Net Optics iTap 10 GigaBit Port Aggregator User Manual
User Guide
iTap 10 GigaBit Port Aggregator
Doc. 800-0058-001 (PUBIPASRXFPU) Rev B, 11/10
PLEASE READ THESE LEGAL NOTICES CAREFULLY.
By using a Net Optics iTap 10 GigaBit Port Aggregator you agree to the terms and conditions of usage
set forth by Net Optics, Inc.
No licenses, express or implied, are granted with respect to any of the technology described in this
manual. Net Optics retains all intellectual property rights associated with the technology described in this
manual. This manual is intended to assist with installing Net Optics products into your network.
Trademarks and Copyrights
© 2010 by Net Optics, Inc. Net Optics® is a registered trademark of Net Optics, Inc. iTapTM is a trademark of Net Optics, Inc. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.
Additional Information
Net Optics, Inc. reserves the right to make changes in specications and other information contained
in this document without prior notice. Every effort has been made to ensure that the information in this
document is accurate.
iTap 10 GigaBit Port Aggregator
Contents
Chapter 1
Introduction ..................................1
About this Guide ....................................................1
Features ...........................................................1
Support ...........................................................5
Chapter 2
Installing the iTap Port Aggregator ................. 7
Plan the Installation ..................................................7
Unpack and Inspect the iTap Port Aggregator .............................8
Install XFP Monitor Port Modules ......................................8
Rack Mount the iTap Port Aggregator (optional) ..........................9
Connect Power to the iTap Port Aggregator ...............................9
Connect the CLI Interface ............................................10
Congure the iTap Port Aggregator using the CLI .........................12
Connect the iTap Port Aggregator to the Network .........................17
Connect the Management Port to the Network ............................18
Connect a Monitoring Device to the Port Aggregator ......................20
Check the Installation ...............................................21
Chapter 3
Front Panel ..................................23
Display ..........................................................24
Utilization Alarm LEDs .............................................25
Link LEDs ........................................................25
Mode LEDs .......................................................25
Power LEDs ......................................................25
Reset Button ......................................................25
iTap 10 GigaBit Port Aggregator
Chapter 4
Using Web Manager ...........................27
Access Web Manager ...............................................27
View System Status .................................................29
View iTap Trafc Statistics ...........................................30
Change iTap Port Aggregator System Conguration .......................31
Chapter 5
Using System Manager .........................35
Install System Manager ..............................................36
Explore System Manager ............................................37
Create a System Manager Group ......................................39
Delete a System Manager Group ......................................40
Add Devices to a System Manager Group ...............................40
Modify an iTap device Name or IP Address ..............................42
Delete an iTap device from System Manager .............................43
View iTap Port Aggregator Information .................................43
Congure an iTap Port Aggregator .....................................45
Appendix A
Specications and Models ......................49
Appendix B
Command Line Interface .......................53
Limitations on Warranty and Liability .............57
Thank you for purchasing the latest innovation in Tap technology, the iTap
10 GigaBit Port Aggregator (iTap Port Aggregator). This device provides
ultra‑efcient access to critical 10 Gigabit full‑duplex links using only one NIC on
each monitoring tool, and supports two tools simultaneously. In addition, the iTap
feature gives you a quick visual reference of link performance: Bandwidth utilization is monitored and displayed on the front panel and through remote interfaces so
you can see exactly what is happening on both sides of the network link. The iTap
Port Aggregator also features a Tap mode, timestamping, and packet slicing.
About this Guide
This guide describes the installation and use of the following models:
Part Number Description
IPA-SR5-XFP 10 Gig SR Multimode, 62.5µm, In-Line
IPA-50SR5-XFP 10 Gig SR Multimode, 50µm, In-Line
IPA-LR5-XFP 10 Gig LR Singlemode, 8.5µm, In-Line
IPA-ER5-XFP 10 Gig ER Singlemode, 8.5µm, In-Line
iTap 10 GigaBit Port Aggregator
Chapter 1
Introduction
Features
Front Panel Display
The front panel display and alarm LEDs provide a quick visual check that link
utilization levels are not exceeding the capacity of the monitoring device or a
pre-determined threshold. From the display, you can view the current bandwidth
utilization of each side of a full-duplex link, and the monitor ports, along with
the size and time of the peak utilization for each port. After taking action on a
utilization or peak event, you can reset the data from a recessed reset button on the
front panel or remotely. With iTap technology, you have the information and the
access points you need to respond quickly to network events.
