, which are:
47.ðð.79.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.Að.3E.ðð.ðð.ð1.ðð and C5.ðð.79.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.ðð.Að.3E.ðð.ðð.ð1.ðð
Note: In order to use this method, the LEC must be able to make calls to the WKA. If the LECS does
not support calls to the WKA, you must use another addressing method.
Fixed PVC (0.17)
If the LEC requires a connection via fixed PVC, you must use the command SET PVC to define a PVC for virtual connection on the LEC side with vpi.vci equal to 0.17. When defining a PVC for virtual channel connection (VCC), the range of allowed VCI values includes the value 17.
The following example defines a PVC on the LEC side with vpi-vci equal to 0.17 going to the LECS side:
à ð
8265ATM> set pvc 1.2 1 2.3 5 channel_point_to_point ð.17 ð.33 best_effort
á
ñ
Chapter 4. Configuring SNMP and LANE Parameters 45
Checking the Configuration
To check the configuration of the LECS addresses, enter the following command:
à ð
8265ATM> show lan_emul configuration_server
á
ñ
46 IBM 8265: User's Guide
Chapter 5. Configuring Ports and Media Modules
This chapter describes:
How to enable ports and interfacesHow to set up Virtual Path Channels (VPCs)How to configure reachable addressesHow to set up permanent virtual connections (PVCs)The different ways of connecting switchesHow to allow or disallow duplicate ATM address registration.
Enabling ATM Ports and Interfaces
Before you can use the devices attached to media module ports, you must enable each port and configure the type of interface used by the port to receive and transmit ATM data. For example, to enable port 2 of a module in slot 1 as a UNI port:
à ð
8265ATM> set port 1.2 enable uni
á
ñ
Note that you can specify multiple ports on the same module within the same command, for example set port 1.2 3 5 4 7 enable uni would enable ports 2, 3, 4, 5, and 7.
You can set a port to any of the ATM interfaces: User-to-Network (UNI)
Public User-to-Network (public_UNI)Interim Inter-Switch Signalling (IISP)Private Network-to-Network (PNNI)
VOID AUTO. See “Network Interfaces” on page 4 for more information on ATM network interfaces. Note: To enable the ports, the module must be connected to the network. See the
IBM 8265 Command
Reference Guide
for details on the SET MODULE CONNECTED command.
Enabling PNNI Ports on 8260 Modules
The number of PNNI ports that can be enabled on 8260 modules is restricted. The sum total bandwidth of the ports cannot exceed 212 Mbps. For example
If you have a 4-port 100 Mbps module, you can only enable two of the ports (200 Mbps bandwidth).If you have a 12-port 25 Mbps module, you can enable up to 8 of the ports (200 Mbps).
Copyright IBM Corp. 1994, 1998 47
Setting Up Virtual Path Channels (VPCs)
VPC links can only be defined for Public UNI, VOID, and AUTO interfaces, and may be of UNI, IISP, or PNNI types.
UNI is used to connect user devices (such as Ethernet stations). PNNI is used to connect switches within the same peer group, via a WAN. IISP is used to connect switches in different peer groups, via a WAN.
Figure 2 on page 7 shows an example of these VPC links. Virtual path channels (VPCs) are created via the SET VPC_LINK command. See the
IBM 8265 Command
Reference Guide
for details.
Traffic Shaping
Note: This function is only available on 1–port 622 Mbps and 4–port 155 Mbps modules.
When setting up a VPC, you can specify the traffic type provided by the WAN. To do this, you enter the VPC_SERVICE_CATEGORY paramter on the SET VPC_LINK command, giving one of the following two values:
CBR This activates traffic shaping and the type of traffic allowed can be specified with the
VPC_SERVICE_CATEGORY parameter (see below).
UBR Traffic shaping is inactive and only Unspecified Bit Rate (UBR) traffic is allowed through this
VPC.
When traffic shaping is active (when the parameter CBR is given to the VPC_SERVICE_CATEGORY parameter of the SET VPC_LINK command) you can define which traffic types can be chosen by connections established on this VPC. The possible traffic types are Available Bit Rate (ABR), Constant Bit Rate (CBR), Unspecified Bit Rate (UBR), and Variable Bit Rate (VBR), and you can specify the following:
CBR VBR only ABR only UBR only
CBR VBR, and ABR
CBR VBR, and UBR
ABR and UBR
CBR VBR, ABR, and UBR.
See the
IBM 8265 Command Reference Guide
for details.
48 IBM 8265: User's Guide
Configuring Reachable Addresses
When VPC links (on Public UNI or VOID ports) are defined to connect to switches or workstations that do not support ILMI address registration, you also need to specify the address of the switch to be reached. To do this, you enter the SET REACHABLE_ADDRESS command.
If you define an IISP port, check that no VPI is defined in your reachable address. If you define a VOID or Public UNI port with a VPC link of type IISP, check that the VPI of the VPC link is
defined in your reachable address. If several reachable addresses share the same network prefix, they should be entered as a PNNI
summary address to reduce PNNI traffic. See 64 for details on configuring summary addresses.
Chapter 5. Configuring Ports and Media Modules 49
Setting Up Permanent Virtual Connections (PVCs)
PVCs can be set up to connect two end-points, local and remote. The local endpoint is a port in the local 8265 and the remote endpoint can either be another port on the same 8265 or on a remote 8265
If the remote endpoint is located on a remote 8265 you must define the ATM address of that 8265. For each PVC connection you can specify whether a reserved bandwidth is to be allocated. The valid settings (shown as the number of bits used) for Virtual Path Identifiers (VPIs) and Virtual
Channel Identifiers (VCIs) are as follows:
For 25 Mbps ports:
VPI VCI
0 0-12 1 or 2 0-10 3 or 4 0-8
For all other ports:
VPI VCI
0 0-14 1, 2, 3, or 4 0-10 5 or 6 0-8
See the
IBM 8265 Command Reference Guide
for details on the SET PVC and SET PARTY PVC
commands.
50 IBM 8265: User's Guide
Connecting Switches
Switches can be connected either directly, through cabling, or indirectly via a WAN. Figure 1 on page 3 shows an example of the different types of connection.
Connecting Switches Directly
When connecting two switches directly you must:
If the switches belong to the same peer group:
1. Define the two connecting ports as PNNI links
2. Ensure that the peer group id of both switches match (and are less than 104 bits in length). See “Configuring Peer Group Identifiers” on page 62 for more information.
If the switches do not belong to the same peer group:
1. Define the two connecting ports as IISP links
Example: The following example shows how to connect two switches in different PNNI peer groups.
Figure 4. Connecting Switches in Different Peer Groups
This example shows how to connect Switch 1 in Peer Group A to Switch 2 in Peer Group B (using slot 6 port 1, of Switch 1 and slot 4 port 2 of Switch 2).
Assuming the network prefix of Switch 1 in peer group A is 39.99.99.99.99.99.99.00.00.99.99.01, and the network prefix of Switch 2 in peer group B is 39.99.99.99.99.99.99.00.00.99.99.02, then:
1. On Switch 1, you would enter the commands:
à ð
8265ATM> set port 6.1 enable iisp user 8265ATM> set reachable_address 6.1 96 39.99.99.99.99.99.99.ðð.ðð.99.99.ð2
á
ñ
2. On Switch 2, enter the commands:
à ð
8265ATM> set port 4.2 enable iisp network 8265ATM> set reachable_address 4.2 96 39.99.99.99.99.99.99.ðð.ðð.99.99.ð1
á
ñ
This is using the default VPI=0. If the VPI is not 0, you must define the VP at the end of the set reachable address, and set the port signalling version accordingly.
Chapter 5. Configuring Ports and Media Modules 51
Connecting Switches via VPCs Over VOID or Public UNI Interfaces
1. In cases where it is not appropriate for an IISP link to use the default VPI (VPI=0), then the solution to interconnect switches is to define the port as a VOID port and set up a VP link with VPI=x.
2. VP tunneling over a WAN. Very often when a link crosses a WAN the service provider will not allow the use of VPI=0 because it is used for internal WAN traffic. Consequently, the private organization must use another VPI than the default. In addition, at both ends of the WAN, the VPI could be different, as shown in Figure 5 on page 52.
port 2.2 port 3.3
┌──────────┐ ┌───────────┐ ┌──────────┐ │ Switch 1 ├────────┤ WAN ├────────┤ Switch 2 │
└──────────┘ └───────────┘ └──────────┘ VPI=1 VPI=4 VPCI=6 VPCI=6
Figure 5. VP Tunneling Over a WAN
If Switch 1 and Switch 2 are part of the same PNNI peer group they will still be able to communicate thanks to the definition of the same Virtual Path Channel Identifier (VPCI) at both ends, achieved by entering the following commands:
à ð
8265ATM> set port 2.2 enable public_uni 8265ATM> set vpc_link 2.2 1 enable pnni bandwidth:155ððð vpci:6 8265ATM> set port 3.3 enable public_uni 8265ATM> set vpc_link 3.3 4 enable pnni bandwidth:155ððð vpci:6 8265ATM>
á
ñ
Connecting Switches via a WAN
When connecting two switches via a WAN you must:
Define the two connecting ports as either Public UNI or VOID links.Define, via the SET VPC_LINK command, a VPC link between the ports, of type:
– PNNI if the switches belong to the same peer group – IISP if the switches belong to different peer groups
If the VPC link is type IISP, define, via the SET REACHABLE_ADDRESS command, the address that
is to be reached over link (at both ends). At the other switch, enter the reachable address of your switch.
If the two switches are to belong to the same PNNI peer group, ensure that the peer group id of both
switches match (and are less than 104 bits in length). See “Configuring Peer Group Identifiers” on page 62 for more information.
52 IBM 8265: User's Guide
Allowing Duplicate ATM Addresses
Depending on network configuration and requirements, you can configure the ATM control point to allow or disallow the acceptance of duplicate ATM addresses registered from ILMI.
Disallowing duplicate addresses may, for example, be useful for backup servers. Allowing duplicate addresses may be useful for load balancing between switches. To specify whether duplicate addresses are allowed or disallowed, you enter the following command:
à ð
8265ATM> set device duplicate_atm_addresses allowed|disallowed
á
ñ
Chapter 5. Configuring Ports and Media Modules 53
Enabling Port Mirroring
Note: The Port Mirroring function requires Release 2 or higher of the Control Point code.
The Port Mirroring function duplicates and redirects traffic to any desired port. A Traffic Analyzer can then be connected to this port. Multiple mirrored ports can be active at the same time.
When a port mirroring is active all other ports on the module used for mirroring are disabled. Port mirroring is enabled using the SNOOP_ENABLE command. The following example mirrors port 3 of the module in slot 4 to port 1 of the module in slot 2:
à ð
8265ATM> snoop_enable 4.3 2.1
á
ñ
All other ports on the module in slot 2 are disabled. To disable port mirroring, enter the SNOOP_DISABLE command for the port that is being used for
mirroring. For example, to cancel the port mirroring just set up in the earlier example, you would enter:
à ð
8265ATM> snoop_disable 2.1
á
ñ
All ports on the module in slot 2 can now be enabled, if so desired.