1
iTap 10 GigaBit Port Aggregator
Performance Aggregation
The iTap Port Aggregator combines and regenerates both directions of a full-duplex
stream, sending all aggregated trafc to two separate monitoring ports. Typically,
full-duplex monitoring with a network tap requires two network interface cards
(NICs) (or a dual channel NIC), one interface for each side of the full-duplex link.
Net Optics’ iTap Port Aggregator enables one or two devices to simultaneously
monitor a full-duplex link using only one NIC per device.
After the trafc has been aggregated to a single ow, it is difcult for the monitoring
tool to distinguish the utilization levels of each side of the bi-directional link. The
iTap Port Aggregator tracks the utilization levels before aggregation, keeping this
vital information easily accessible from its remote and command line interfaces.
Remote Access
The iTap Port Aggregator is accessible from remote interfaces that provide information
and control from anywhere in the network. Web Manager and System Manager
software communicate over the remote interfaces to enable you to remotely set
parameters, view status information, and monitor trafc statistical data. These tools
provide security and performance information including the number of packets
and bytes transferred, and the CRC error count. You can remotely set the alarm
thresholds, clear the trafc data counters, and turn on or off a Monitor Port using a
Web browser and the IP address of the Aggregator. The remote interfaces operate
through a dedicated Management Port that can be connected to the network or
isolated on a dedicated management VLAN for increased security.
Security, Visibility, and Reliability
A monitoring device connected to the iTap Port Aggregator sees all full‑duplex trafc
including Layer 1 and Layer 2 errors. Redundant power connections provide uptime
protection. You have the option of conguring the iTap Port Aggregator so that it will
not show data on the display. You can also turn off the Management Port, thereby
preventing the device from being accessed over the network. In addition, Monitor
Ports can be turned off to prevent unauthorized access to the network link.
Tap Mode
The iTap Port Aggregator can operate as a Port Aggregator (AGG mode) or as a
conventional network Tap (TAP mode). In Tap mode, the device bridges all trafc
between Network Ports A and B, while copying trafc from Network Port A to
Monitor Port 1, and Network Port B to Monitor Port 2.
2
iTap 10 GigaBit Port Aggregator
User-dened Maximum Packet Size
The user can set a maximum packet size of 64 to 12,000 bytes for each network port.
If any oversized packets are received (the packet length exceeds the programmed
value), they are counted and discarded. This function enables the iTap Port Aggregator
to pass jumbo packets, but discard packets that are oversized as dened by the user.
Timestamping
When the timestamping feature is enabled, the iTap Port Aggregator replaces
each packet's CRC with a timestamp before it is sent to the monitoring tool. The
timestamp records the exact time that the packet arrived, and which Network Port
it arrived from, so events can be correlated with other data.
The timestamp is a 32-bit value. A 30-bit timer is contained in the lower part of the
timestamp. The timer increments every 6.4 nanoseconds (156 Mhz). The two most
signicant bits indicate the Network Port: 00 means Port A and 10 means Port B.
Optionally, a new CRC can be regenerated and appended to the packet so the
monitoring tool does not see CRC errors due to the changed eld. (See following
section, CRC Regeneration.)
Packet Slicing
Sometimes it is desirable for monitoring tools to see only packet headers and not the
packet payload. For example, when executing a lawful intercept, it may be illegal for
the monitoring tool to read the packet payload. Another reason for passing only the
packet headers is to reduce the bandwidth requirement on the monitor ports.
The iTap Port Aggregator supports this requirement by providing a packet slicing
function. When packet slicing is enabled, a user‑congurable number of bytes at the
beginning of each packet are copied to the monitor ports, and the rest of the packet
is discarded. (Of course, the full packets are always passed between Network Ports
A and B.) Optionally, a new CRC can be regenerated and appended to the packet so
the monitoring tool does not see CRC errors due to the truncated packets. (See
Regeneration
on the following page.)