54 IBM 8265: User's Guide
Chapter 6. Configuring PNNI Parameters
The chapter describes how PNNI configuration changes are managed, and how they are made.
Note: You must have PNNI control point code is order to use the functions described in this chapter.
Configuration Control Mechanism
Unlike other configuration parameters, which are implemented as soon as the SET command is issued, PNNI stores the new parameter values until instructed to implement them.
A default configuration is provided with the PNNI Control Point code, and activated when is powered on or reset. All configurable parameter values for this configuration are stored in a non-volatile storage (NVS) area called the
NVS Configuration
repository. These parameters are copied into the
Active Configuration
repository when the 8265 is powered on (and every time the ATM subsystem is reset) and used by the active PNNI system.
A
Future Configuration
repository is provided that allows you to enter changes to the current configuration.
These changes are kept in memory until you instruct PNNI to implement them. PNNI only accepts parameter changes if the parameter value lies within the correct range and is
consistent with all the other, already configured parameter values. PNNI thus assures that the new configuration will be consistent.
NVS Configuration
Future Configuration
Active Configuration
New parameters
Parameters used by active PNNI system
Parameters loaded at power-on or after reset
Non-critical changes passed directly to active system
Critical changes passed to NVS respository
Parameters passed to Active Configuration repository
Figure 6. PNNI Configuration Update Mechanism
Once you have set all the parameters you wish to configure, you issue an instruction for them to be implemented.
What happens next depends on whether the configuration changes are deemed to be critical or not. Critical settings are deemed those that, when reconfigured, affect PNNI to such an extent that the ATM subsystem must be restarted (such as ATM address, for example).
Copyright IBM Corp. 1994, 1998 55
Critical Changes
1. PNNI gives an informative warning that the changes made are critical and asks you if you wish to continue.
If you decide not to continue, the parameter values are retained in the Future Configuration repository.
2. If you decide to proceed, PNNI copies the parameters from the Future Configuration repository into the NVS Configuration repository, before issuing a reset of the switch's ATM subsystem This ensures that the new parameters are automatically reinstalled after subsequent reset or power on actions.
3. The reset action re-initializes PNNI by loading the Active Configuration repository from the NVS repository.
4. The PNNI system is activated with the reconfigured parameters.
NVS Configuration
Future Configuration
Active Configuration
New parameters
Step 2.
Step 1.
Reset performed (parameters copied to Active Repository)
Step 3.
Continue ?
Parameters copied to NVS Repository
PNNI system activated with new parameters
Step 4.
Figure 7. PNNI Configuration Update (Critical)
56 IBM 8265: User's Guide
Non-Critical Changes
1. The changed parameters are copied to the Active Configuration repository.
2. The PNNI system continues running, using the new parameters.
3. If you decide that the configuration changes that you have made should be maintained indefinitely, you can save the Active Configuration to the NVS Configuration. This ensures that the current Active Configuration (now with the new parameters) is automatically reinstalled after subsequent reset or power on actions.
4. If you decide that the configuration changes that you have made should be removed, you can instruct PNNI to replace the new parameters with the previous values (from the last save). This does not cause a reset, and the PNNI system continues running.
NVS Configuration
Future Configuration
Active Configuration
New parameters
Save parameters to NVS Configuration Repository (optional)
Step 3.
Step 1.
Parameters passed to
Active Configuration repository PNNI system remains active, but with new parameters
Step 2.
Restore previous parameters to Active Configuration repository (optional)
Step 4.
Figure 8. PNNI Configuration Update (Non-critical)
Chapter 6. Configuring PNNI Parameters 57
Working with PNNI Configuration Settings
This section describes the various PNNI parameters, what the default values are, and how to change them.
Default Parameter Settings
The default parameter values are shown in Table 2.
Table 2. Default PNNI Parameters
Parameter Default Setting
ATM address 39.99.99.99.99.99.99.00.00.99.99.01.01.99.99.99.99.99.99.00 Level Identifier (bits) 96 Peer Group Id 39.99.99.99.99.99.99.00.00.99.99.01 Internal Summary Address 39.99.99.99.99.99.00.00.99.99.01.01 External Summary Address none Path Selection ABR = precomputed ;UBR = widest path
Changing Parameter Values
Changes to the configuration parameters are made via the following command:
à ð
8265ATM> set pnni
á
ñ
See further sections in this chapter which describe the full command syntax and individual parameter values.
Applying Configuration Changes
Once you have set all the parameters you wish to configure, you issue the following command:
à ð
8265ATM> commit pnni
á
ñ
If the configuration changes affect critical settings, that is settings that will cause the ATM subsystem
to be reset, PNNI gives an informative warning, and provides you with the option to proceed or cancel the update.
If you decide not to proceed with the update, you can restore the parameter values in the Future Configuration to those of the active system (see “Restoring the Future Configuration” on page 59.). Alternatively, you may change the parameter values (with the SET PNNI command) before re-issuing the COMMIT PNNI command.
If the changes are not critical, PNNI will remain active with the new parameters.
Note: If you wish to retain these new parameter settings, you should save them to the NVS
Configuration repository. Otherwise, the next time that the ATM subsystem is reset, the new values will be lost. See “Saving the Active Configuration” on page 59.
58 IBM 8265: User's Guide
If you decide to discard the new parameters, you can return to the previous settings (provided they have been saved). See “Restoring the Active Configuration” on page 59.
Saving the Active Configuration
The Active Configuration need only be saved when non-critical changes have been made, and you wish the changes to be retained when the ATM subsystem is reset. This is because when critical changes are detected when the COMMIT PNNI command is issued, the new parameters are automatically saved before the ATM subsystem is reset.
If you decide that the configuration changes that you have made (and implemented via a non-critical commit) should be maintained indefinitely, you can save the Active Configuration to the NVS Configuration by issuing the following command:
à ð
8265ATM> save pnni
á
ñ
This ensures that any changes made to the active configuration as a result of a non-critical commit are reinstalled after a reset or power on action.
Restoring the Active Configuration
If you have changed your active PNNI configuration with the SET PNNI and COMMIT commands, you can remove the newly changed parameter values by issuing the command:
à ð
8265ATM> revert pnni
á
ñ
Note: This applies only when a non-critical commit has been issued. If the commit was critical, then the
NVS Configuration repository will have been overwritten by the parameter values in the Future configuration repository.
Restoring the Future Configuration
If you have decided not to proceed with a critical commit, or you wish to remove parameter changes made but not yet committed, you can restore the Future Configuration with the values contained in the Active Configuration by issuing the command:
à ð
8265ATM> uncommit pnni
á
ñ
Chapter 6. Configuring PNNI Parameters 59
Viewing Configuration Settings
To display the parameters in the Future Configuration issue the command:
à ð
8265ATM> show future_pnni node_ð
á
ñ
To display the Active Configuration parameters , enter the following command:
à ð
8265ATM> show pnni node_ð
á
ñ
Note: After a COMMIT PNNI command has been issued, the Active and Future Configuration will show
the same information.
To display whether the active configuration is saved or not, and whether there is a pending commit or not, enter the following command:
à ð
8265ATM> show pnni configuration_state
á
ñ
60 IBM 8265: User's Guide
Configuring the ATM Switch Address
When a PNNI switch is powered on for the first time, it automatically loads a default configuration (see
58.) As this default configuration also includes a default ATM address, the address must be reconfigured so that the switch has a unique address. This reconfiguration is achieved by issuing the following command:
à ð
8265ATM> set pnni node_ð atm_address: <address>
á
ñ
where <address> is the desired ATM address. PNNI responds by displaying a short description of your next entry alternatives. If setting the address is
the only reconfiguration action, you issue the COMMIT PNNI command to activate the new configuration. If you wish to modify the address further, you reissue the SET PNNI NODE_0 ATM_ADDRESS command before issuing the COMMIT PNNI command (which causes the address to be saved in the NVS Configuration repository before the Control Point is reset).
Example
The following example sets the ATM address to
39.1ð.2ð.3ð.4ð.5ð.6ð.7ð.8ð.9ð.Að.Bð.Cð.Dð.Eð.2ð.11.12.13.14:
à ð
8265ATM> set pnni node_ð atm_address: 39.1ð.2ð.3ð.4ð.5ð.6ð.7ð.8ð.9ð.Að.Bð.Cð.Dð. Eð.2ð.11.12.13.14
á
ñ
Note: In the default PNNI configuration, the address of all switches that are to form a peer group must
have a common 96 bit (12 byte) prefix. This prefix is called the peer group id and defines the set of switches that together form one peer group. A simple way to configure a collection of interconnected switches into one peer group is to issue the SET PNNI NODE_0 ATM ADDRESS command for each switch whereby all addresses have a common 96 bit prefix.
Chapter 6. Configuring PNNI Parameters 61
Configuring Peer Group Identifiers
Peer group identifiers are private ATM address prefixes that define the set of switches that together form one peer group.
All switches that are to form a peer group must have the same Peer Group Identifier (both length and content must be the same).
The length, in bits, of the peer group identifier is called the
level identifier
, and governs the length of the address that must be matched. The level identifier can be set to any length from 0 bits through 104 bits, although normally less than 104 bits are used, as shown in Figure 9
The address itself can be based either on the switch's ATM address or explicitly defined.
104 bits
End System Id
SEL
private ATM address
level id
bit field used for uniquely identifying a switch by its peer goup
Figure 9. Level ID Perspective of a Switch ATM Address
If the full 104 bits are used, then the address bits positioned between the level id and End System Id disappear.
In the default PNNI configuration, the peer group identifier is derived from the first 12 bytes of the switch's address.
How you configure the peer group identifier depends on whether you use the switch's ATM address or not. Both scenarios are covered in the next sections.
Using the Switch's ATM Address
If the peer group identifier is to be based on the switch's ATM address, then you only have to specify the portion, or length, of the address that must be matched by other switches in order for them to belong to the peer group.
The default length, 96 bits, may be changed by entering the following command:
à ð
8265ATM> set pnni node_ð level_identifier: <n>
á
ñ
where <n> can vary from 0 to 104 bits). This causes PNNI to select the first n bits of the switch's address as the new peer group id.
If you change the level identifier in one switch (and by doing so the peer group id), you must also make the same change at any other switches belonging to the peer group.
62 IBM 8265: User's Guide
Note: When the peer group identifier is based on the switch's ATM address, a change to that ATM
address can cause the peer group identifier to change (if the change part of the address falls within the length specified by the level identifier).
Explicitly Entering a Peer Group ID
To explicitly define a peer group id, you must specify both the length and content. For example, if you enter:
à ð
8265ATM> set pnni node_ð peer_group_id: 51 47.a5.32.4e.b7.48.19 8265ATM> commit pnni
á
ñ
then the node_0 takes the peer group id from the first 51 bits of the entered string 47.a5.32.4e.b7.48.19 and 51 is the new level id. This action results in the peer group id being different from the switch's 51 bit ATM address.
Note: The entered peer group id value must conform to the prefix of the private ATM address. PNNI
applies address checking to entered peer group ids.
This operation removes the restraint that the address of every switch in a peer group has to have a common prefix of level id length. One peer group id, common to the network, can be entered at each switch, thereby making the network operation independent of whether the switch addresses have a common prefix or not.