3
CRC
iTap 10 GigaBit Port Aggregator
CRC Sanitizing
The iTap Port Aggregator can be set to drop packets from the monitoring data stream
if they are received with CRC errors. This function can clean up the data being
sent to monitoring tools, or it can be left off so the monitoring tool can see the
packets that have CRC errors. In either case, packets received with CRC errors are
counted and reported in the Port Statistics. All packets are always passed between
Network Ports A and B regardless of CRC errors; this option only affects the trafc
sent out the Monitor Ports. CRC Sanitizing is activated by setting Drop Bad Packet
to ON.
CRC Regeneration
The iTap Port Aggregator can regenerate good CRC check bytes for packets as it
copies them to the Monitor Ports. The four bytes of regenerated CRC are appended
to the packet. For example, if packet slicing is set to 64 bytes, the resulting packet
with CRC Regeneration is 68 bytes at the Monitor Port.
Timestamping and packet slicing inherently create packets with bad CRCs, so use
CRC Regeneration if you don't want the monitoring tool to receive timestamped or
sliced packets with CRC errors.
However, note that CRC Regeneration also converts packets with CRC errors to
good packets before copying them to the monitoring tool. This situation should be
avoided because the monitoring tool won't know the packets were received with
CRC errors. Therefore, whenever CRC Regeneration is ON, it is advisable to turn
on CRC Sanitizing as well, to prevent packets received with CRC errors from going to the Monitor Ports at all.
SNMP Traps
The iTap Port Aggregator transmits SNMP traps for the following events:
• Utilization exceeds the threshold on any port
• Any port link status changes
• Either power supply state changes
4
Ease of Use
• Display alternately shows link utilization, the peak utilization, and the time the
• LED indicators show redundant power, link status, Tap or Aggregation mode,
• XFP monitor ports provide increased exibility
• All necessary network and monitor cables are included
• Optional 19-inch rack frame holds up to two iTap Port Aggregators
• Compatible with all major manufacturers’ monitoring devices, including protocol
• Fully RoHS Compliant
Support
Net Optics offers technical support throughout the lifetime of your purchase. Our
technical support team is available from 8 a.m. to 5 p.m. Pacic Time, Monday
through Friday, at +1 (408) 737-7777 and via e-mail at ts-support@netoptics.com.
FAQs are also available on Net Optics web site at www.netoptics.com.
iTap 10 GigaBit Port Aggregator
peak utilization occurred, for all four ports
and utilization alarms
analyzers, probes, and intrusion detection/prevention systems
5
iTap 10 GigaBit Port Aggregator
Chapter 2
Installing the iTap Port Aggregator
This chapter describes how to install the iTap 10 GigaBit Port Aggregator.
The procedure follows these basic steps:
• Plan the installation
• Unpack and inspect the iTap Port Aggregator
• Install the XFP modules for the monitor ports
• Rack mount the iTap Port Aggregator (optional)
• Connect power to the iTap Port Aggregator
• Connect the command line interface (CLI) RS232 DB9 port
• Congure the iTap Port Aggregator parameters using the CLI
• Connect to network devices
• Connect the Management Port to the network
• Connect to monitoring devices
• Check the installation
After the iTap is installed, you can remotely monitor and control the iTap from
Web Manager or System Manager.
Plan the Installation
Before you begin the installation of your iTap, determine the following:
• IP address of the iTap Port Aggregator or, for multiple iTaps, a range of
IP addresses; Web Manager and System Manager connect at this address
• Net Mask for the iTaps
• IP address of the remote management console, if deployed over a WAN; this
address is used for SNMP traps
• Gateway to the remote management console, if deployed over a WAN
Also make sure you have a suitable location to install the iTap. For fault-tolerant
power redundancy, use two independent power sources.
7
iTap 10 GigaBit Port Aggregator
Unpack and Inspect the iTap Port Aggregator
Unpack the iTap Port Aggregator and check for damaged or missing parts. The
iTap ships with the following:
• iTap 10 GigaBit Port Aggregator
• Two power supplies with cords
• iTap 10 GigaBit Port Aggregator Quick Install Guide (one sheet)
• iTap Software CD
• iTap 10 GigaBit Port Aggregator User Guide (this document, on the iTap Soft-
ware CD)
• Network and monitor cables
• RS232 DB9 cable for use with the CLI
• Extended Warranty if purchased
You may have also ordered rack unit panel for rack mounting the iTap. Carefully
check the packing slip against parts received. If any part is missing or damaged,
contact Net Optics' Customer Service immediately at +1 (408) 737-7777.
(Note: XFP modules are ordered and shipped separately.)