Once you have explicitly defined a peer group id, you cannot modify the length of it by entering the SET PNNI NODE_0 LEVEL_IDENTIFIER command. This will cause the peer group id to be determined from the switch's ATM address. To change the length of an explicitly defined peer group id, you must re-enter the SET PNNI NODE_0 PEER_GROUP_ID command.
Chapter 6. Configuring PNNI Parameters 63
Configuring Summary Addresses
In PNNI, reachability is the advertising of end system addresses throughout a peer group for the purpose of setting up connections between end systems. Reachability in PNNI routing is simplified by the capability of having groups of addresses with a common prefix to be represented by that prefix. Such a prefix is called a
summary address
. PNNI generates a default summary address to provide reachability to all end systems attached to the switch whose addresses share the switch's 13 byte ATM address prefix, that is, whose addresses are generated by the ILMI address notification protocol. Additional non-default summary addresses can be configured to provide reachability for address groups that do not share their switch's 13 byte ATM address prefix. For example, entering:
à ð
8265ATM> set pnni node_ð summary_addr internal: 3ð 39.22.ee.99
á
ñ
will cause all end systems directly attached to the switch via UNIs whose addresses begin with the first 30 bits of the string 39.22.ee.99 to be represented in the peer group by the just entered summary address. PNNI stores a summary address without using it if no end system address prefixes match that address.
PNNI uses a longest matching prefix criterion, so no two summary addresses within a PNNI network should have the same value unless they represent the same set of addresses. Furthermore, summary addresses should be configured as long as possible to enhance longest matching prefix selection.
PNNI also supports path selection to end systems that lie outside a peer group, that is, end systems that are connected to a peer group via non-PNNI links (typically IISP links). For example, at a switch belonging to a peer group the command:
à ð
8265ATM> set pnni node_ð summary_addr exterior 28 45.22.ee.99
á
ñ
then all end system addresses, reachable from that switch, that have a prefix the same as the first 28 bits of the string 45.22.ee.99 and lie outside the peer group, will be represented in the peer group by the entered summary address.
To ascertain the number of existing summary addresses, and the remaining number that can be set, enter the following command:
à ð
8265ATM> show pnni summary_address
á
ñ
The resulting display also includes an index number for each summary address set. This index number can be used to delete a summary address, when used in the following command:
à ð
8265ATM> clear pnni summary_addr <n>
á
ñ
where <n> is the index number displayed by the SHOW PNNI SUMMARY_ADDRESS command.
64 IBM 8265: User's Guide
Every control point feeds end system addresses (that do not share the switch's 13 byte address prefix) to its PNNI subsystem which represents them by corresponding summary addresses if these are already configured.
Configuring a new summary address can affect the functioning of previously configured summary addresses. In the following example, assume that you have configured an external summary address
39.aa.bb, and that you have also set the following reachable external addresses:  39.aa.bb.cc.45.63...  39.aa.bb.cc.64.32...  39.aa.bb.cc.46.39... then all 3 external addresses will automatically be represented in PNNI by the address prefix 39.aa.bb of
the configured summary address. If you now set a second external summary address to 39.aa.bb.cc then PNNI will automatically migrate the three external addresses to the new summary address. The result is that the three addresses are now represented by the new summary address prefix 39.aa.bb.cc and the old summary address 39.aa.bb is unused although it remains stored in PNNI. The reason for this is that all address to summary address associations are computed on the basis of longest matching prefix and
39.aa.bb.cc is a longer match than 39.aa.bb. You could reactivate the summary address 39.aa.bb by setting the following group of external reachable addresses:
 39.aa.bb.ff.45.63...  39.aa.bb.ff.64.32... which cannot be represented by the address prefix 39.aa.bb.cc.
Chapter 6. Configuring PNNI Parameters 65
Configuring PNNI Path Selection
IBM's PNNI supports three types of path selection, for the following classes of traffic:
Constant Bit Rate (CBR), real time Variable Bit Rate (rt VBR), and non-real time Available Bit Rate (nrt
VBR)
Available Bit Rate (ABR)Unspecified Bit Rate (UBR)
Constant Bit Rate and Variable Bit Rate (CBR, rt VBR, and nrt VBR)
Routing is done on demand, corresponding to the demand appearing when processing a call from the network (this is automatic and requires no configuration action from the ATM console):
Calls not satisfying the Generic Call Admission Control (GCAC) are pruned.A shortest path is computed. This is the path with the smallest sum of adminisitrative weights. If more
than one path is found with the same sum of administrative weights, the path with the highest available bandwidth is chosen.
Available Bit Rate
IBM's PNNI Path Selection supports Available Bit Rate (ABR) calls in two ways, precomputed and on-demand:
Paths are precomputed and specific route is obtained via table look-ups, resulting in fast connection
setup. The path is computed according to the "widest path" criterion.
Paths are computed on-demand, resulting in slower connection setups, but with more optimization for
the individual routes. The path is computed according to the "shortest path" criterion, based on administrative weights.
The default configured setting is for paths to be precomputed, and can be changed to on-demand by entering the following command:
à ð
8265ATM> set pnni path_selection abr: on_demand_path
á
ñ
The setting can be changed back to precomputed by entering the following command:
à ð
8265ATM> set pnni path_selection abr: precomputed_path
á
ñ
66 IBM 8265: User's Guide
Unspecified Bit Rate
IBM's PNNI Path Selection supports Unspecified Bit Rate (UBR) in two ways, shortest path and widest path:
The shortest path approach follows a two step algorithm. In step one, paths with minimal hop count to
the destination are selected. In the second step, the widest path approach is applied to the previously selected group of shortest paths to select the final route. This approach is favored when the network contains critical restraints such as links (VCIs, VPIs) and/or switches that tend to become traffic bottlenecks. The drawback of the shortest path approach, is its reduced load balancing capability.
The widest path approach finds the least loaded path in terms of bandwidth regardless of the number
of hops required to reach the destination. This approach balances the load on the paths through a
network in the absence of critical constraints within that network. Regardless of the criterion used, UBR path computation is always done in precomputed mode. The default configured setting is the widest path approach, and this can be changed to shortest path by
entering the following command:
à ð
8265ATM> set pnni path_selection ubr: shortest_path
á
ñ
The setting can be changed back to widest path by entering the following command:
à ð
8265ATM> set pnni path_selection ubr: widest_path
á
ñ
To display the current route modes, enter the following command:
à ð
8265ATM> show pnni path_selection
á
ñ
Note: Point-to-multipoint calls are processed as on-demand, shortest path.
Chapter 6. Configuring PNNI Parameters 67
Using the Crankback Function
The crankback function enables the PNNI control point to automatically establish an alternate link to a target device when a failure occurs on the current route.
To enable or disable the crankback function, you enter the SET PNNI CRANKBACK ON or SET PNNI CRANKBACK OFF command.
The follow example shows how to enable the crankback function.
à ð
8265ATM> set pnni crankback on
á
ñ
You can display whether the crankback function is enabled or not by entering the SHOW PNNI CRANKBACK command.
68 IBM 8265: User's Guide
Displaying PNNI Information
This section details how to display information about the PNNI system. There are two types of information that can be displayed:
Information relating to the Active and Future Configurations:
– Node_0 information (ATM address, level identifier, and peer group id) – Path selection settings
– Summary addresses.
Information relating to the PNNI system itself:
– Configuration status
– Peer group members – Neighbors – PTSEs
Displaying Node_0 Information
The following parameters can be displayed for node_0: ATM address Level identifier
Peer Group Id
To display the node_0 parameters for the Active configuration, enter the following command:
à ð
8265ATM> show pnni node_ð
á
ñ
To display the node_0 parameters for the Future configuration, enter the following command:
à ð
8265ATM> show future_pnni node_ð
á
ñ
Chapter 6. Configuring PNNI Parameters 69
Path Selection Settings
To display whether paths are set to be precomputed or set up on demand, enter one of the following commands.
For the Active configuration, enter the following command :
à ð
8265ATM> show pnni path_selection
á
ñ
For the Future configuration, enter the following command :
à ð
8265ATM> show future_pnni path_selection
á
ñ
Summary Addresses
To display the summary addresses already in effect (in the Active system), enter the following command :
à ð
8265ATM> show pnni summary_address
á
ñ
To display the summary addresses set in the Future configuration, enter the following command :
à ð
8265ATM> show future_pnni summary_address
á
ñ
The resulting display also includes an index number for each summary address set. This index number can be used to delete a summary address, when used in the following command:
à ð
8265ATM> clear pnni summary_addr <n>
á
ñ
where <n> is the index number of the address to be deleted.
70 IBM 8265: User's Guide
Configuration State
To display the configuration state, enter the following command :
à ð
8265ATM> show pnni configuration_state
á
ñ
This displays whether the active configuration is saved or not, and whether a there is a pending commit.
Peer Group Members
à
ð
8265ATM> show pnni node_ð peer_group_members
á
ñ
Neighbor Node Ids
To obtain a list of neighbor node ids enter the following command:
à ð
8265ATM> show pnni neighbor
á
ñ
Node ids are 22 byte identifiers that characterize a PNNI node. Neighbor nodes are nodes directly connected via one or more links to the node being referenced.
Chapter 6. Configuring PNNI Parameters 71
PTSEs
Key entities in PNNI are PNNI Topology State Elements (PTSEs). PTSEs are a collection of PNNI information that is flooded to all logical nodes within a peer group. Each node_0 creates its own PTSEs called
self originated
PTSEs, of which there are 6 types:
Nodal State Parameter (NSP)Nodal Information Group (NIG)Internal Reachability (IR)External Reachability (ER)Horizontal Link (HL)Up Link (UL).
Summary information about these PTSEs can be obtained by issuing the following command:
à ð
8265ATM> show pnni ptse self_originated all
á
ñ
This lists the number of existing PTSEs of each type. If the summary shows the presence of, for example, 3 HL PTSEs, you can use a positive integer, smaller or equal to 3, to retrieve detailed information about the respectively indexed HL PTSE. Say, for example, you wish to inspect the second PTSE, then you would enter the following command:
à ð
8265ATM> show pnni ptse self_originated horizontal_link 2
á
ñ
The general structure of the command applies to all other PTSE types, you simply replace
horizontal_link by nodal_information_group, internal_reachability, external reachability, nodal_state_parameters, or up_link.
Additionally, you can also display the PTSE's Resource Availability Information Groups (RAIGS) by including the parameter with_raigs. For example:
à ð
8265ATM> show pnni ptse self_originated horizontal_link 2 with_raigs
á
ñ
You can also limit the PTSE summary information displayed to only one type of self originated PTSE. For example, entering:
à ð
8265ATM> show pnni ptse self_originated horizontal_link
á
ñ
will display summary information about HL PTSEs only.