Install XFP Monitor Port Modules
XFP modules are shipped separately. Remove the temporary plugs from the iTap
Port Aggregator monitor slots and insert the XFP modules as shown below, until
they click into place. The photograph on the cover of this Guide shows properly
installed XFPs.
www.netoptics.com
Figure 1: Installing XFPs
Mode
TAP
2
2
AGG.
1
1
B
B
2
A
A
1
RESET
LINK
Network Monitor
A B 1 2
OUT OUTIN IN OUT IN OUT IN
TM
Port Aggregator
10 GigaBit
LASER
CAUTION!
8
iTap 10 GigaBit Port Aggregator
Rack Mount the iTap Port Aggregator (optional)
The iTap is designed for rack mounting in a two-slot, 19-inch panel. The mounting
panel occupies one rack unit (1U).
To rack mount the iTap Port Aggregator:
1. Attach the two-slot panel to your rack using the attached thumbscrews.
2. Slide the iTap into one of the slots and secure with the attached thumbscrews.
3. Make sure that the rack is properly grounded.
The iTap can also be placed on a surface using the supplied pads.
Connect Power to the iTap Port Aggregator
Connect the power supplies on the back of the unit. If you are using redundant
power, make sure that you connect the power supplies to two separate, independent power sources. One or both of the Power LEDs on the front panel should
illuminate, depending on whether you used one power supply or two.
Figure 2: Connecting Power
RS232
9
Management
Port
Connect the CLI Interface
All conguration options, status, and statistics can be accessed using the device's
Command Line Interface (CLI). To use the CLI, connect a DB9 cable from the
RS232 port on the back of the iTap to your computer.
Your computer needs to have terminal emulation software such as HyperTerminal to
access the iTap CLI over the RS232 cable.
To connect the CLI:
1. Connect a PC with terminal emulation software, such as HyperTerminal, to the
iTap using the RS232 DB9 cable supplied with the iTap.
iTap 10 GigaBit Port Aggregator
Figure 3: Connecting RS232 Cable to iTap
2. Launch terminal emulation software and set communication parameters to:
19200 baud
8 data bits
No parity
1 stop bit
No ow control
RS232
Management
Port
To computer with
terminal emulation software
10
iTap 10 GigaBit Port Aggregator
3. The Net Optics CLI banner and login prompt appear in the Terminal Emulation
software (see following gure). Enter the username at the login prompt. The
default username is netoptics.
*************************************
* Net Optics Command Line Interface *
*************************************
login: netoptics
password:
Figure 4: CLI login prompt
4. Enter the password. The default password is netoptics. The "NetOptics:" prompt
is displayed.
*************************************
* Net Optics Command Line Interface *
*************************************
login: netoptics
password: netoptics
Password Accepted
NetOptics:
Figure 5: CLI default password and the "NetOptics:" prompt
11
iTap 10 GigaBit Port Aggregator
Congure the iTap Port Aggregator using the CLI
You should be logged into the iTap Port Aggregator CLI. The factory-set default
values for this iTap Port Aggregator are:
Username: netoptics
Password: netoptics
IP Address: 192.168.1.2
Netmask: 255.0.0.0
Display: ON
Management Port: ON
RX Threshold A: 50%
RX Threshold B: 50%
TX Threshold 1: 50%
TX Threshold 2: 50%
Port 1 Mode: AGG
Port 2 Mode: AGG
Port 1 Enable: ON
Port 2 Enable: ON
Port 1 CRC Regen: OFF
Port 2 CRC Regen: OFF
Port A Max Packet Size: 1518
Port B Max Packet Size: 1518
Port A TimeStamps: OFF
Port B TimeStamps: OFF
Port A Drop Bad Packet: OFF
Port B Drop Bad Packet: OFF
Port A Packet Slice: OFF
Port B Packet Slice: OFF
Port A Slice Size: 64
Port B Slice Size: 64
12
iTap 10 GigaBit Port Aggregator
For security reasons, some parameters can only be set with the CLI. A complete
list of CLI commands can be viewed by typing Help at the CLI prompt. It is also
provided in Appendix B. You will now use the CLI to:
• Change the login username and password
• Assign a new IP address
• Change utilization thresholds
• Set the date and time
• View the device settings
• Try out the CLI Help command
• Turn the Management Port off and on
• Turn the front panel display off and on
Your terminal emulator should be displaying the "NetOptics:" prompt as shown here:
NetOptics:
If you do not see the "NetOptics:" prompt, try typing Help followed by the Enter
key. If the prompt is still not displayed, repeat the instructions in the previous section
Connect the CLI Interface.