72 IBM 8265: User's Guide
Self originated PTSEs are flooded to all other switches in the ATM PNNI network so that the database of any one switch contains copies of PTSEs issued by all other switches. These PTSEs can also be displayed. By entering the show pnni peer_group_members, you can obtain the index entry identifying the node id (which identifies the switch) whose PTSEs you want to display. If, for example, the index entry is 3, you would enter the following command:
à ð
8265ATM> show pnni ptse 3
á
ñ
to obtain summary information about all PTSE types issued by the respective node. Then you could display that node's second HL PTSE (assuming it exists), by entering the following command:
à ð
8265ATM> show pnni ptse 3 horizontal_link 2
á
ñ
and with_raig could be added, if required. You can also limit the displayed PTSE summary information to one PTSE type. For example, entering the
following command:
à ð
8265ATM> show pnni ptse 3 horizontal_link
á
ñ
will limit the summary to HL PTSEs issued by the switch whose node id corresponds to index 3. Remember that you obtain the node id to index mapping by entering a show pnni peer_group_members command.
Chapter 6. Configuring PNNI Parameters 73
74 IBM 8265: User's Guide
Chapter 7. Configuring Network Access Security
This chapter describes
How Network Access Security operatesHow to configure the Netwqork Access Security systemHow to display current security settings. 8265.
Introduction
Access to the 8265 ATM network is provided for all types of ATM applications, regardless of whether the ATM device is running LAN emulation, Classical IP, or native ATM. The purpose of access security is to validate physical access to the ATM network.
When an ATM station connects to the ATM switch, it registers its ATM address through ILMI to the connecting ATM switch. When network security access is enabled, the ATM address is validated (based on the ILMI protocol, and using either the End System Identifier (ESI) or the full ATM address), to determine if network access is granted. Stations that do not have ILMI must have their address defined via the SET REACHABLE_ADDRESS command (see “Configuring Reachable Addresses” on page 49.)
Security can be implemented either globally (on all detected ports) or on an individual port basis. The network access security system maintains a table of ATM addresses that are allowed access (either
at the switch or port level). If the registering address is not in the table, the ATM switch will disable the port and report an SNMP trap. The last violation for each port can be displayed by the network administrator. A maximum of 512 addresses can be maintained in the address table.
The network administrator can use the ATM control point console, accessible either via the RS-232 interface or via Telnet, to modify the security settings (the Administrator password is required).
In addition to maintaining address tables, the following functions are also available: Autolearn Function Default Values Violation trapping Violation logging.
Copyright IBM Corp. 1994, 1998 75
Autolearn Function
To simplify the definition of addresses, an autolearn mode exists where the ATM switch automatically learns the ATM addresses that register through ILMI and stores them into the access control address table.
The autolearn function is enabled by specifying the number of addresses per port to be learnt. If 0 is specified, autolearning is disabled. When autolearn is enabled:
Each time a new address is learnt, the number of addresses that can be learnt is decreased by 1.
Once the value reaches 0, no further learning can take place.
Each ATM address learnt for the port is automatically added to the list of authorized addresses for this
port.
An MSS server can work with more than 16 internal addresses. When this is the case, it is advised that you disable security on the port connected to the MSS server.
Default Values
Because ATM ports may be dynamically added to a switch (when new modules are inserted), you can set default parameters that can be applied to newly detected ports.
Unless specified otherwise, the default settings are:
1. security: disabled
2. autolearn: disabled
3. violation trapping: disabled
4. violation logging: disabled.
To change the default values, see “Setting Default Values” on page 81.
Violation Trapping
When the security trap is enabled, an SNMP trap is sent to the network management station each time a security violation occurs. The SNMP trap contains:
The date and time of the violationThe data that failed the security check (such as ATM address)The interface where the violation occurred.
Violation Logging
When violation logging is enabled, the last 64 security violations are stored in a log. The contents of this log can be displayed at the terminal, or uploaded to a server via TFTP.
This information allows a network operator to rapidly help a user determine the reason why network access was denied.
Violation logging can be enabled either for all ports, or individual ports.
76 IBM 8265: User's Guide
Enabling or Disabling Security
You can enable or disable security either globally (on all detected ports in the 8265) or on selected ports only. To enable security on selected ports, security must be enabled globally.
These settings only apply to ports currently detected. Ports newly detected have security enabled or disabled depending on the default mode setting (see “Security Mode Default” on page 81.)
Enabling Security
To enable security globally, you enter the following command:
à ð
8265ATM> set security mode access_control
á
ñ
Note: If the access control server or an ARP server is connected via a UNI link, you must ensure that the
port to which it is connected has security disabled. Otherwise, the server(s) will not be able to connect to the 8265 after a reset.
To enable security on a specific port, you enter the following command:
à ð
8265ATM> set security port <slot.port> mode access_control
á
ñ
where <slot.port> specifies the slot where the module is installed and the port on the module.
Tips:
If you only wish to have security on a few selected ports, the easiest way to do this is by entering the following commands:
1. SET SECURITY MODE NO_SECURITY (to stop the security system - only required if the system is active)
2. SET SECURITY DEFAULT MODE NO_SECURITY (to disable security on all ports newly detected after security is activated)
3. SET SECURITY MODE ACCESS_CONTROL (to start the access security system)
4. SET SECURITY PORT (slot.port) MODE ACCESS_CONTROL (to enable security on the required ports).
Conversely, if you wish to have security on all or most ports, the easiest way to do this is by entering the following commands:
1. SET SECURITY MODE NO_SECURITY (to stop the security system - only required if the system is active)
2. SET SECURITY DEFAULT MODE ACCESS_CONTROL (to enable security on all ports newly detected when security is activated)
3. SET SECURITY MODE ACCESS_CONTROL (to start the access security system)
4. SET SECURITY PORT (slot.port) MODE NO_SECURITY (to disable security on the ports for which security is not required).
Chapter 7. Configuring Network Access Security 77
Disabling Security
To disable security globally, you enter the following command:
à ð
8265ATM> set security mode no_security
á
ñ
To disable security on a specific port, you enter the following command:
à ð
8265ATM> set security port <slot.port> no_security
á
ñ
78 IBM 8265: User's Guide
Setting the Autolearn Values
You can configure the autolearn function to learn up to 16 ATM addresses per port at a time. You can disable the autolearn function for a particular port by specifying that no addresses may be learned.
The autolearn function can be enabled or disabled either for all ports or for specific ports. To enable or disable the autolearn function for all ports, enter the following command:
à ð
8265ATM> set security autolearn enable|disable
á
ñ
To set a value for a given port, enter the following command:
à ð
8265ATM> set security port <slot.port> autolearn <value>
á
ñ
where <slot.port> specifies the slot where the module is installed and the port on the module, and <value> specifies the number of ATM addresses that can be learned. By entering a value of 0, you
disable the autolearn function (no addresses may be learned).
Chapter 7. Configuring Network Access Security 79
Enabling and Disabling Violation Traps
You can enable or disable traps on either all ports or selected ports. You enable or disable traps on all ports by entering the following command:
à ð
8265ATM> set security trap access_violation|nothing
á
ñ
You enable or disable traps on specific ports by entering the following command:
à ð
8265ATM> set security port <slot.port> trap enable|disable
á
ñ
where <slot.port> specifies the slot where the module is installed and the port on the module.
Enabling and Disabling Violation Logging
You can enable or disable the logging of security violations either on all ports or specific ports. You enable or disable logging on all ports by entering the following command:
à ð
8265ATM> set security log nothing|access_violation
á
ñ
You enable or disable logging on specific ports by entering the following command:
à ð
8265ATM> set security port <slot.port> log enable|disable
á
ñ
where <slot.port> specifies the slot where the module is installed and the port on the module.
80 IBM 8265: User's Guide
Setting Default Values
You can set default values that will be automatically applied to any new ports detected after the values have been set (for example, after a new module has been inserted in the 8265).
You can set default parameters to :
Specify if security is to be enabled or not on the portSpecify the number of addresses that can be automatically learned for the portSpecify if is an SNMP trap is sent to the network management station when a security violation occursSpecify if security violations are to be logged.
Security Mode Default
To automatically enable or disable security for newly detected ports, enter the following command:
à ð
8265ATM> set security default mode access_control|no_security
á
ñ
Violation Trapping Default
To set the default for whether SNMP traps are sent to the network manager station when security violations are detected, enter the following command:
à ð
8265ATM> set security default trap enable|disable
á
ñ
Autolearn Default
To specify if the autolearn function is to be effected for newly detected ports, and if so, the number of addresses to be learned, enter the following command:
à ð
8265ATM> set security default autolearn <value>
á
ñ
where <value> specifies the number of ATM addresses that can be learned. A value of 0 indicates that autolearning will be disabled.
If you only wish to have the autolearn function in effect on a few selected ports, the easiest way to do this is:
1. Set the default autolearn setting to 0 (disabled)
2. Enable autolearn on the required ports only.
Conversely, if you wish to have autolearn on all or most ports, the easiest way to do this is:
1. Set the default autolearn setting to a value other than 0
2. Set the default autolearn value to 0 on the ports that you do not wish to have the autolearn function active.
Chapter 7. Configuring Network Access Security 81
Violation Logging Default
To enable or disable the logging of security violations on all newly detected ports, enter the following command:
à ð
8265ATM> set security default log enable|disable
á
ñ
82 IBM 8265: User's Guide
Specifying ATM Addresses to be Accepted
The ATM address can be validated on either the full ATM address (19 bytes) or just the ESI portion (bytes 14 through 19) of the address, and can be set at either the 8265 or individual port level.
To set the validation to be done on the network prefix, enter the following command:
à ð
8265ATM> set security atm_address <value> any|<slot.port>
á
ñ
where any specifies that the address is to be accepted for all ports in the 8265, and <slot.port> can be used to specify a single port.
To set the validation to be done on the ESI, enter the following command:
à ð
8265ATM> set security esi_address <value> any|<slot.port>
á
ñ
where any specifies that the address is to be accepted for all ports in the 8265, and <slot.port> can be used to specify a single port.
Note: You should not have both a full ATM address and ESI address authorized for the same range
(either any port or a specific port) when the full ATM address contains the same ESI address as the ESI address specified by the SET SECURITY ESI_ADDRESS command. This may cause a rejection of one of the addresses.
Removing ATM Addresses
You can remove either a single ATM address or all ATM addresses from the list of authorized addresses by entering the following command:
à ð
8265ATM> clear security atm_address all|<index>
á
ñ
where <index> denotes the index entry of the address, as displayed by the SHOW SECURITY ATM_ADDRESS command.
Chapter 7. Configuring Network Access Security 83
Displaying Security Information
You can display the following information:
The current global settingsThe current default settingsThe ATM addresses authorized for access (at the 8265 or port level)The contents of the security violation logSpecific port information, such as:
– Whether security is enabled or not – The number of ATM address that can be learned – Whether traps are enabled or not. – Whether security voilations are logged or not.
The last security violations (at the 8265 or port level)
Current Global Settings
To display the global settings currently in effect, enter the following command:
à ð
8265ATM> show security control
á
ñ
The resulting display will show if the following are enabled or disabled: Security Autolearn function SNMP Traps Violation logging.
Current Default Settings
To display the current default settings that will be applied to all newly detected ports, enter the following command:
à ð
8265ATM> show security default
á
ñ
The resulting display will show the default settings for: Security Autolearn function SNMP Traps Violation logging.
84 IBM 8265: User's Guide
Loading...