While the CLI can be used to change all of the device setting, you also can change
most of them later using the Web Manager or System Manager remote interfaces.
(See Chapters 4 and 5).
Change the iTap Port Aggregator Username and Password
To change the username and password:
1. Change the username by entering the following command:
set username <new username>
2. Change the password by entering the following command:
set password <new password>
3. Record the username and password in a secure location.
13
iTap 10 GigaBit Port Aggregator
Assign a New iTap Port Aggregator IP Address
Be sure that you have the correct new IP address for the iTap Port Aggregator
before you change the IP address value from the default 192.168.1.2.
To assign a new IP address to the iTap Port Aggregator:
1. Type set ip <new ip address>.
2. Press Enter.
Example: Enter set ip 192.168.1.3 to set the iTap Port Aggregator IP address to
192.168.1.3. Web Manager and System Manager can access the device at this
address. Use set manager <new ip address> to set the address for SNMP traps.
Change Port Utilization Threshold Levels
To change the port utilization threshold levels:
1. Enter set threshold port a <new level> to set a percentage of available band-
width for Port A. Utilization exceeding this limit will trigger an alarm.
Example: Enter set threshold port a 30 to set the alarm threshold level for
trafc received on Port A to 30%.
2. Repeat Step 1 for ports B, 1, and 2.
Set the Current Date and Time
To change the current date and time:
• Enter set time <mm/dd/yyyy-hh:mm:ss> where mm is month, dd is day of the
month, yyyy is year, hh is hour, mm is minutes, and ss is seconds.
Time is based on the 24‑hour clock. This clock is used to record the time of trafc
peak utilization events.
14
View Current Settings
To view the current settings:
• Enter show set 1 and show set 2. The CLI displays the current settings; it will
be similar to the example shown on the following page.
NetOptics: show set 1
Model: 10G 62.5um SR Inline
System Time: 05/08/2008 11:29:42
IP Address: 192.168.1.2
Netmask: 255.0.0.0
Manager: 192.168.0.1
Gateway: 10.0.0.1
Port 1 Enable: ON
Port 2 Enable: ON
Display: ON
Management Port: ON
RX Threshold A: 50
RX Threshold B: 50
TX Threshold 1: 50
TX Threshold 2: 50
NetOptics: show set 2
Port 1 Mode: AGG
Port 2 Mode: AGG
Port 1 CRC Regen: OFF
Port 2 CRC Regen: OFF
Port A Max Packet Size: 1518
Port B Max Packet Size: 1518
Port A TimeStamps: OFF
Port B TimeStamps: OFF
Port A Drop Bad Packet: OFF
Port B Drop Bad Packet: OFF
Port A Packet Slice: OFF
Port B Packet Slice: OFF
Port A Slice Size: 64
Port B Slice Size: 64
iTap 10 GigaBit Port Aggregator
Figure 6: Show Set command example
Tip! _____________________________________________________________________
Simply entering show set will display all of the settings at once; however, some of
the settings may scroll off your screen because the list is long.
__________________________________________________________________________
15
iTap 10 GigaBit Port Aggregator
Using the CLI Help Command
To view CLI help information:
1. Enter Help at the "NetOptics:" prompt. The list of help topics is displayed.
NetOptics: help
*************************************
* Net Optics Command Line Interface *
*************************************
Usage: "help <variable>"
<variable>:
set - Congure various options.
reset - Reset options.
show - Show current congurations and status.
echo - Turn on or off echoing of characters.
help - This help screen.
NetOptics:
Figure 7: iTap Port Aggregator CLI Help Menu
2. To view the syntax for changing the iTap Port Aggregator conguration parameters, enter help set.
3. Repeat with the command of interest to view the syntax for all commands
available from the CLI. You can also enter a command and one of its
parameters.
Example: Enter help set threshold to see the usage of that command.
For a complete listing of CLI commands, see Appendix B.
Do not disconnect the DB9 cable from the RS232 port yet. You will use it again to
turn the iTap Port Aggregator front panel display on and off.
16
Loading...